US Customs & Border Protection Seeks Advanced AI Tools for Mass Device Data Analysis at Borders
U.S. authorities are preparing for a sweeping overhaul of digital forensic tools used during border inspections. The U.S. Customs and Border Protection (CBP) agency has officially announced its search for advanced technologies capable of analyzing data from seized phones, laptops, and other electronic devices, according to documents reviewed by WIRED.
As detailed in a federal notice, the agency seeks software solutions not only capable of extracting data but also of conducting deep, nuanced analysis. Among the specified capabilities are the detection of concealed linguistic patterns in text messages, identification of specific objects in video footage (such as a red bicycle), access to encrypted messaging apps, and the ability to discern patterns within massive datasets to support intelligence gathering. The initial version of this request was published on June 20, with an updated version appearing on July 1.
Since 2008, CBP has relied on tools developed by Israeli company Cellebrite for data extraction and analysis. However, the agency now intends to expand and modernize its digital forensics program. In 2024 alone, CBP officers conducted over 47,000 device inspections—significantly more than the 41,500 inspections recorded in 2023, and a sharp increase from the 8,500 devices examined in 2015.
The agency’s accelerated search for new contractors comes amid a rise in reports of detentions at U.S. borders. Witnesses say CBP officers are increasingly probing not only travelers’ itineraries and destinations but also their political beliefs. In a high-profile case from March, a Lebanese professor from Brown University’s medical school was deported after officials allegedly found material on her phone suggesting sympathies with former Hezbollah leader Hassan Nasrallah, who was killed in September 2024.
According to the CBP solicitation, the new contractor is expected to sign a contract in the third quarter of the 2026 fiscal year—between April and June. At present, the agency holds eight active contracts with Cellebrite, totaling over $1.3 million, which include licenses, hardware, and staff training. These contracts are set to expire between July 2025 and April 2026. CBP also acknowledges the use of other digital tools for data extraction, though their names remain undisclosed.
CBP declined to comment on the matter. Cellebrite spokesperson Victor Cooper stated that the company does not comment on active bid solicitations.
Official procurement documents mention that CBP currently pays for licenses to the Universal Forensic Extraction Device 4PC, which allows data analysis directly on a PC or laptop. Experts believe some contracts may pertain to the more advanced Investigative Digital Intelligence Platform—a comprehensive suite for processing device data.
Cellebrite’s products offer a wide array of capabilities, including automatic categorization of images by content (e.g., identifying objects, jewelry, handwritten notes, or documents), message filtering based on keywords related to obstruction of justice, family matters, or law enforcement, recovery of hidden photos, social graph mapping, and geolocation of message transmissions.
One example cited by the company involves the events of January 6, 2021, at the U.S. Capitol. According to The Washington Post, Cellebrite experts extracted over 12,000 pages of data, more than 2,600 pages from Facebook*, and approximately 800 photos and videos—all from a single suspect. Notably, all individuals implicated in the case reportedly received pardons from Donald Trump on his first day as President.
Cellebrite has found itself at the center of controversy before. In February, it unveiled an AI-powered tool capable of automatically summarizing message threads and audio files. In December of the previous year, Amnesty International accused Serbian police of using Cellebrite tools to extract data from a journalist’s phone and subsequently infect it with malware. In response, Cellebrite announced a restriction on product shipments to Serbia.
The company insists that it conducts rigorous vetting of potential clients, taking into account their human rights records and anti-corruption standards. Cellebrite emphasizes its commitment to freedom of speech and the press. The firm asserts that using its technologies to access the personal data of journalists, activists, or dissidents without legal basis constitutes a violation of its terms of use.
Legally, CBP officers are authorized to inspect the phones of anyone crossing the U.S. border without obtaining a warrant. While U.S. citizens may face temporary detention for refusing to provide a password, such refusal cannot be used as grounds to deny entry. Foreign nationals, however, may be denied entry outright for the same reason.
With a password, CBP officers may conduct a basic on-site inspection by scrolling through the device. If deemed necessary, the device may be seized for what is known as an advanced search—entailing full data extraction and forensic analysis using tools such as those provided by Cellebrite. Of the nearly 47,000 device inspections carried out in 2024, approximately 4,200 were advanced searches.
Devices held for advanced review are typically returned within a few days, though in “exceptional circumstances,” the retention period may extend to several weeks or even months. Extracted data may be shared with other agencies, including federal, state, and foreign law enforcement. Additionally, the information may be fed into the Automated Targeting System (ATS), where it can be stored for up to 15 years for threat assessment related to terrorism or criminal activity.
