Carrying Riley Across the Border: Why Digital Device Border Searches Demand a Suspicion Standard

The border has long occupied a structurally distinct space in American constitutional law, where otherwise settled doctrines bend to accommodate the sovereign’s interest in regulating entry. Within Fourth Amendment jurisprudence, that distinctiveness has taken the form of a categorical exception, wherein searches conducted at the border require neither a warrant nor individualized suspicion, provided they serve the regulatory aims that justify the exception itself [1]. Historically, categorical exception application took the form of inspection of physical goods in the search for contraband, a narrowly framed interest targeting a concrete object of enforcement [2]. Courts permitted these searches not only because they occurred at the threshold of national entry, but also because the objects of inspection—such as suitcases, packages, and containers—were thought to carry limited privacy expectations [3]. In this way, the border search exception has long been justified by its limits, rendering it a relatively non-controversial tool in the service of national security.

This structure begins to strain in its failure to meaningfully adapt to the rise of digital devices. Unlike a suitcase, a smartphone is not merely a physical object which reveals its contents upon opening, nor are those contents self-contained. While lower courts have attempted to extend the container analogy to cellular devices, thus allowing forensic searches of phones under the same authority that governs physical luggage [4], the United States still lacks consensus on how far jurisprudential bodies ought to apply such an exception at the national level [5]. The result is a mismatch between the categorical logic of the exception and the nature of the object to which it is now applied. In this essay, I argue that forensic searches of locally stored data on digital devices at the border ought to require reasonable suspicion because such searches compromise the doctrinal balance between public interest and private intrusion that underlies the border search exception.

Border search jurisprudence has consistently tethered the permissibility of warrantless inspection to the nature of the object being searched. In United States v. Ramsey (1977), the Court upheld the suspicionless opening of international mail because the search targeted physical parcels and was narrowly tailored to the interception of contraband [6]. Here, the legitimacy of the intrusion in question hinged on the characteristics of the item and the minimal expectation of privacy associated with the container. Similarly, in United States v. Flores-Montano (2004), the Court approved the suspicionless removal of a car’s gas tank at the border, reasoning that the search implicated “only property rights” and lacked any affront to “dignity and privacy interests” [7]. In both cases, the Court’s rationale emphasized that categorical authority stemmed not from geography alone, but from the specific attributes of the object searched.

Because the Fourth Amendment measures reasonableness according to context and not fixed location [8], it follows that the legal treatment of digital devices must reflect the functional reality of what such devices contain. The Supreme Court recognized precisely this point in Riley v. California (2014), where it concluded that cell phones are “not just another technological convenience” but what Chief Justice Roberts characterized as “a digital record of nearly every aspect of their owners’ lives” [9]. The Court further emphasized that digital devices are unique both “in quantity and quality” because they consolidate an immense range of information, such as photos, texts, call logs, location history, banking data, and medical records, all within a single portal [10]. It stands to reason that this functional difference, recognized at the highest level of Fourth Amendment jurisprudence, requires a corresponding shift in constitutional analysis; when the object of a search grants access to the most intimate dimensions of a person’s life, traditional categorical justifications must be reassessed.

While treating smartphones as analogous to suitcases misapplies a framework that was never intended to accommodate the breadth or sensitivity of digital content, lower courts have returned to aspects of the container approach to Fourth Amendment jurisprudence in the absence of a more cohesive doctrine recognizing the border search exception by name or functionality. In United States v. Touset (2018), the Eleventh Circuit upheld suspicionless forensic searches of electronic devices at the border, reasoning that such devices do not warrant categorical protection beyond what the border exception already permits [11]. Touset’s reasoning, I contend, fails to reconcile with the categorical shift introduced in Riley, wherein the Supreme Court rejected the container analogy on the basis that phones implicate far more extensive privacy interests than physical objects. Here, the Court’s reasoning clearly turned on the nature of the device and not the arrest context, implying that categorical exceptions intended for low-privacy objects cannot simply be digitally transposed without independent justification.

