
What could happen if you refuse to unlock your phone at the US border? - nkurz
https://arstechnica.com/tech-policy/2017/02/what-could-happen-if-you-refuse-to-unlock-your-phone-at-the-us-border/
======
tptacek
Worth remembering: US citizens can play chicken with CBP and lose nothing more
than their computer/phone hardware (perhaps having it returned 6 months
later). But non-citizens, possibly including LPRs, cannot: if an alien
attempts to cross the border with a device they can't unlock "because they
don't have the corresponding 2FA token with them" (as one friend suggested
they do), they'll be detained, their devices confiscated, and then put on a
flight out of the country.

The current best practice for border crossings --- really anywhere in the
world --- is simply not to carry anything you're unwilling to unlock for
Customs.

This is going to get harder still. CBP will begin asking everyone for Facebook
logins. You'll think of 10 different ways to conceal your Facebook doings from
CBP, but CBP has advance traveler's manifests from flights and will know that
people have profiles --- and, sometimes, what was on those profiles.

~~~
jacquesm
> The current best practice for border crossings --- really anywhere in the
> world --- is simply not to carry anything you're unwilling to unlock for
> Customs.

Or, to simply stop traveling to countries that refuse to play nice with the
rights of foreigners. The whole idea that this sort of thing is even anywhere
near acceptable behavior revolts me.

~~~
adekok
> Or, to simply stop traveling to countries that refuse to play nice with the
> rights of foreigners.

s/foreigners/citizens/

i.e. _everyone_.

I'm a Canadian Citizen. When I enter Canada from abroad, they claim the same
rights as the US CBP.

[http://www.cbc.ca/news/canada/nova-scotia/alain-philippon-
cb...](http://www.cbc.ca/news/canada/nova-scotia/alain-philippon-cbsa-border-
cellphone-smartphone-search-1.3724264)

~~~
tptacek
I was detained and aggressively searched at the Canadian border
(Montana/Alberta, for about 2 hours) in 1997; not because they thought I was a
terrorist, but because they wanted to confirm that I wasn't coming to Canada
to work. Friends of mine were turned back at the Canadian border later that
same year. Canada has always claimed these rights.

~~~
anon2264
Tagential but is it not absolutely bizzare that at the US/Can border
relocating to work is seen as a deadly sin, while broader US policy has
brought so many immigrants into the country since JFK? Without saying either
side is right or wrong, US Gov policy wholistically appears schizophrenic

~~~
klipt
If you're on a _work_ visa then you're being upfront about planning to work
and have the appropriate visa for it.

If you enter on a tourist visa (or visa waiver, whose conditions are usually
the same as tourist visa) they want to be sure you aren't committing visa
fraud and planning to work. That's what causes the grilling.

~~~
anigbrowl
Yes, but why is that a big deal in the first place, vs. being offered a job
and paying a small administrative fee to adjust a visa? The siege mentality is
part of the problem.

------
danbruc
How is this not in violation of international law, especially the
International Covenant on Civil and Political Rights [1] article 17, which
would apply to US citizens as well as non-US citizens?

 _No one shall be subjected to arbitrary or unlawful interference with his
privacy, family, home or correspondence, nor to unlawful attacks on his honour
and reputation._

Maybe even article 9 if the law does not clearly establish what is allowable.

 _Everyone has the right to liberty and security of person. No one shall be
subjected to arbitrary arrest or detention. No one shall be deprived of his
liberty except on such grounds and in accordance with such procedure as are
established by law._

EDIT: Turns out the US did not really ratify this treaty. [2] So no human
rights in the US, or at least not all of them enforceable in court. There may
of course be similar rights from other laws or treaties.

[1]
[http://www.ohchr.org/EN/ProfessionalInterest/Pages/CCPR.aspx](http://www.ohchr.org/EN/ProfessionalInterest/Pages/CCPR.aspx)

[2]
[https://en.wikipedia.org/wiki/International_Covenant_on_Civi...](https://en.wikipedia.org/wiki/International_Covenant_on_Civil_and_Political_Rights#United_States)

~~~
refurb
No offense, but I don't put much weight on international law. In order for a
law to have impact, someone has to enforce it. Who will enforce international
laws? The UN?

~~~
deftturtle
Yes, any treaties or laws ratified by congress have the full legal weight as
any national law. They must be upheld by our nation; otherwise, it's
unconstitutional.

~~~
refurb
Yes, but then you're asking countries to police themselves. If following the
law is not in the countries best interest, they won't do it unless someone
else forces them to.

