I love all the instances where it says, we will not do this or infringe in this way... unless it is a matter of national security, which we don't have to disclose to you. So basically, do what you want as long as you write it up properly.
And this part: 5.3 Review and Handling of Passcode-Protected or Encrypted Information 5.3.1 Travelers are obligated to present electronic devices and the information contained therein in a condition that allows inspection of the device and its contents. If presented with an electronic device that is protected by a passcode, encryption, or other security mechanism, an officer may request the individual's assistance in presenting the electronic device and the information contained therein in a condition that allows inspection of the device and its contents. Passcodes or other means of access may be requested and maintained for the duration of the search if needed to facilitate the examination of an electronic device or information contained on an electronic device, including information on the device that is accessible through software applications present on the device that is being inspected or has been detained, seized, or retained in accordance with this Directive.
I had thought (and Supreme Court ruled) you could not be compelled to unlock an encrypted device, which is why I always powered mined down before crossing. That goes against the obligated to present devices in a condition that allows inspection portion.
Does that apply to non-citizens? If a CBP officer doesn't like you as a non-citizen, like your lack of cooperation during an interview, they could just deny your visa and your entry into the US. If you're a citizen, they can't deny your re-entry. They can delay you for however long and ruin your day and even keep your devices, but you get to go home.
Don't worry, they're working on ending birthright citizenship
The U.S. isn't China or the UK.
Spiteful border agents is not a new thing (I love the URL shortening).
>Does that apply to non-citizens? If a CBP officer doesn't like you as a non-citizen, like your lack of cooperation during an interview, they could just deny your visa and your entry into the US.
That's exactly what "you could not be compelled to unlock an encrypted device" means? You won't get sent to the gulag for refusing to, but entry into the US was always conditional with very little room for recourse if the border agent doesn't like you.
Not always.
They must admit you, but they can arrest you one second later
Yes, I know, they can theoretically do whatever they want, but realistically it would take the most spiteful of spiteful agents to arrest you without cause (just because you refused to unlock your device). Just the act of doing this would create a lot of extra work and paperwork for the agent that most of them are not going to want to deal with. Plus, asserting your rights is a sign to them that you aren't a pushover and aren't going to get trampled on easily. The bullies prefer easier targets, usually.
Not sure about today specifically, but it is pretty relevant with the World Cup starting in 2 weeks
The best time to plant a tree is 10 years ago. The second best time is today.
I have nothing to hide, but still no intention to provide my passcode.
There are consequences for not decrypting, though: for a U.S. citizen, they can seize your stuff for up to 5 days. For non-citizens, they can elect to not let you in.
Concerning "obligated", I would point out that regulations aren't laws. Governing bodies can say whatever they want, but that doesn't make it so. For instance, the TSA continues to publicly insist that ID (especially "Real" ID) is required to fly within the U.S., but it's not.
Explain, please, because you seem to be implying that someone can board a plane from New York to LA without being legally required to show any identification.
Yes, things have changed in that time with regard to the zealousness of the TSA, but the laws and regulations behind them have not.
That said, the whole thing is overreach in any democratic society.
Ideally we should be able to just snapshot everything and then restore from that state. Kind of like EC2 or Digital Ocean
Also they'll detain you for having a suspicious burner phone and interrogate you about your social media etc.
What I want is to get my home screen back exactly as I left it: I've not found anything able to pull it off on Android though.
Ideally it would be an exact flash image of the phone.
???
Are American made operating systems (Android, iOS, Windows, Mac) so full of 0days that the Chinese are burning them on random travelers? This just feels like either severe paranoia and/or chinese/american psyop, making people think that China has some magic hacking power.
You could make an argument about the security of the modem of your devices, as that was often a target due to it not being particularly secure and it having wide access to your device, but I believe that started changing some years ago when this started being a more widely reported issue.
So, yeah, savvy companies have had these policies for like twenty years now.
Protections at the U.S. border and within the U.S. are actually pretty good. Much of Europe isn't as good. Hell, the British will throw you in jail for refusing to unlock.