It is worth addressing, however briefly, the counterargument that digital devices fall within the border exception simply because they cross the border. This view, however, misapprehends how data is stored and accessed. The overwhelming majority of data accessible on a smartphone does not physically cross the border with the user; much of it is stored on the device itself, or reflects interactions with services used regardless of location. Thus, such data is, in practice, often indistinguishable from domestically generated content (e.g., smartphones retain residual evidence from cloud interactions) [12]. Even assuming arguendo that digital devices may be treated as containers for the purposes of border doctrine, the manner of the search still places forensic inspection outside the boundaries of what the Fourth Amendment tolerates without individualized justification. The Court has long drawn a distinction between “routine” and “non-routine” border searches, with the latter requiring some measure of suspicion. In United States v. Montoya de Hernandez (1985), for instance, the Court required reasonable suspicion to detain a traveler for sixteen hours and perform a medical examination to detect internally smuggled narcotics [13]. That principle of scaling, the idea that greater intrusions require greater justification, remains a foundational element of border search jurisprudence.

Still, one might argue that the sovereign’s authority to inspect property at the border ought not to depend on whether the data physically crossed the threshold, but rather on the object’s capacity to conceal evidence of customs violations. This functionalist rationale, however, lacks support in Fourth Amendment doctrine. The border exception has never authorized suspicionless searches based on speculative investigatory value alone. As legal scholar Margaret Hu explains, data-driven border screening programs “blur the constitutional distinction between administrative searches and law enforcement surveillance” by relying on “algorithmic risk scoring untethered from individualized suspicion or regulatory purpose” [14]. Moreover, unlike suitcases, which are plainly designed to transport items across jurisdictions, smartphones operate as persistent repositories of identity regardless of location. Fourth Amendment expert Paul Ohm, for example, observes that modern digital systems already “track, store, and share the words, movements, and even the thoughts” of users, rendering them powerful repositories of personal life [15]. To treat such devices as mere vessels of contraband is to knowingly minimize the constitutional stakes of their search.

The nature of forensic inspection demands more than nominal procedural oversight. While the government maintains that device searches further longstanding customs enforcement interests, courts have already begun to draw doctrinal lines around the methods used. In United States v. Cano (2019), the Ninth Circuit distinguished between manual and forensic searches, holding that the latter require reasonable suspicion because they constitute a “qualitatively different intrusion” [16]. Forensic tools such as Cellebrite or GrayKey do not merely reveal what is readily visible, going as far as to reconstruct deleted content, extract metadata, and generate a comprehensive behavioral profile from locally stored data [17]. Such searches depart not only from the scope of routine inspection but from the doctrinal logic that permits it. When the government uses forensic software to extract material untethered to border-specific risks, the search begins to resemble a general warrant, the very abuse the Fourth Amendment was written to prevent.

Nor is reasonable suspicion a considerable leap in logic. In Terry v. Ohio (1968), the Court upheld a brief stop and frisk when an officer observed conduct suggesting an imminent crime, establishing that limited intrusions may be justified by specific, articulable facts short of probable cause. Terry thus framed reasonable suspicion as the minimum evidentiary threshold necessary to ensure that any search is “justified at its inception” and proportionate to its purpose [18]. In this sense, the application of reasonable suspicion to forensic border searches preserves, rather than alters, the logic of the border search exception. It reconciles the government’s legitimate interest in security with the constitutional imperative that searches remain tied to an articulable basis. Recognizing a suspicion requirement therefore does not mark a departure from precedent but a reaffirmation of the constitutional equilibrium the Court has always maintained: that power must remain proportionate to intrusion, even—or especially—at the nation’s threshold.

The constitutional question posed by forensic searches of digital devices at the border is not simply whether an old exception can stretch to cover a new object, but whether Fourth Amendment doctrine can maintain its integrity as the nature of intrusion itself changes. This disconnect reveals a deeper tension in contemporary Fourth Amendment jurisprudence: the increasing mismatch between categorical frameworks built for the physical world and the structural realities of digital life. As smartphones are not incidental to modern existence and do, in fact, serve as repositories of identity, memory, and thought, treating them as routine objects of suspicionless search allows the border to become a site of constitutional exceptionalism precisely where restraint is most needed. Thus, the border search exception and its entanglement with rapid American technologization press on a broader doctrinal inflection point as courts continue to rely on spatial and categorical reasoning to evaluate privacy intrusions, even as the qualitative stakes of digital searches demand a more context-sensitive approach across doctrinal boundaries. That inflection point is sharpened by the increasingly politicized function of the border itself, a space where claims of national security and immigration control have long operated to justify constitutional compromise.