~~~
jaddood
I think the American mindset in regards to the law and the state itself,
especially that set forth by the founding fathers, is that the people are
those who make laws and enforce them, so this mindset asks for a revolt to the
state as a reply to such acts.

------
megous
Haha. Terrorism bla bla.

Anyone noticed that the first two example cases are actually political
activists being targeted.

\- the first is some Chelsea Manning advocate \- the second is some pot
legalization activist

There you have it for what actually are these rarely used rules used for.

~~~
Shivetya
I would not go that far. What is points out is that the database being used is
lumping all people of interest together regardless of their level of threat or
type. Lazy or nefarious, who knows. More than likely those who created the
system never would have guess how easily people would get on it.

------
biscuitsandbbq
This happened to me crossing into Canada and to be honest I really wasn't
expecting it. I had tons of very private pictures and messages on there
stretching back years. I really didn't want to turn over my password so that 3
border agents could look through all that stuff in some back room, but at the
same time I knew there wasn't anything illegal on there. Anyway, I was with my
partner and didn't want to ruin her vacation as well so we just turned over
our passwords (under threat of detention if we didn't).

In any case, if you find yourself in this unfortunate situation (you shouldn't
- you should travel with an empty phone when crossing the border, or at least
wipe it before crossing then do a restore over icloud later), here's something
you can do: Before going in (if you have an iphone), make sure you have a
strong alphanumeric passcode. Enable auto-wipe on 10 incorrect passcode
attempts. Then, turn the phone off. If CBP then asks to turn your phone on and
wants your password, appear eager to comply, but give them an incorrect one,
and when that doesn't work, admit that you had just changed it a few days ago
to something more secure and that you may have forgotten it, but don't worry,
you always just use the thumbprint to unlock the phone anyway and volunteer to
open it that way. Always appears helpful. The phone still won't unlock because
iphone requires passcode entry after restart. If they ask why you turned the
phone off, just say that's what you normally do when entering border control.
Unless you're under some kind of serious suspicion of some kind at this time,
they're unlikely to detain you for forgetting your phone password, and even if
so, it's locked with a strong passcode so there's no much they can do anyway.

~~~
ekiru
Recognizing when people are lying is an important part of CBP's job. They're
trained specifically to do it. It's unlikely that you're better at lying than
they are at noticing that you're lie. Lying to them will end poorly.

~~~
thaumasiotes
> Recognizing when people are lying is an important part of CBP's job. They're
> trained specifically to do it.

That's true. However, the evidence that people who are trained to recognize
lying do any better at it than random people off the street is -- putting
things mildly -- not strong.

If they notice you're lying, it will be because you contradicted something
they already knew or because you were bad at lying, not because they were
trained to recognize it.

------
tzs
What happens if you try to mail or ship a smartphone across the border, as
opposed to carry it with you when you are crossing the border? I'm wondering
if you could ship your regular phone ahead, and use a burner while you are
traveling.

If that works, that could be an interesting business opportunity. Set up a
series of phone exchange stations near major airports, where outgoing
travelers can swap their smartphone for a burner. You ship the smartphone to
your station near their destination, and when they arrive they can turn in the
burner and retrieve their smartphone.

You could also add in a temporary backup/restore service for laptops. A
traveller could bring their laptop to your station when they are preparing to
leave, and you do a backup of all user data and then delete it from the
laptop.

While they are in transit, you send the data to your exchange station nearest
their destination. When the traveller brings their laptop in, the user data
gets restored.

~~~
hughes
Creating a business with the purpose of circumventing border control is
unlikely to be appreciated or permitted by authorities in any country.

Probably better off just leaving your smartphone at home and buying a device
at your destination.

~~~
donald123
The purpose of the business will be transferring people's digital devices
securely, NOT circumventing border control.

But I think any company does this as their main business would get on the
CBP's hot list.

------
civilrightsyep
These discussions tend to focus on all the inane ways to subvert the border
guards.

The real question we should be asking is how to make this a big enough issue
that it gets mainstream attention and action.

We shouldn't try to figure out how to continue down the fascist path but how
to change it's direction.

~~~
MaxfordAndSons
I agree that fighting fascism is a bigger overall concern, but I think there's
a time for these practical concerns as well. Especially given that it most
affects non-US citizens, who may or may not be able to have an impact on the
larger issue.

------
turc1656
This practice should be banned on the premise that any digital data that could
enter the country physically on that device could just as easily cross the
border and enter on any internet connection. Searching the device does nothing
to prevent anything from entering the country, which is the primary role of
the CBP agents - to control the flow of people and physical items. Not data.

