As legal professionals prepare for the busy holiday travel season from November through early January, an alarming trend demands immediate attention. U.S. Customs and Border Protection (CBP) conducted a record-breaking 14,899 electronic device searches between April and June 2025—a 16.7% increase over the previous quarterly high. With nearly 15,000 devices examined in just three months, lawyers carrying client data face unprecedented risks to attorney-client privilege.

The timing coincides with significant TSA rule changes that fundamentally alter airport security protocols. Secretary Kristi Noem announced the elimination of shoe removal requirements at checkpoints, while implementing advanced facial recognition technology through TSA PreCheck Touchless ID at select airports. These changes represent the most substantial security overhaul since 9/11, creating new vulnerabilities for legal professionals.

Understanding the Current Threat Landscape

Border searches have escalated dramatically over the past decade. From 8,503 searches in 2015, the numbers jumped to 46,362 in fiscal year 2024. The latest data shows CBP conducting 13,824 basic searches and 1,075 advanced searches during the recent quarter. Basic searches involve manual inspection of device contents, while advanced searches employ forensic tools to extract comprehensive data repositories.

Legal professionals face particular vulnerability because electronic devices commonly contain materials protected by attorney-client privilege. The New York City Bar Association addressed this concern with its Formal Opinion 2017-5 directly, noting that attorneys carry confidential client communications, work product, and sensitive case materials on personal devices. When border agents request device access, lawyers must balance professional obligations with potential entry denial or device confiscation.

Professional Ethical Obligations

The American Bar Association has urged the Department of Homeland Security to establish policies protecting attorney-client privilege during border searches. However, current CBP policies permit extensive searching authority under the border search exception, which allows warrantless inspections within 100 miles of international borders. This doctrine significantly reduces Fourth Amendment protections for travelers, including U.S. citizens.

New York lawyers operating under Rule 1.6 must take reasonable steps to prevent unauthorized disclosure of confidential information. The reasonableness standard requires evaluating potential harm against disclosure likelihood. For attorneys whose practice involves government agencies as opposing parties, heightened precautions become necessary.

Practical Protection Strategies

Modern legal practice demands strategic preparation for international travel. Attorneys should evaluate necessity before carrying confidential information across borders. Essential data should remain minimal—only materials professionally required for specific travel purposes. Cloud-based storage offers significant protection since CBP cannot access remotely stored information during searches.

Encryption provides another critical layer of defense. Strong passwords and disabled biometric authentication prevent immediate access. Restarting your device before reaching the border forces manual password entry rather than biometric unlocking, effectively blocking access for those without proper credentials. For maximum protection, consider using alphanumeric passwords of at least 12 characters combining uppercase letters, numbers, and special symbols. Some firms implement clean device policies, providing employees with minimal-data devices for international travel. Virtual private networks (VPN) and secure remote access solutions allow attorneys to retrieve necessary information without local storage. Additional protective measures include enabling two-factor authentication on cloud accounts, using encrypted messaging applications like Signal for client communications, and implementing remote wipe capabilities for lost or confiscated devices.

Technology considerations extend beyond individual devices. The implementation of CT scanners at major airports enables enhanced screening capabilities, while new facial recognition systems create biometric templates for identity verification. These advances improve security efficiency but raise additional privacy concerns for legal professionals handling sensitive cases involving government oversight, immigration matters, or politically sensitive litigation where client anonymity becomes paramount.

Legal authorities have issued specific guidance regarding these new biometric screening protocols. The Privacy and Civil Liberties Oversight Board recommends that TSA's facial recognition program remain voluntary for all passengers, while twelve bipartisan U.S. Senators have called for comprehensive oversight of the technology's expansion. Privacy and digital rights experts advise attorneys to exercise their right to opt out of facial recognition screening by politely requesting alternative identity verification procedures, especially when handling sensitive or high-risk matters. According to the TSA's own policies, travelers can decline biometric scanning without penalty or additional scrutiny. However, studies show that 99% of travelers are not verbally informed of this option by TSA agents, making proactive assertion of opt-out rights essential. The American Bar Association and bar associations recommend attorneys stay informed about biometric screening procedures and safeguard client confidentiality during travel. For attorneys handling cases where government surveillance poses particular risks, consistently opting out of facial recognition becomes a professional obligation to protect client interests and maintain confidentiality.

Preparing for Holiday Travel Season

The holiday travel period presents unique challenges. TSA expects record-breaking passenger volumes during Thanksgiving week, with peak travel days including November 26-27 and December 1. Christmas travel intensifies December 20-22 and December 26. New Year's travel typically peaks December 29 and January 2-3. These high-volume periods increase security scrutiny and delay risks.

Attorneys should develop comprehensive travel protocols before departure. Essential preparations include identifying devices containing client data, securing informed consent for potential disclosure, and establishing communication protocols with firm leadership. Bar identification cards help verify professional status during searches. Legal counsel should remain accessible for consultation during border encounters.

Response Protocols During Searches

When facing device searches, attorneys should immediately identify themselves as legal professionals and notify agents about privileged content. CBP policies require consultation with agency counsel before searching devices containing claimed privileged materials. (See 5.2.1.2) However, this protection offers limited practical value since determination processes remain unclear.

Professional obligations continue during border encounters. Attorneys must object to searches on privilege grounds while understanding that resistance may result in device confiscation or entry complications. U.S. citizens cannot be denied entry, but devices may face extended detention for forensic examination. Non-citizens risk entry denial entirely.

Post-Search Obligations

Following any disclosure of confidential information, attorneys must promptly notify affected clients pursuant to professional responsibility rules. Documentation requirements include recording disclosed materials, identifying involved personnel, and implementing remedial measures. Firms should establish incident response protocols addressing client notification, privilege assertions, and regulatory compliance.

Final Thoughts: Looking Forward

The legal profession must adapt to evolving security landscapes while maintaining ethical obligations. Holiday travel season presents heightened risks due to increased passenger volumes and enhanced scrutiny. Legal professionals should prioritize preparation, implement robust data protection protocols, and maintain clear communication with clients about potential disclosure risks.

As border search authority continues expanding and technology enables more intrusive examinations, the legal profession must advocate for meaningful protections while developing practical compliance strategies. The intersection of national security concerns and professional obligations requires ongoing attention from bar associations, legal practitioners, and policymakers.

The stakes are clear: protecting client confidentiality while navigating modern travel security demands requires preparation, awareness, and strategic planning. As lawyers prepare for holiday travel, implementing comprehensive digital security protocols becomes not just prudent practice, but professional obligation.

MTC