As the border becomes a staging ground for surveillance technologies and digital enforcement tools, it also becomes a proving ground for legal exceptions that are first tolerated at the margins and then imported into the interior. The risk is not only that digital privacy is diminished at the border, but that the constitutional logic used to justify that diminution will be normalized elsewhere, expanding the reach of state power under the guise of geographic necessity. The Fourth Amendment’s ability to constrain state power in the digital age depends on preventing narrow exceptions like the border search doctrine from expanding unchecked into default rules for digital searches. Now more than ever, the container standard must be clarified as it pertains to technology on the American perimeter: if constitutional doctrine is to keep pace with the realities of modern surveillance, then we have no choice but to carry Riley across the border.

Bibliography

[1] United States v. Ramsey, 431 U.S. 606, 616 (1977). “[S]earches made at the border... are reasonable simply by virtue of the fact that they occur at the border.”

[2] United States v. Flores-Montano, 541 U.S. 149, 152–53 (2004), upholding suspicionless gas tank inspection because it involved property, not dignity or privacy.

[3] Ibid. at 152, describing a gas tank as a “closed container” that carries limited privacy expectations.

[4] Thomas K. Clancy, The Role of Individualized Suspicion in Assessing the Reasonableness of Searches and Seizures, 25 U. Mem. L. Rev. 483, 545–47 (1995), distinguishing the regulatory nature of border searches from general law enforcement searches.

[5] United States v. Touset, 890 F.3d 1227, 1233–35 (11th Cir. 2018).

[6] United States v. Cano, 934 F.3d 1002, 1016 (9th Cir. 2019).

[7] Ramsey, 431 U.S. at 616.

[8] United States v. Montoya de Hernandez, 473 U.S. 531, 537 (1985). “The Fourth Amendment commands that searches and seizures be reasonable. What is reasonable depe nds upon all of the circumstances surrounding the search or seizure and the nature of the search or seizure itself.”

[9] Riley v. California, 573 U.S. 373, 393–97 (2014).

[10] Ibid. at 394. The Court furthers that, “[c]ell phones differ in both a quantitative and a qualitative sense from other objects that might be kept on an arrestee’s person. The term “cell phone” is itself misleading shorthand; many of these devices are in fact minicomputers that also happen to have the capacity to be used as a telephone. They could just as easily be called cameras, video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps, or newspapers.” Thus, just as officers may not enter a home in hopes of discovering incriminating evidence visible from within, they may not search through any part of a cell phone without justification, even if certain contents like call logs might seem less sensitive than, say, an individual browser history.

[11] Touset, 890 F.3d at 1233–35. See also Recent Case, United States v. Touset, 890 F.3d 1227 (11th Cir. 2018), 132 Harv. L. Rev. 1112, 1116 (2019), which claims that “[t]he Touset Panel correctly invoked two Founding-era customs statutes in support of its conclusion that border searches of property do not require suspicion.”

[12] Grispos, Glisson & Storer, Recovering Residual Forensic Data from Smartphone Interactions with Cloud Storage Providers, arXiv (2015). See also Grispos, Glisson & Storer, Using Smartphones as a Proxy for Forensic Evidence contained in Cloud Storage Services, arXiv (2013).

[13] Montoya de Hernandez, 473 U.S. at 540, wherein the Court introduces the distinction between routine and non-routine searches and, thus, the notion that greater intrusions at the border require greater justification.

[14] Margaret Hu, Big Data Blacklisting, 67 Fla. L. Rev. 1735, 1744–45 (2016).

[15] Paul Ohm, The Fourth Amendment in a World Without Privacy, 81 Miss. L.J. 1309, 1310 (2012).

[16] Cano, 934 F.3d 1002, 1020.

[17] Ibid. at 1011–12, describing forensic tools and data extraction capabilities.

[18] Terry v. Ohio, 392 U.S. 1, 20 (1968).