May 2021 Legal Report
Print Issue: May/June 2021
Privacy. A U.S. appeals court found that Customs and Border Protection (CBP) agents may perform warrantless searches of digital devices, such as cell phones, at the U.S. border.
In its ruling, the court determined that CBP agents’ actions did not violate the constitutional rights (specifically the First and Fourth Amendments) of 10 U.S. citizens and one permanent resident when the officers confiscated and searched their phones and other electronic devices at the U.S. border.
Reversing a ruling by a lower court, the appeals court decided that basic searches of electronic devices at the border do not require reasonable suspicion of a crime or that the device contains contraband or information about crimes.
“We also hold the district court erroneously narrowed the scope of permissible searches of such equipment at the border,” the appeals court wrote.
Along with supporting the device searches—which fell in line with internal policies for the U.S. Department of Homeland Security (DHS)—the court also found that border agents may conduct some other searches, even when they lack reasonable suspicion. Border agents may search electronic devices for evidence of contraband or other crimes, and they may keep the electronic device after the person crosses the border. (Alasaad v. Wolf, U.S. Court of Appeals for the First Circuit, No. 20-01081, 2021)
Sexual assault. After pleading guilty to false imprisonment and unlawful detainment of a woman at Los Angeles International Airport, a former Transportation Security Administration (TSA) officer was sentenced to a 60-day prison term.
In June 2019, Johnathon Lomeli told the woman, who was trying to pass through an airport security checkpoint, that he needed to take her to a private room for a secondary screening to look inside her bra and down her pants to ensure she was not hiding anything. While in an elevator en route to the private room, Lomeli ordered the woman to show him her breasts, which she did.
Lomeli was arrested almost seven months later and resigned that same day.
As part of his sentencing deal, Lomeli is required to complete 52 classes for dealing with sexual compulsion, two years of felony probation, and pay the woman an undisclosed restitution fee. He has also been barred from future employment as a security guard. (People of the State of California v. Johnathon Lomeli, Superior Court of the State of California, No. BA484078, 2021)
Bribery. As part of the U.S. Department of Justice’s (DOJ) investigation into an Ecuadorian oil company, commonly known as Petroecuador, a businessman living in Miami, Florida, was sentenced to less than two years in prison.
Armengol Alfonso Cevallos Dias, an Ecuadorian national, pled guilty to participating in a $4.4 million bribery and money laundering conspiracy and was sentenced to 35 months in prison.
Cevallos admitted to facilitating bribes to then-officials of state-owned and state-controlled oil company Empresa Pública de Hidrocarburos del Ecuador (Petroecuador), according to the DOJ. The bribes, which were laundered by Cevallos through U.S. shell companies and bank accounts, were paid by businesspersons and contractors in exchange for contracts from Petroecuador. (United States v. Cevallos Diaz, U.S. District Court of Southern District of Florida, No. 19-cr-20284, 2021)
Corruption. The United Kingdom’s Supreme Court found that the UK’s Serious Fraud Office (SFO) acted beyond its legal authority when it tried to compel a U.S. company to give up documents during an investigation into alleged bribery and corruption.
The ruling effectively limits the SFO’s powers in this investigation, despite its argument to the court that the crimes allegedly committed by KBR, Inc., an engineering and construction company, “often (have) an international dimension,” according to a court press release.
Instead, the court supported the argument that the SFO did not have sufficient jurisdiction to order KBR to provide documents held outside the UK, “because KBR, Inc., is not a UK company, and has never had a registered office or carried on business in the UK,” the court said. (R (on the application of KBR, Inc) v. Director of the Serious Fraud Office, The Supreme Court, No. UKSC 2018/0215, 2021)
Privacy. Virginia Governor Ralph Northam signed a broad consumer privacy bill into law, which will provide residents of the commonwealth with greater rights to the data collected on them by businesses.
Like the California Consumer Privacy Act, Virginia’s Consumer Data Protection Act grants residents the right to access, edit, and ask companies to delete their personal or sensitive data, including race, ethnicity, religious affiliations, health diagnoses, sexual orientation, or citizenship or immigration standings.
The law, which becomes effective 1 January 2023, also allows Virginia residents to opt out of data collection and having their data sold. In addition, businesses are required to obtain permission before gathering certain information on users, including race, ethnicity, genetic information, or a physical location.
Surveillance. Part of a proposed French “global security bill,” which aims to protect law enforcement officers by banning the publication or sharing of their images or recordings, was revised by the Senate after concerns were raised about press freedoms.
The National Assembly passed Bill No. 504 in November 2020; that action was met with opposition, culminating in violent protests throughout France. Demonstrators demanded changes to Article 24 of the legislation, which criminalized sharing images or recordings of police officers—punishable by up to one year in prison and a €45,000 fine.
In March 2021, the French Senate rewrote Article 24 to allow publication of images but ban the identification of law enforcement or military personnel when the intent is to cause physical or psychological harm.
Other components of the bill expand law enforcement’s right to film people, including by using drones.
As of Security Management’s press time, the Senate had not approved the revisions. If the Senate passes the revised bill, it will progress to a committee of legislators from the Senate and National Assembly where it could be adopted without a second vote from the National Assembly.
Facial recognition. Everalbum, Inc., agreed to a settlement with the U.S. Federal Trade Commission (FTC) over allegations that it used facial recognition technology on users’ photos and videos without their consent. The agreement marks the first time the commission has issued an enforcement action against a facial recognition technology manufacturer.
The FTC said that Everalbum misled users about its photo storage application, Ever, when it told them the app would not use facial recognition on their photos and videos unless they consented. But this sometimes occurred “without affirmative express consent,” the FTC complaint said.
Notably, the company is said to have deceived U.S. users who lived in states without specific state legislation regarding the protection of personal data.
Everalbum did not admit to or deny any of the allegations. As part of the agreement, the company must “delete or destroy all photos and videos” it previously collected. The company is also required to delete and destroy photos and videos uploaded by users who deactivate their accounts in the future. Everalbum was also ordered to delete “any models or algorithms” that were created based on biometric information and other data collected from the app’s users’ photos, videos, and other files relating to the “physical or biological traits” of a person.
In a separate letter on the decision, FTC Commissioner Rohit Chopra wrote it was noteworthy because the commission had previously permitted other entities that violated data protection laws to delete data but keep “algorithms and technologies that derive much of their value from ill-gotten data. This is an important course correction.”
Chopra also pointed to a lack of a financial penalty in the settlement and recommended that the FTC not omit that in the future. (In the Matter of Everalbum, Inc., Federal Trade Commission, 2021, No. 1923172)
Harassment. In partnership with the Canadian government, the British Columbia Maritime Employers Association (BCMEA), the International Longshore and Warehouse Union (ILWU) Canada, and the Ending Violence Association of British Columbia (EVA BC) launched a new harassment and violence prevention training program for waterfront employees in British Columbia.
According to a press release from the Canadian government, the training aims to educate employees to create a safer and more respectful work environment, according to a press release. The program will stress support those most likely to be the target of workplace harassment and violence, such as LGBTQ+ communities.
The new program, which also emphasizes bystander education to support a cultural shift within the workplace, is a product of a $3.9 million fund from government agency Employment and Social Development Canada to the BCMEA.