If the CBP then claims that it's a useful tool/practice because they can
identify bad people who shouldn't be allowed in, they should be asked to
provide stats on how many people were denied entrance after their devices were
checked. My guess is that number is statistically meaningless, probably in the
<1% range for people who actually unlock a device.

One of the only exceptions I can think of is cases like this one:
[http://cyb3rcrim3.blogspot.com/2016/04/the-laptop-child-
porn...](http://cyb3rcrim3.blogspot.com/2016/04/the-laptop-child-pornography-
and-border.html) where there is already a legitimate investigation going on
and a person is suspected of serious criminal activity and they don't have
enough for a warrant. In these cases, the CBP uses the rules regarding border
re-entry to their favor to compel a search of a device because they have at
least some sort of reasonable suspicion that a device may contain data for
which the mere possession of is highly illegal. Other than that, I'm hard-
pressed to think of any cases where the mere possession of data would be a
felony unless they suspect you of having classified information without the
appropriate clearance.

------
kutkloon7
Well, at 4444 times a year it doesn't seem _that_ rare of an occurrence.

But, hey, what's new? The US has imprisoned innocent people, and tortured them
multiple times a day for years and years. This is public information, and no
one gives a shit. The US government really doesn't care about anyone who is
not a US citizen. (And sadly, western countries mostly just let the US do
whatever they want)

A women is being locked up for 8 years because she checked the wrong box on
her voting form, and it is pretty common that unarmed black people get shot by
cops without serious consequences.

I understand that people are upset about the possibility of having to unlock
their phones, but there are far more serious indications that the US is not
the great country it wants be. A lot of common sense and decency it missing in
the US - and not just in the Trump administration.

------
bogomipz
>"Ars spoke with several legal experts, and contacted CBP itself (which did
not provide anything beyond previously-published policies)."

In other words the CBP were completely unhelpful and simply referred them to
published legalese online rather than clarifying that legalese. It really
feels like the culture of DHS and CBP views the people they are supposed to
serving as adversaries.

------
jdalgetty
I don't understand America's fascination with snooping through peoples shit.

~~~
turc1656
Neither do most Americans. It's the authoritarians in charge of this shit show
that have the fascination.

~~~
kraftz
But why people let them do it?

~~~
shostack
Because our political system has been taken over by entrenched authoritarian
conservatives who have rigged the game such that it is very hard to remove
them.

That combined with the fact that the majority of Americans are struggling
these days financially, and you have a situation where people care, but they
care more about putting food on their table for their family and keeping a
roof over their heads, so that stays at the top of their priority list and
they don't have time to be active enough to do something about this.

------
pyrale
The simple way to avoid this for me, is to skip avoidable US trips for now. I
would have loved to attend strangeloop, but I will wait for better
opportunities.

If my work requires me to travel there, I will simply ask to have electronic
material provided in the US, and download whatever tools I need once inside
the US.

I would advise anyone traveling to have versioned working tools stored online
anyhow.

------
crispyambulance
If some CBP knuckle-dragger wants me to unlock my phone so he can browse
through it looking for whatever as I stand there watching while asking me
insipid questions, that's not a huge deal.

The real problem here is downloading of data from the phone. Once that data is
off-loaded, the government can make it a part of their "Seven-degrees-of-
Kevin-Bacon-Osama-Bin-Laden edition" game, stored forever, perpetually looking
for "connections" no matter how remote. That's a scary and slippery slope to
surveillance state hell. I don't think such practices are commonplace, not
yet?

Has anyone here ever been in a situation where the CBP confiscated their
phone/laptop or downloaded data electronically from it?

~~~
biscuitsandbbq
I was crossing into Canada and 3 agents demanded my phone and password (as
well as my SO) under threat of detention. They took the phones in the back for
45 minutes before they came out. Asked questions about a conversation I had
about marijuana with a friend months ago, basically accusing me of being a
drug dealer when even in the most wild reading of that conversation, that
cannot possibly be the case. Anyway, who knows what happened in that 45
minutes, probably our data is still sitting deep in some Canadian government
server somewhere.

~~~
ashark
Cheap Android phone. Temporary, cheap SIM (or none—you can get one where
you're going) with a different number from your real one. Only way to go.
Bonus that it's 100% reasonable to do this because you don't want to risk
having your main phone stolen/lost, too, so it's not even a weird (suspicious)
thing to do.

~~~
emptybits
Eventually, this might be seen as non-suspicious. Maybe. I hope so. It's quite
prudent.

BUT for now it's also something only a very, very small percentage of the
population would _consider_ doing and then actually _do_. Border agents would
know this, empirically. So if you're doing something that's highly unusual for
the general population then you are, unfortunately, doing something weird and
suspicious.

