Protecting Deposition Materials at the Border

Government border agents conducted over 55,000 warrantless searches of cell phones and other electronic devices during the past year, according to recent federal reports.

The latest statistics reflect a 17 percent jump in electronic device searches from fiscal year 2024 (running from October 2023 to September 2024). Federal agents conducted roughly 47,000 such searches that year. Beginning in 2008, when the federal government’s program of suspicionless, warrantless searches of electronic devices at the U.S. border began, the number of electronic device searches has risen steadily for nearly two decades. Between 2008 and 2010, just 6,500 persons had their electronic devices searched along the U.S. border.

Assertions of privilege are no guarantee that a lawyer will be leaving a border encounter in possession of all his or her electronic devices.

Lawyers carrying client confidential information on their electronic devices are not spared this type of scrutiny.

Earlier this year, Dearborn, Mich., attorney Amir Makled was traveling home from an overseas family vacation when he was stopped by federal border agents at Detroit Metro Airport. According to the Detroit Free Press account of the incident, Makled was taken to an interrogation room and asked to turn over his cell phone. Makled refused, explaining that his phone contained client confidential information. The agents next asked for the text messages that Makled claimed were privileged. Again, he refused. Makled eventually agreed to show the agents his contact list, pointing out which individuals were clients. The attorney was released after 90 minutes, still in possession of his cell phone.

Makled’s experience, while statistically rare, should be a wake-up call for attorneys carrying digital devices across national borders. Professional ethics demand that lawyers take reasonable precautions to minimize – or eliminate entirely – the likelihood that client confidential information will be exposed to government officials or unauthorized third parties. When crossing a border to conduct or defend depositions, lawyers must be aware that deposition preparation materials, written outlines, and post-deposition impressions stored on a cell phone or laptop computer are all at risk.

Border Privacy Protections for Digital Devices Are Unclear

The law governing border searches is unsettled. The Fourth Amendment prohibits unreasonable searches and seizures, which traditionally has required law enforcement officers to obtain a search warrant supported by grounds to suspect that the person or place in question will yield evidence of a crime. However, there are many exceptions to the warrant requirement. One of them is the “border search exception,” which permits law enforcement agents to conduct “routine” border searches and seizures without a warrant and without any reason to believe that the traveler has committed a crime. The U.S. Supreme Court has not yet addressed the constitutionality of warrantless searches of digital devices at the border.

The federal government claims the authority to search all electronic devices at the border, whether belonging to citizens or non-citizens, regardless of whether agents have any reason to believe there is evidence of crime on the device. Lawyers may refuse to consent to a search, though in that case border agents may very well simply seize the devices and turn them over to forensic search specialists who will likely download the entire contents of the device at search through it at their leisure. Under CDP DIRECTIVE NO. 3340-049A, Border Search of Electronic Devices (Jan. 14, 2018), border agents are not required to return seized devices before the owner leaves the airport.

It may help if the lawyer explains to border agents that a particular device contains confidential information or information protected by attorney-client privilege, as Makled did, but then again, it may not. Assertions of privilege are no guarantee that a lawyer will be leaving a border encounter in possession of all his or her electronic devices.

Two ethical duties should be considered whenever lawyers are traveling with client confidential information on their electronic devices. The first duty is found in American Bar Association Model Rule of Professional Conduct 1.6 (Confidentiality of Information). Rule 1.6(c) obliges lawyers to “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”

The second ethical duty is the so-called “duty of technology competence,” found in ABA Model Rule of Professional Conduct 1.1 (Competence), Comment 8. In this context, the duty of technology competence likely obliges a lawyer to understand the extent that client information is present on the lawyer’s digital devices and the many ways that client confidentiality can be compromised, either by bad actors or law enforcement agents.

An attorney who chooses to travel with unencrypted or unnecessary client information across an international border — a risky environment that predictably weakens protections against searches and seizures of electronic devices — may very well be engaging in conduct that falls below these two professional ethics standards.

ABA Formal Opinion 477R: Securing communication of protected client information explains the ethical dimensions of the lawyer’s duty to take reasonable efforts to safeguard client information in electronic communications. Per this guidance, strong protections like encryption may be necessary in high-risk situations.

To date, few state bar associations have released ethical guidance specifically on the topic of protecting client confidential information at the border. The New York City Bar Association tackled the topic in 2017, publishing An Attorney’s Ethical Duties Regarding U.S. Border Searches of Electronic Devices Containing Clients’ Confidential Information (Formal Opinion 2017-5). Up north, the Law Society of British Columbia summarized the perils of crossing into the United States with client information in Information for lawyers on border searches and electronic devices (April 17, 2025).

Reasonable, Practical Measures for Lawyers

The contours of what constitutes “reasonable” safeguards on client information depend, of course, on the client, the information, and the nature of the threat to client confidentiality. Generally speaking, reasonable measures at the border might include the following:

• Data minimization. Travel with a wiped, travel-only phone or laptop containing only what you need. Keep sensitive matter off local storage.
• Encryption. Enable full-disk encryption with long passphrases.
• Cloud storage. Prefer firm-controlled, domestic cloud with strong identity protections. Disable or remove cloud apps and caches before crossing.
• Protective measures. Keep devices on your person; disable Wifi and Bluetooth. Print out travel itineraries on paper, so you won’t need to consult digital devices when questioned by border agents.
• Pre-travel preparation. Conduct a pre-travel risk assessment; inventory what you carry; seek client instructions and consent about any data that may travel; label materials “Attorney-Client Privileged/Work Product.”
• At the border. Identify yourself as an attorney; assert privilege and request filter/taint procedures under CBP policy; if a device is seized, request a custody receipt and record officer names/badge numbers. Do not volunteer passwords; if you choose to unlock your devices, enter the passwords yourself.
• Post-travel. Change passwords; assess notification duties to clients.

Finally, lawyers should consider a remote deposition if the prospect of crossing an international border with client confidential information appears, after careful consideration, unnecessarily risky.  Over 70% of depositions are now being conducted remotely. They’re effective, efficient, and involve no risk whatsoever that border agents will be demanding any attorney’s cell phone before or after the deposition takes place.