Welcome to opt-out. A semi-regular column that will help you navigate online privacy and show you how to say no to surveillance. The final column covered what to do with the 23andMe account after the company filed bankruptcy. If you would like to skip to a section for specific tips, click on the “Jump to Jump” menu at the top of this article.
If you are a visa or green card holder who has plans to travel to the US, reports that people have been ousted at the airport for messages found on their devices may encourage you to make a second trip plan. You may ask Customs and Border Protection (CBP) if you can search for your phone, if you can opt out, and what to do to minimize the risk.
The simple answer is yes, CBP can search for devices. Constitutional protections are generally weak at US borders, including airports. You can try to opt out, but in some circumstances you may be willing to risk the potential consequences of not complying, which can include confiscation of your device.
Privacy experts say everyone needs to conduct a personal risk assessment. This should include immigration status, travel history and data on your mobile phone. Depending on your situation, data that may not be sensitive to others will not fit every solution into every solution. For example, if CBP attempts to search for a mobile phone or wants to lock down your device before heading to the airport, it could affect its rating.
Although CBP said it searched only about 47,000 devices of 420 million people crossing US borders in 2024, it was not as easy to figure out whether there is a risk of device searching, as the Guardian said border enforcement was unpredictable under the Trump administration. French officials said French scientists were recently kicked out at a Texas airport after immigration officers found texts critical of Trump on his phone.
“The ultra-conservative perspective is to assume that they are completely hinged and that even the most benign reasons for travel are targeting non-citizens in searching for these devices,” said Sophia Cope, a senior staff lawyer at the Electronic Frontier Foundation (EFF), a nonprofit digital rights group.
If you are a US citizen, you must be hospitalized in the country. That said, there are still some risks in some jurisdictions that devices are being searched for domestic reasons as CBP will allow them to work with the FBI or local police to proceed with domestic investigations.
There are steps you can take to make it difficult for CBP executives to access the device and its data. So, what should you do to protect your mobile phone data from searching? The main thing is to prepare before heading to the airport. This is what you should think about:
Determine whether to comply with phone searches
Before you travel, start preparing for the possibility of being drawn into a secondary screening. First, you need to determine whether immigration officers will comply with whether they ask if they can search for devices. They may request a password for your mobile phone, or you may unlock the device. Ideally, you will unlock your device yourself and will not share your password. You can decide not to give your consent, but it has its own risk.
From a Guide to the border From EFF: “This presents a no-win dilemma. If the traveler is compliant, the agent can scrutinize and copy sensitive digital information. If the traveler declines, the agent can seize the device and expose the traveler to additional questions and detention.”
If you reject a search, the officer may decide that you are not worth the trouble because you are not at high risk. They may let you go. However, on the back, the decline can lengthen the process or the border agent can confiscate the device. If they’ve confiscated your device, then you can confiscate your device so that they can document that they have your device when you try to get it back, and that they can document that they have your device when you try to get it back. Without giving up the password, immigrant staff can unlock it themselves using a variety of tools on their devices. You can also try to guess your password, so make sure you have a strong, long password.
There are many reasons why you might not want to risk being suppressed or confiscated from your device for longer than you have already done.
If you plan to adhere to phone searches to avoid further complications, you can search your phone manually or with forensic tools. It’s worth preparing for both types of searches.
Turn off your phone and ID before entering the US
EFF recommends turning off your device completely before entering the US. This could potentially bring your phone or laptop back to an enhanced security state, which could make it difficult for anyone to break the encryption on their devices.
Privacy advocates also recommend that you ensure that your device requires a password to decrypt or unlock it. For example, if you are using a Face ID or fingerprint to unlock your phone, it will allow executives to use it to access the device.
Please do not wipe the phone
You may think that the most protective option is to wipe your phone completely before traveling, use a burner without a phone, or travel. However, EFF’s COPE said it could actually raise doubts.
“If people do that, they’ll feel bad and they’ll just ignore them,” Coop said. “If you cross a border without data on your device, you can in itself consider it suspicious.”
Instead, we suggest selectively delete that information, rather than wiping the entire device, if there is data or text that appears to be cooperative but you don’t want to access, instead of wiping it all out.
After the newsletter promotion
Encrypt your data and use strong passwords
The most important step to take before you travel is to encrypt the data on your device. This is different from using encrypted messaging services such as signals. Device encryption makes it difficult for CBP executives to access files on their phones or laptops or recover deleted files, even if they confiscate their devices and submit to sophisticated forensic tools.
Fortunately, All recent models Full device encryption will automatically be turned on for both iPhones and most Android phones. On Android, the “Security” menu is[詳細設定]Double check that yours is turned on in the tab. As CBP cannot walk through the front door of the device, you need to choose a strong password that is not easy to guess. Here is Good primer How to create a strong password.
“This encryption is as good as the encryption passphrase someone uses on their devices,” said Bill Buddington, senior staff technician at EFF. “So the best advice is to choose a powerful 9-12 random (or 4-5 words) passphrase for your device and make sure that biometric unlocks like face ID and touch ID rotate. off You can confiscate any device when passing through sensitive areas such as checkpoints or anywhere else. ”
On the other hand, laptops don’t come with all device encryption. Some encryption tools can be used to encrypt your data. MacOS has a tool called FileVault that can be accessed by searching in the top right corner of the screen. Some Windows computers come with a tool called a bitlocker that can be used to encrypt devices. EFF has a complete list of tools that can be used on various operating systems here.
For those traveling with devices owned by their employer or someone else, you should have conversations with them before you travel to make sure your devices are well protected.
How to safely delete data
In addition to encrypting your device, you should not want to delete certain text, apps, photos, etc. that you think are sensitive or show it to government agents.
To safely delete this data, there are several steps and limitations. If you haven’t wiped your phone completely, you may choose to delete certain files as there may be suspicion. That more practical option may be effective for manual searches and rough searches, but may not be sufficient if more sophisticated searches occur with US immigrant personnel. The files may not be completely deleted, or there may be references to these files that are still on your device.
In addition to ensuring that your device is encrypted, you must also make sure you have deleted the files from the Trash. For example, in iMessage, clicking Filter in the top left corner will find the “Recently Deleted” folder. Make sure you cleared the text from there. On iPhone, there is one file It has been deleted Both the main Imessage interface and the “recently deleted” file are permanently deleted, according to the company.
Cope recommends preemptively deleting apps you don’t want to search for. This protection method is incomplete as advanced searches may reveal that the app is installed, but for example, in manual searches, it is a way to avoid searching for WhatsApp messages.
Go to the cloud storage server
During a search for law enforcement within US boundaries, cloud storage servers are less protected than devices. However, at the border, there is currently a policy in place that prohibits CBP from searching for online cloud services. In reality, that means that immigration officers need to go into plane mode before searching for their mobile phones.
“They specifically say that executives are only allowed to consider data that they are "resident on the device,"” Cope says. “It’s data that’s actually on your phone, laptop, or camera hard drive. If it’s an internet-connected device, you’re supposed to be disconnected from the internet.”
If for some reason there is data that cannot be permanently deleted or cannot be deleted, you can delete it from your device and save it to cloud storage such as iCloud, Google Drive, or Microsoft One Drive.
This is a high-level guide that may not touch on the details of your situation. A complete comprehensive guide on how to protect your device with Electronic Frontier Foundation.
Source: www.theguardian.com