TL;DR: it doesn't matter that it's reasonable; it's still fringe and, sadly
therefore, suspicious

------
z5h
I don't know any of my passwords except for my password manager. If I leave my
password DB at home, and mail a physical copy to my destination, what can
happen? I'll be absolutely unable to access any account.

~~~
bflesch
Then you shouldn't expect to be let into any country. Take the flight back and
return when you can actually unlock your phone.

~~~
z5h
This might actually be the preferred choice for some people who wish to
attempt travel, but are unwilling to sacrifice personal private.

~~~
bflesch
And? The target country doesn't lose anything through this if some entitled
internet privacy advocates without big business stop travelling to it.
Everyone who is serious about coming actually handles immigration/border tax
like an adult.

Nobody cares about your private life unless you are trying to affect others
negatively.

~~~
z5h
Wrong: The target country loses money.

Wrong: Everyone who is serious about travelling can make their own choices
about tradeoffs. That's what being an adult is all about.

Correction: "Nobody cares about your private life unless you are trying to
affect others negatively, __OR __if they can use that information for personal
gains, even if at a loss to you. "

I'm done fixing your mistakes. Cheers.

~~~
bflesch
"some people who wish to attempt travel, but are unwilling to sacrifice
personal private."

If people value their privacy higher than the economic benefit from their
travels, the economic impact of them not proceeding is most likely minimal.

The state and its agents don't use information for personal gains, their job
and passion concerns society as a whole, and they want to make sure that no
bad guys come in.

------
nyxtom
Worth noting that the DHS has the authority to take your device, copy the
contents, and share any information they found on a case-by-case basis. It
seems likely that the standard practice will be to simply copy the content
wholesale and use it for importing into a system for analysis/flagging/later
sharing and completing the network identity. Effectively, handing over your
phone completes the picture in terms of network analysis. They have your
facial/physical identity, all your communications, your photos,
downloads...etc. This seems to also apply to laptops as well and it's likely
that they can also just copy all that over as well without discretion. Make no
mistake, the authority is far-reaching and completely unchecked.

[https://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_cbp_...](https://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_cbp_laptop.pdf)

" While CBP Officers are responsible for the examination of electronic
devices, only Supervisors may authorize the copying of the contents of an
electronic device.54 Where an electronic device is to be detained or seized by
CBP, a CBP Supervisor must approve of the detention or seizure, and the CBP
Officer must provide a completed CF 6051D or S, respectively, to the
traveler.55 Where a traveler claims that the contents of the electronic device
contain attorney-client or other privileged material, the CBP Officer must
consult with the local Associate/Assistant Chief Counsel or United States
Attorney’s Office before conducting the examination.56 CBP Supervisors may
authorize the sharing of the traveler’s information for assistance or other
law enforcement purpose on a case-by-case basis "

~~~
nyxtom
This part is deeply troubling:

"ICE has various safeguards in place to protect electronic devices that are
detained or seized, or information from a device that is detained during a
border search.

ICE stores all electronic devices, or information thereof, in locked cabinets
and rooms and maintains a chain of custody using appropriate ICE forms and
systems.

If a copy of information is made from the electronic device to allow the
traveler to leave the port of entry with his device, the first copy is known
as the “gold copy.” The chain of custody stays with the original or gold copy
so that it may be used as evidence in court, if necessary. A new chain of
custody form is issued to follow any additional copy of the data that is made;
such forms are tracked by ICE Special Agents in the appropriate ICE systems.
By policy, ICE’s review of detained information is to be completed in a
reasonable time and, if the original device has been detained by ICE, the ICE
Special Agent must provide a chain of custody form to the traveler as a
receipt.

Special Agents must factor in the time necessary for any assistance that may
be required when determining “reasonable time.”

Once the border search is completed, the detained device will either be seized
or returned to the traveler and any copy of the data from the device will be
retained for law enforcement purposes and in accordance with the established
retention periods for any system of records in which it is stored or destroyed
"

------
dandare
What if I simply reset my Android phone to factory settings just before
exiting the plane? Can they force me to log in to my Android account in order
to get to my FB?

And what if my battery is dead or my phone stops working? Can they force me to
log in to their own Android phone?

What if I don't carry any phone at all, can they simply force me to log in to
an empty phone? (Assuming everyone has an Android or Apple phone or is going
to spend couple days in detention.)

~~~
KeytarHero
What if I have my phone set to wipe itself after 10 incorrect login attempts,
and I "accidentally" get my password wrong 10 times while trying to unlock it
for them?

