LegisTrack
Back to all bills
HR 2604119th CongressIn Committee

Protecting Data at the Border Act

Introduced: Apr 2, 2025
Sponsor: Rep. Lieu, Ted [D-CA-36] (D-California)
View on Congress.gov
Standard Summary
Comprehensive overview in 1-2 paragraphs

The Protecting Data at the Border Act would change how U.S. border agencies handle the digital contents of electronic devices and online accounts from U.S. persons crossing the border. It would require that access to digital contents at the border generally occur only with a valid warrant based on probable cause, issued under the Federal Rules of Criminal Procedure. The bill also constrains how (and whether) border officers can obtain access credentials or online account information, limits entry delays, and sets strict rules on retention, use as evidence, and seizure of devices. It includes emergency exception provisions, requires informed written consent when consent is sought, mandates extensive recordkeeping and annual reporting by the Department of Homeland Security (DHS), and imposes privacy safeguards intended to protect U.S. persons’ digital privacy at the border. In short, the bill aims to tighten constitutional privacy protections at the border for digital data, increase transparency about border encounters involving digital data, and create oversight through audits and annual reporting. It preserves certain existing DHS authorities (like external inspections for weapons/contraband and FISA authorities), but conditions digital data access on warrants and formal procedures.

Key Points

  • 1Warrant requirement and limits on access
  • 2- Governmental entities may not access the digital contents of a U.S. person’s electronic equipment or online account at the border without a valid warrant supported by probable cause, issued using Federal Rules of Criminal Procedure.
  • 3- The act also prohibits denial of entry or exit based solely on a refusal to disclose credentials, access, or online account information, and caps any delay in entry/exit at 4 hours to determine whether consent or access will be provided.
  • 4Emergency and public-safety carve-outs
  • 5- Emergency access without a warrant is allowed if an officer reasonably determines an emergency exists (death/serious injury, national security threats, or organized crime concerns) and an application for a warrant is sought as soon as practicable (within 7 days).
  • 6- If the warrant is denied or access occurs without a warrant under emergency authority, copies must be destroyed, information cannot be disclosed, and the individual must be notified.
  • 7- Public safety access without a warrant is also allowed when necessary to provide emergency services, and is unrelated to an investigation.
  • 8Informed consent and written consent
  • 9- Before requesting access to digital contents, credential disclosure, or online account information, border officers must give written notice in a language understood by the person. The notice explains that access/consent cannot be compelled without a valid warrant and that entry may not be denied for refusing to disclose credentials or access.
  • 10- Written consent is required for access, credential disclosure, or online account information, and must specify what is being consented to.
  • 11Retention, copying, and unlawful access
  • 12- Lawful access under this act allows no copying or retention of digital contents or derived information unless there is probable cause of crime.
  • 13- If access is obtained unlawfully, all copies must be destroyed, information cannot be shared with other government entities, and the person must be notified of destruction.
  • 14Seizure and consent limitations
  • 15- Seizure of electronic equipment at the border is limited to cases where there is probable cause that the device contains information relevant to a felony.
  • 16Recordkeeping and data collection
  • 17- DHS must maintain records of each border-access event, including reason for access, the individual’s nationality and immigration status, the nature of access, consent details, whether devices were seized, and whether data was shared with others.
  • 18- The act requires aggregate data on U.S. persons accessed, including their country of departure before arriving at the U.S., and aggregate data on non-U.S. persons accessed.
  • 19Use of data as evidence
  • 20- Any digital contents or online account information obtained in violation of this act may not be used as evidence in any proceeding, to the maximum extent practicable.
  • 21Audits and reporting
  • 22- Each March, DHS must publish a public report detailing: warrant-based and emergency access events, consent requests and outcomes, written-consent cases, requests to disclose access credentials, use of access credentials, non-compliant accesses, and data on access of non-U.S. individuals, plus aggregate race/ethnicity data.
  • 23- The report also includes contextual aggregate data about where individuals departed from before arriving at the U.S.
  • 24Limits on seizure
  • 25- In general, a border agent may not seize equipment without probable cause to believe it contains evidence of a felony.
  • 26Savings provisions
  • 27- The act preserves the ability to inspect external physical components of devices for weapons/contraband and maintains FISA authorities.
  • 28Definitions
  • 29- Key terms defined, including: access credential, border, digital contents, electronic equipment, online account, online account information, remote computing service, electronic communication service, and “United States person” (as defined by FISA).

Impact Areas

Primary group/area affected- United States persons crossing the border: the bill provides enhanced Fourth Amendment-style protections for their digital data, requiring warrants and limiting retention and use of data.Secondary group/area affected- Border security agencies (e.g., DHS, CBP): would implement warrant-based procedures, consent processes, and reporting requirements; potential changes to training, workflow, and resource needs to handle warrants, notices, and recordkeeping.Additional impacts- Online service providers and digital platforms: consent mechanisms and potential requests for online account information could affect how they respond to border-related data requests.- Civil liberties and privacy advocates: the bill strengthens privacy protections at the border and introduces transparency measures (annual audits, race/ethnicity data) that may influence oversight and public trust.- Immigration and administrative proceedings: stricter rules on using digital data as evidence and on seizure could affect immigration enforcement and related processes.- International travelers and non-U.S. persons: the provisions governing access for non-U.S. persons, plus the collection of aggregate data on non-U.S. individuals, could alter border interaction dynamics and reporting.
Generated by gpt-5-nano on Nov 18, 2025