On June 23, 2016, United States Customs and Border Protection (“CBP”), the agency under the U.S. Department of Homeland Security (“DHS”) responsible for inspecting admitting foreign travelers to the U.S., published a 60-day Notice and Request for Comments announcing that it plans to begin asking certain visitors to the U.S. about their social media identities and the platforms they use.  The proposed change will affect those travelling to the U.S. under the Visa Waiver Program (also known as “ESTA”).  The Visa Waiver Program was created in 1986 and allows citizens of certain trusted countries to visit the U.S. for up to 90 days for business and pleasure without having to first obtain a visitor’s visa from a U.S. embassy abroad.  The U.S. currently has reciprocal agreements with 38 countries that also allow U.S. citizens to visit those countries without having to first obtain visas.         

In the past, travelers from Visa Waiver countries were able to simply purchase airline tickets and travel to the U.S. without pre-screening prior to arrival.  Since 9/11, and specifically in response to the recommendations of the 9/11 Commission Act of 2007, DHS has been working to make the Visa Waiver Program more secure.  In 2009, DHS/CBP implemented a new electronic pre-screening system, the Electronic Travel System for Travel Authorization (“ESTA”), that all Visa Waiver visitors must now use before travelling to the U.S. (https://esta.cbp.dhs.gov/esta/).  ESTA requires travelers to enter basic biographic and travel information and obtain an approval from the system prior to travelling to the U.S.

On December 18, 2015, President Obama signed into law the Visa Waiver Program Improvement and Terrorist Travel Prevention Act of 2015 as part of the Consolidated Appropriations Act of 2016.  To meet the requirements of this new Act, DHS added new questions to the ESTA application and the Form I-94W receipt that is generated by the system.  ESTA applicants must now disclose which countries they have visited on or after March 1, 2011, which countries they are citizens or nationals of (if they hold dual or prior citizenship), which countries they hold passports for, as well as list any and all Global Entry Numbers.  Further, under the ACT, citizens of Visa Waiver countries who are (dual) citizen/nationals of Iraq, Syria, Iran or Sudan are barred from using the Visa Waiver Program as well as travelers who have visited Iraq, Syria, Iran or Sudan at any time on or after March 1, 2011 (with limited government/military exceptions).

Not satisfied with its current information gathering efforts, DHS/CBP now plans to add two new questions to the ESTA application related to the applicant’s use of social media.  According to the Notice, DHS/CBP will now add a question that asks ESTA applicants to disclose which social media platforms they use (e.g. Facebook, Twitter, Instagram), as well as their user identities/usernames.  At the outset, the questions will be optional, though DHS/CBP may later make them required.  Also, it is unclear how obvious it will be on the ESTA application that these questions are optional and voluntary. 

All information entered into ESTA for all applicants is run through security and criminal background check data bases maintained by DHS.  Applicants with criminal records, a history of past immigration violations, or other security red flags may be denied ESTA certification or may be granted ESTA approval, but flagged for further questioning by CBP upon their arrival in the U.S.  According to DHS/CBP, these two new questions will be used for vetting purposes, as well as “contact information” for the applicant.  According to the Notice, “collecting social media data will enhance the existing investigative process and provide DHS greater clarity and visibility to possible nefarious activity and connections by providing an additional tool set which analysts and investigators may use to better analyze and investigate” each applicant.   

  DHS/CBP use of social media to gather information to vet visitors to the U.S. is nothing new.  The agency’s Inspecting Officers have for years used Google and various social media to investigate individual travelers at U.S. ports of entry on a case-by-case basis.  There are countless foreign visitors who have been refused entry because of information on their Facebook page (e.g., listing a love interest in the U.S. suggesting an intention to immigrate) or Google (e.g. listing a business traveler’s name on the website of a U.S. company suggesting they might intend to work in the U.S. unlawfully).  However, DHS/CBP’s Notice represents a much broader and deeper effort mine travelers’ social media.  Presumably, would-be terrorists will not be disclosing their social media activities so the majority of the information gathered will relate to average citizens of countries with which the U.S. maintains very close relations.  According to the ESTA Privacy Impact Statement, the information that goes into the ESTA database is maintained indefinitely and widely shared with the intelligence and law enforcement communities within the U.S.  Even Waiver Program visitors with nothing to hide may still want to consider whether they wish to share their social media activities with the federal government.  On the other hand, if travelers choose to not disclose their online identities and activities, they should be prepared to answer additional questions from Inspecting Officers about why they chose not to volunteer this information.

Regardless of whether Visa Waiver visitors choose to disclose information about their online activities, they should never lie or mislead an immigration officer to gain entry to the U.S., as doing so is considered fraud and can result in a permanent bar from the U.S.  It is far better to be truthful and refused entry on a particular trip than to be ordered deported and permanently barred from ever entering the U.S. again.  Though if a Visa Waiver visitor is refused entry (e.g., due to the Inspecting Officer’s suspicion that they intend to immigrate or work without authorization), their Visa Waiver Program privileges are automatically and permanently revoked.  After that, they may only return to the U.S. if they successfully apply for and obtain a visitor or other visa from a U.S. consular post abroad.  In light of CBP’s plan to increasingly use social media to screen and vet Visa Waiver visitors to the U.S., travelers should check the information they have posted online and consider how it may be viewed (and used) by a U.S. inspecting Immigration Officer before travelling to the U.S.

CBP is inviting public feedback and anyone who wishes to comment on CBP’s information gathering plan may do so.  Comments should address: (a) Whether the collection of information is necessary for the proper performance of the functions of the agency, including whether the information shall have practical utility; (b) the accuracy of the agency’s estimates of the burden of the collection of information; (c) ways to enhance the quality, utility, and clarity of the information to be collected; (d) ways to minimize the burden, including the use of automated collection techniques or the use of other forms of information technology; and (e) the annual cost burden to respondents or record keepers from the collection of information (total capital/startup costs and operations and maintenance costs). Written comments may be mailed to U.S. Customs and Border Protection, Attn: Paperwork Reduction Act Officer, Regulations and Rulings, Office of Trade, 90 K Street NE., 10th Floor, Washington, DC 20229-1177.  Comments received will be summarized and included in the CBP request for OMB approval.  All comments will become a matter of public record.