~~~
infinite8s
Are you willing to be blacklisted from entering the US for 10 years and sent
back (assuming you aren't a US citizen). If you are, they might just detain
you a while.

------
mariocesar
Can you just send your phone or laptop through fedex, or some other post
service, and just don't travel with anything with a password.

Even better, do a cloud backup and wipe out your phone or laptop, and restore
a backup when you are out?

Or am I missing something?

------
askvictor
Are there any Android distributions that can boot to a different environment
depending on what code is entered at boot time? And said partitions are hidden
from each other (i.e. once booted, the other partition is impossible to
detect)? This was described in Cory Doctorow's "Little Brother" novel, and on
the face of it seems like a reasonable proposition - any major flaws in such a
plan?

------
intopieces
Is it worth it to clear those devices and restore from cloud backup after
crossing?

~~~
tptacek
I think so. But you want to do it in such a way that there's no "restore"
button you could push on your phone once you're compelled to log in to any
accounts that are clearly associated with the phone.

One way to do this would be to back your phone up, encrypt it, and stash the
file somewhere else, then scrub the phone _and back that up_ so that you
could, if under questioning by CBP, perform a plausible restore.

~~~
hollander
What if they ask you for your Google account(s)? Google is social media!
Google Plus!?

~~~
DashRattlesnake
Create a plausible decoy account. I've literally created dozens of gmail
accounts, for other purposes, might as well have one for this.

------
manishsharan
Maybe its for the best. This gives me a reason to buy a Nokia 3310 or its new
version [http://venturebeat.com/2017/02/13/hmd-global-will-launch-
the...](http://venturebeat.com/2017/02/13/hmd-global-will-launch-the-
nokia-3-5-and-6-at-mwc-plus-a-3310-homage/)

------
sandworm101
Ive got a trick. As a lawyer i keep a note on my laptop deacribing how it is
encrypted (linux, home dirctories + trucrypt archives for important stuff) and
that content is subject to attorney-client privacy rules. Ive been asked to
unlock several times. I say "sure thing, but ill need some sort of court order
so i dont get sued." Faced with a reasonable person willing to unlock, they
have never pushed the matter. For my phone, phones cannot be trusted. Dont do
anything you want to keep private on a phone. Buy a netbook.

I would suggest saying something like "sure thing, but i use this device to
talk to my lawyer and i should ask him first if it is ok." They wont want the
hassle of dealing with this perfectly reasonable request. (Don't fib. Have a
lawyer first. All you need to do is email one a couple times for that
statement to he true.)

~~~
mahyarm
Does that only work if your a US citizen? If your not then bye bye visa?

~~~
sandworm101
Canadian, so no visa req for visits. Special temp visa for lawyer work, issued
at boarder crossing. They dont get mad. The trick is to be reasonable. They
know it will be difficult to get an order/warrant to search a lawyer's
machine. Lawyer-client confidentiality is one of the few things that trumps
even terrorism.

~~~
mahyarm
Well, you have a status that could go away if the CBP officer gets grumpy. At
least you don't have a living in the USA to protect.

As a client although, is that ok? Also this guy worked for NASA, and knowing
many big corps that kind of policy would apply in some indirect way with work
devices. But it didn't seem to matter for him.

~~~
sandworm101
Nasa isnt a law firm. Lawyer communications are treated by different rules,
rules above things like classifications.

------
transfire
The idea that our constitutional rights end at the border is such a travesty,
contrary to everything our forefathers fought for, that alone is worthy of
renewed revolution.

~~~
interfixus
Happily, to counterbalance that, US jurisdiction is often assumed to cover the
farthest reaches of the planet.

~~~
tornadoboy55
That's patently false. Good luck enforcing US business law in Norway.

~~~
TallGuyShort
Funny - we seem to have no problem with drones killing an alarming number of
civilians with no declaration of war... I guess that's under patent law?

------
no1youknowz
One thing I have thought about. I have dozens of profiles which are just test
accounts for social media, to hook up to applications I've been building.

I've been thinking recently to just close all the accounts, including email.

This will leave me in a state where I have pretty much no social accounts,
just 1 email account which is used for friends/family.

Are there any cases of individuals giving up their phone and it being a
wasteland of information? I personally do not use facebook, google-plus,
twitter, linkedin or anything else. I literally do not have an opinion, nor do
I care to share it!

Edit: Do they also check when email accounts have been created? How could they
know, unless they checked in with the provider? I'm thinking of closing my
main account, requesting data be deleted and starting afresh!

~~~
drvdevd
I've wondered the same. What if you just opt out of 90% of everything? What
are the implications of _not_ using social media?

