CBP’s Updated Device Search Policy Adds New Considerations for Business Travel

International business travel increasingly requires more than visa planning. Employers should also consider what digital information employees carry when entering or departing the United States.

U.S. Customs and Border Protection’s updated electronic device search policy, effective January 1, 2026, outlines how CBP may search phones, laptops, tablets, flash drives, SIM cards, smart watches, GPS devices, vehicle systems, and other devices containing digital information at U.S. ports of entry. The policy replaces CBP’s 2018 version and keeps much of the prior framework, while adding important changes that HR, legal, compliance, and global mobility teams should understand.

One of the most significant updates is the broader scope of activity that may support a device search. CBP’s earlier policy focused on issues such as terrorism, national security, smuggling, child exploitation, and commercial crimes. The updated policy adds areas such as firearms smuggling, restricted or classified information, export-controlled data, proprietary theft, digital contraband, and outbound intent analysis.

For employers, this matters because business travelers may carry sensitive company information, including client communications, intellectual property, trade secrets, privileged communications, technical data, or immigration-related documentation. Employees in technology, manufacturing, life sciences, engineering, research, and defense-adjacent industries may face particular risk if their devices contain materials that could raise questions at the border.

The updated policy also continues to distinguish between basic and advanced searches. A basic search generally involves reviewing information stored on the device and may be conducted without individualized suspicion. An advanced search involves connecting the device to external equipment to copy, analyze, or review its contents. Under the updated policy, CBP may conduct an advanced search based on a national security concern without reasonable suspicion, provided supervisory approval and documentation requirements are met.

The policy also addresses encrypted or passcode-protected devices. CBP may request a traveler’s assistance in accessing a device, and inaccessible devices may be detained while CBP determines how to proceed. The policy includes procedures for detention, retention of copied information, and handling sensitive materials, including privileged, medical, journalistic, and business-confidential information.

HR and global mobility teams should treat this as both an immigration compliance issue and a data security issue. Before international travel, employers should consider whether employees need to carry sensitive information on their devices, whether certain materials should remain accessible only through secure systems, and who employees should contact if a device is searched, copied, or detained.

Employers should also ensure foreign national employees have clear documentation supporting their visa category and purpose of travel. This is especially important for B-1 business visitors, employees attending meetings or training, executives carrying confidential materials, and workers returning to the United States after international travel.

CBP’s updated policy reinforces the need for proactive travel preparation. Clear internal guidance, coordinated legal support, and thoughtful data minimization can help reduce risk before employees reach the port of entry.

Connect with us.