This also happens in many other countries
Source? Are we talking on random travelers, or targeted individuals? I seriously doubt china is doing the former, and I also seriously doubt the US doesn't engage in the latter.
I believe in politically sensitive areas like Xinjiang it happens to everyone. A past employer gave specific advice regarding Hong Kong as well.
I think the key thing as a traveller isn’t the righteousness of China vs. US. It’s the chilling effect on travel and trade.
We really depend on these devices that have access to vast scopes of personal and other data. That sexy text you got a year ago is still in your text message store and may be a problem in some places.
So long as only a few countries are doing this, it might seems doable. If everyone starts doing it, international travel becomes rather annoying to say the least. Realistically I think at some point a detente might want to be reached, with everyone agreeing not to search everyone else's electronics.
But "law enforcement" is specifically exempt?
https://en.wikipedia.org/wiki/General_Data_Protection_Regula...
Search by border officers may very well be GDPR breach for that controller if there was data of EU data subjects, but I don't think there is currently any case law around it.
Edit: the first directive apparently was from 2009: https://www.jdsupra.com/legalnews/new-policy-for-device-sear...
Your personal papers are perfectly safe and subject the fourth amendment protections in your rented apartment. But most digital materials are considered to have been shared with a third-party if you store them on Google Drive.
My feeling about this stuff personally is that the biggest issue is that stuff that happens in electronic devices is different in a modern sense than what anyone intended in the past. If you could figure out a way to make my personal property as it exists on a foam or another device, the same as the personal property that’s in my desk at home or the trunk of my car then technology would be able to solve a lot of these problems. I think the custom thing is a more nuance conversation. I don’t understand the theory of it enough, but intuitively it seems ridiculous that a CBP officer has the ability to legally go through 30 years of my pictures in my Apple album because I happen to be crossing a border.
5.3.2 "Passcodes or other means of access may not be utilized to access information that is only stored remotely."
One easier way to do that is to use a Chromebook Public Session with a VPN, then connect to SaaS or a hosted desktop in your jurisdiction.
Except for the parts that say "we get to be even more invasive for 'national security concerns'" and that they can compel you to provide a password, this doc seems mostly reasonable if you accept that they can search you. Then again, it's not clear _why_ they should be able to search your devices. There are no foreign pests nor WMDs that exist as documents on a device. This is clearly just the government being nosy because they think they can.
CBP partly justify the invasion of privacy by citing a supposed reduced expectation of privacy when traveling. But people whose data is caught up on the devices of others are not the ones traveling, but they are still having their messages read and photos copied.
EFF to 4th Circuit: Electronic Device Searches at the Border Require a Warrant
> 5.1.4 An officer may perform an advanced search of an electronic device only in instances in which there is reasonable suspicion of activity in violation of the laws enforced or administered by CBP or, in the absence of individualized reasonable suspicion when there is a national security concern.
In this climate, the qualifiers in 5.1.4 should be assumed to apply 100% of the time.
So, if you bring a device, be prepared to either unlock it and hand it over to be mirrored or abandon it and deal with whatever consequences fall out of that decision.
I'm probably never leaving this shithole again but, if I do, I'm coming and going empty-handed.
That basically encompasses two thirds of the population.
The last two years have demonstrated a radical need to curtail that range of authority and shift from it being vaguely specified to a concrete legislative specification.
Even ten miles seems (pardon the pun) borderline excessive. There is no reason CBP can't hand off stuff to local, county, state, or federal domestic law enforcement. We have no shortage whatsoever of law enforcement in this country and they're able to communicate inter-agency better than ever via cell phone, tools like slack/teams, text messages, email, and long distance digital radio systems.
Maybe in the 1950's when all they had were shitty radios given them that sort of range was appropriate. Not anymore.
There's a 100 air mile border definition that's material to immigration enforcement (with complicated limitations). It does not determine where searches under the border search exception can occur.