~~~
sverige
I don't have any social media accounts. Last year I crossed the border for the
first time in 20 years (to Canada and back) and wasn't asked for anything.

It might be the case that having no online presence reduces your chances of
being flagged. Fewer obvious associations, fewer chances for "Six Degrees of
Kevin Bacon" to occur, less chance of some algorithm picking you out of the
crowd.

There were some scare pieces a few years ago that somehow not having social
media accounts would make one suspect when going to apply for another job,
since background checks wouldn't reveal any online presence and that must mean
that you're socially defective somehow. It seems like it was probably just a
way to goad stragglers into adoption.

The upside of not using social media is better relationships and better mental
health.

------
ipsin
Are visitors being turned away because they can't provide passwords for social
media accounts? Using a local password safe (KeePass2, etc.) should be a great
excuse, but I'm not sure what happens next.

It bothers me that the US is providing a terrible example of how to treat
visitors.

~~~
finder83
This is my thought as well. I have a Facebook account, but have no idea what
the password is since it's generated...and without my phone/laptop, would have
no way to retrieve it.

------
yawz
The question I have in mind is "do they have the right to confiscate your
device or to disappear with it?". What if I told them "I'm going to unlock it,
but I'm the driver. Ask me all that you want to see, and I'll take you to that
app?".

~~~
ipsin
Accounts I've read of this, no you do not get to drive, at all.

They will take it into a back room, do things you won't get to see, and you
may get it back when they're done with you, or they may keep it (example:
[1]).

If you're a security researcher, or property paranoid, you can then dispose of
the device in some way, because you have no idea what they did to it, the
device firmware, baseband, etc. Probably nothing, right? But the time and
effort it'd take to vet it all is prohibitive.

[1] [https://www.cnet.com/news/researcher-detained-at-u-s-
border-...](https://www.cnet.com/news/researcher-detained-at-u-s-border-
questioned-about-wikileaks/)

~~~
mnw21cam
And do you get to claim compensation for the equipment that is now
untrustworthy and you therefore need to replace?

------
ed_blackburn
My wife and I have cancelled a proposed trip to NYC this summer. The States
just seems so dark, unwelcoming and aggressive that for a short break it
hardly seems worth it.

------
denzil_correa
> The short answer is: your device probably will be seized (or "detained" in
> CBP parlance), and you might be kept in physical detention—although no one
> seems to be sure exactly for how long.

This is a precarious situation to be in an I'm surprised if this does not
violate some provision of the law. Worse, there have been conflicting
judgments on similar cases [0, 1].

On a side note, can law itself be unbiased due to the nature of the cases
heard in courts? A situation X regarding certain law LX might be heard 1000
times and would be more clear in contrast to a situation Y concerning with law
LY as it went to court just 3 times. Can one computationally figure out laws
which are unclear based on the number of times they are references in court
judgments or some other similar parameters?

[0] [https://arstechnica.com/tech-policy/2013/12/judge-wont-
let-s...](https://arstechnica.com/tech-policy/2013/12/judge-wont-let-student-
challenge-electronics-searches-at-us-border/)

[1] [https://arstechnica.com/tech-policy/2015/05/warrantless-
airp...](https://arstechnica.com/tech-policy/2015/05/warrantless-airport-
search-of-laptop-cannot-be-justified-judge-rules/)

~~~
jrochkind1
No human activity is 'unbiased'.

------
analogmemory
This article [1] suggested to reset your phone to a blank slate before you hit
customs and then reinstall after you're in. Not sure if that's going to help
but I like the idea of the subtle middle finger.

[1] [https://medium.freecodecamp.com/ill-never-bring-my-phone-
on-...](https://medium.freecodecamp.com/ill-never-bring-my-phone-on-an-
international-flight-again-neither-should-you-e9289cde0e5f#.95ur1eihh)

------
lb1lf
Question: what would happen if you are asked to unlock your device and you
refuse on the grounds that it contains classified material?

Presumably they wouldn't just shrug and say 'OK, then' \- but neither could
they (if the classifying authority was one they cared about - say, NATO) just
say 'Tough luck, now unlock it!', right?

~~~
mikeash
It seems like that would only work if you actually have the appropriate
security clearance. And they're probably OK with letting people with
clearances get through with less screening.

~~~
lb1lf
-You'd obviously need to be able to provide proof of your clearance* (though I suppose your passport and a database lookup would do) - but I wonder what would be the next step then; getting hold of an official with the required clearance to match the documents in your laptop? (Which, in the case of higher/compartmentalised clearances may not even be possible)

At some point you just need to start trusting people.

