Border force officers searched more than 40,000 devices, including phones, at the border in five years, new data reveals.
A freedom of information request by tech news site ITnews revealed officers had searched phones, computers and other devices at the border 41,410 times between 2017 and the end of 2021. That figure included 951 phones between May 2020 and the end of 2021.
Guardian Australia first reported the practice in January, where border force officers can examine people’s devices without a warrant when they visit or return to Australia through customs.
In practice, this has meant asking travelers to provide their passcode or password to devices so they can be examined.
In April, border force told the Senate there is no legal obligation for people to hand over their passcodes, but if a person refuses to comply with the request and a border force officer considers there to be “a risk to the border” then border force can seize the device for further examination.
There is no limit on time for how long the devices can be held for, but the agency said the policy is to keep devices for no longer than 14 days, unless it will take longer to examine the device.
Border force said a phone would only be seized where officers suspected it has “special forfeited goods” such as “illegal pornography, terrorism-related material and media that has been, or would be, refused classification”.
Guardian Australia has obtained a procedural instruction manual for device searches by border force officers under freedom of information which reveals the “powers are limited” to query the content of a device or request a passcode, and officers “must not suggest that people are compelled to respond”, if it is not within the powers.
To extract data from the phone for examination, officers will use a dedicated workstation in a separate room that has the tools required, including software to “scan files for the presence of skin tone of a person and key words of interest”. Border force said this was used for finding child exploitation material. ABF uses software provided by MSAB, Cellebrite and Grayshift.
The policy document reveals that the owner of the device must not be allowed to gain access to the device until an officer has completed the examination. That means mobile devices must be put into flight mode and have their SIM card removed, and laptops must have batteries removed if possible, rather than just shut down.
It also suggests that for Apple iPhones where the passcode is not known, officers consider holding any computer the owner has.
“It may be possible to examine a locked Apple mobile device using an associated computer however this examination must only be undertaken by Digital Forensics,” the document states.
The document is careful to state that officers have limited powers to copy anything from the devices, but that extracting the data from the device isn’t considered copying. However once any data is moved to a different storage device from that extraction, it is considered a copy. If the copy was made without identifying the reason why it is needed under the Customs Act, it would be considered unlawful.
Kieran Pender, a senior lawyer with the Human Rights Law Centre, said obtaining someone’s phone is “a particularly intrusive form of surveillance” and the lack of transparency around why it might be searched was “alarming”.
“The lack of safeguards is concerning; there are seemingly no policies or procedures in place to stop border authorities from searching a journalist or lawyer’s phone, despite this potentially being unlawful,” he said.
“There is also a high risk that individuals are being coerced to hand over passwords, despite border force lacking any power to compel this.
“Border Force must be more transparent around the use of these extraordinary powers and the law should be changed to embed robust safeguards and oversight. The Human Rights Law Center calls on the new Australian government to review this Border Force practice and ensure there are adequate safeguards in place.”