*) I wouldn't recommend leaving docs leaked by Ed Snowden on the laptop just to be able to rightfully claim there's classified material on it...

------
pfarnsworth
Can they ask me to turn over my gmail username and password, even though I
don't have a phone or computer on me?

------
athenot
Have there been any incidences of people who signed up for CBP's Global Entry
program having trouble?

Many of the complaints here are a (justified) fear that privacy invasion
occurs as a side-effect of a clumsy and poorly thought-out attempt to prevent
something illegal[1]. So if I go ahead and sign up for the background check +
interiew to let them see I don't have ill intentions, would this reduce the
likelyhood of collateral privacy invasion when actually crossing the border?

I've been considering this for convenience reasons but am curious if it might
help in this instance.

Note:

[1]: There is also the issue of restricting freedom and declaring people
"illegal" when that runs against the spirit of this country, but I'm not
focusing on that here.

~~~
iak8god
> Have there been any incidences of people who signed up for CBP's Global
> Entry program having trouble?

Yes. The ArsTechnica article we're discussing here fails to mention it, but
Sidd Bikkannavar is enrolled in Global Entry:

 _" Seemingly, Bikkannavar’s reentry into the country should not have raised
any flags. Not only is he a natural-born US citizen, but he’s also enrolled in
Global Entry — a program through CBP that allows individuals who have
undergone background checks to have expedited entry into the country. He
hasn’t visited the countries listed in the immigration ban and he has worked
at JPL — a major center at a US federal agency — for 10 years."_ \-
[http://www.theverge.com/2017/2/12/14583124/nasa-sidd-
bikkann...](http://www.theverge.com/2017/2/12/14583124/nasa-sidd-bikkannavar-
detained-cbp-phone-search-trump-travel-ban)

~~~
athenot
Good catch. Thanks!

------
technologyvault
There are probably thousands of instances similar to this (not necessarily
having to hand over your device) where US citizens are at the mercy of law
enforcement simply because we don't know what are rights are, and because
often law enforcement either doesn't know or doesn't care.

Civil rights often tend to be only as useful as our knowledge of what exactly
they are.

------
cousin_it
When you arrive at the border, it might be too late to get privacy-conscious
and refuse to unlock your stuff. Unless you're using non-American devices and
social media, your data probably gets inspected anyway when you apply for a
visa, and might be monitored at other times as well.

~~~
bflesch
It empowers the border agent to assess risk of a traveller right on the spot
without consulting other agencies or even getting read access to those types
of databases.

------
xtf
This means I have to install a blank Custom ROM before I travel to the land of
the free™

------
twtw99
Was wondering what happens if they find posts on social media criticizing the
current administration? Trump often used to highlight the fact that the
thousands of CBP agents has supported/endorsed him.

------
SadWebDeveloper
Personally i like to travel with a burn phone that only has the contacts i
need in case something happens to me and dont bring laptop because m usually
not traveling internationally for work.

------
danaliv
So worst case I'm out a thousand bucks and one phone? Sounds like it's worth
the trouble.

------
gkfasdfasdf
They can detain you or your device even if you _do_ unlock it. So better just
not to unlock it.

------
jacamat
Reset to factory then unlock...

------
ballenf
Same result as if you refused to open a securely locked briefcase?

~~~
colanderman
I know right? Phone lock screens could conceal bombs or invasive species.

~~~
Cyph0n
Or - gasp! - the phone could be full of dank memes that CBP doesn't approve
of.

------
mpcsh
Here's what I want to know: what happens if I just spike my phone on the
ground?

~~~
sithadmin
Congrats, you've established probable cause and likely done nothing but break
your screen and mess up the phone casing.

------
youdontknowtho
US Customs will sing you a song called "Punch you in the face." It's a
classic.

~~~
youdontknowtho
This was comedy gold and you know it.

------
ronnier
> 4,444 cellphones and 320 other electronic devices were inspected in 2015

And recently I'm hearing about this -- it largely went ignored during the
previous administration but now it's a major concern, articles on HN, my
Facebook feed, Reddit, ...

~~~
jrochkind1
I had read about it on HN multiple times during the Obama administration too.
As well as heard about it from the ACLU and EFF, as well as other places.

A HN post from 2014, with 258 upvotes, linking to an ACLU notice from 2014.
[https://news.ycombinator.com/item?id=6993995](https://news.ycombinator.com/item?id=6993995)

That's just the first HN post I found, there were multiple other front-page HN
posts over the past few years.

An EFF alert from 2013: [https://www.eff.org/deeplinks/2013/08/unjustified-
detention-...](https://www.eff.org/deeplinks/2013/08/unjustified-detention-
david-miranda-points-larger-problem-suspicionless-border)

A Mother Jones article from 2014:
[http://www.motherjones.com/politics/2014/06/how-fourth-
amend...](http://www.motherjones.com/politics/2014/06/how-fourth-amendment-
not-protect)

The Committee to Protect Journalists in 2014:
[https://cpj.org/blog/2014/10/for-journalists-coming-into-
us-...](https://cpj.org/blog/2014/10/for-journalists-coming-into-us-policies-
that-borde.php)

If you're trying to make the point that there are _some_ people that are
Democratic Party partisans and ignore civil and human rights violations from
Democrats -- yes, there are, I agree, and it can be infuriating. But it's not
everyone, it's not the ACLU, it's not the EFF, and it's not even
representative of what stories got posted to and upvoted on HN during the
Obama administration. Many of us have been paying attention to this issue
unhappily for years.

I am hoping the upsurge in resistance to Trump means that more people have
been activated to oppose much the same things when a future Democratic or
"more reasonable" Republican administration tries them too.

~~~
ronnier
Looks like I was wrong. Good thing to be wrong on.

~~~
jrochkind1
If _you_ weren't paying attention to this issue until now, you'd have to ask
yourself why not. :) Many of us have been.

------
rsync
If your border crossing strategy involves a wiped/clean/factorydefaults
device, always, always, always put a zip bomb[1] in place.

Name it something helpful like "do_not_open_this_file.zip".

They can't say you didn't warn them ...

[1]
[https://en.wikipedia.org/wiki/Zip_bomb](https://en.wikipedia.org/wiki/Zip_bomb)

~~~
roywiggins
And then get held for hours just to spite you? That doesn't seem worth it to
me.

------
bflesch
In a world where thousands of people annually travel to some "freedom fighter"
camps in order to get combat training, I very much agree that it is necessary
to intensively screen travelers who return to their country of origin once
they fit a certain heuristic.

As one single returnee who is not caught might actually cause dozens or
hundreds of citizen deaths, there shouldn't be a screening exception for
smartphones or computers.

We can all argue that the current heuristics / profiling methods are not good
enough, but as an EU citizen I'd be glad if my government would actually be as
straightforward about screening travellers as USCBP is. If travelers -
citizens or not - want to return after learning to kill or taking part in some
sort of criminal activities, or even announcing their support for such
criminal activities in social media, they should be held accountable for their
actions upon returning by strict border controls.

~~~
mikeash
Why limit it to international travel? People can learn how to kill without
leaving the country. We need random checkpoints set up on major highways (and
occasionally on minor roads, just to ensure you can't reliably bypass them) to
stop and search people to ensure they aren't up to anything nefarious.

Actually, it needs to go ever further. You can get up to a lot of trouble
without even leaving your home. The police should conduct random searches of
people's dwellings in order to combat this.

A lot of bad stuff is handled online, so of course we also need to search
people's online activity as it happens. Since encryption gets in the way of
this, we need to outlaw it, or at least mandate key escrow so the security
services can observe the traffic.

~~~
purple-again
Ridiculous arguments don't foster rational debate. We know their are training
camps abroad. We know there are no training camps within our borders. What if
space aliens are controlling our leaders brains?

~~~
mikeash
What's ridiculous about them? We've seen plenty of home-grown terrorism. I'm
not sure if searching social media profiles would _ever_ have prevented an
attack in the US, for example, whereas internal checkpoints and random house
searches certainly could have.

~~~
cr0sh
> whereas internal checkpoints and random house searches certainly could have.

I upvoted your original comment because I am pretty sure it was meant as
sarcasm. I certainly hope I am still correct on that assessment.

There was a time, not long ago, certainly within my memory and the memories of
many others - when we as a country (the USA as well as other countries) looked
down upon such activities as being wholly un-American and against our values.
We looked on in fear and concern as we heard about what went on in Eastern
European countries behind the Iron Curtain - where people risked their lives
and freedom braving bullets and who-knows-what-else attempting to cross that
divide.

Some even made it. And we cheered when the wall fell.

WHAT THE FUCK HAS HAPPENED TO US?

~~~
mikeash
You are correct. The whole comment was intended as a reductio ad absurdum. I
understand that sarcasm is tough to detect, though, so I can see why you might
be worried!

I _am_ serious that internal checkpoints and random house searches could have
prevented past terrorist attacks, and would probably prevent future ones. I
don't, however, think it's a worthwhile tradeoff, not even close.

