>He said the officer then confiscated his phone and laptop, and told him the items would be sent to a government lab which would try to crack his passwords and search his files.
Can this be used to get whatever case(es) he was defending thrown out because solicitor-client privilege was violated or parallel construction was used?
Sounds like this lawyer arrived at the same plan I did:
Refuse the request, file a lawsuit, and contact the media when released to shame the government that saw fit to violate my rights.
Border services generally have extensive but constrained powers - in the US, they're limited in how far from a border they can exercise authority. So they don't get to arrest the administrator directly, or go and confiscate an access key sitting in Edmonton. They can still demand that whoever is at the border arrange for unlocking, and can probably seize the device if they're refused. But the threat "we'll lock you up until you open the device" is potentially legal, while "we'll lock you up because as a hostage until somebody else opens this" has far less merit. (Obviously, none of this applies if you go someplace where actual hostage takings might happen.)
If the administrator says "I need physical access to unlock that" or "our firm's policy says I can only open devices once they're at one of our offices being used for billable hours", there's no one handy to apply the wrench to. At that point, confiscate-and-image is as much access as anyone can hope to get.
Drill those, though.
Under stress, people fall back on learned patterns.
They aren't going to hit me with a wrench for the decryption password to a cloud-stored blob that's not on the device (and ideally, one they don't know about. Remember the password and the location of the data. Remember to secure-delete it from your device though. There should be an easy "prep for border crossing" checklist that includes this.)
If an LEO (claims to) need access to something and you give him a dead end, it's his job to assume you're lying and find the next legal option available to him.
The real question you should be asking yourselves isn't "How would you outsmart the caveman cop in this situation?" Rather, it's "What can/will you do, as a citizen, to resist the erosion of our civil liberties?" Sadly, I have no easy answers here.
Not sure where you live, but in the US it's actually his first and foremost responsibility to uphold a constitution that says that people are free from unreasonable searches and seizures.
I want to say "clearly you have never used US customs", though I suppose it's possible you have and you are just very lucky.
If not cooperating, then BPO not friendly;
Else, please proceed.
than when CBP ask for password give it and watch them search the laptop..
You full filled your legal obligation to follow their orders despite the illegality its now their problem they cannot find anything
Note...all social public stuff is searchable on google..tweets facebook postings etc..
CBP never needs a password they are searching with that password for other reasons than the ones they GIVE
Nothing justifies an honest person going to great lengths to do some weird thing quite like "company policy".
Nothing makes officers think twice like the mention of lawyers backed by Apple / Google levels of money.
It's not always feasible, but the most secure way to protect clients'/employers' data is to encrypt the laptop and phone and ship to your destination via standard shipping services, then ship them back the same way before leaving for home. Carry a well used but non-critical burner laptop ($50 Chromebook off Craigslist) and/or phone ($20 Walmart smartphone) with you that won't wreck your world if it's confiscated and searched. If it is seized, take your receipt and go on about your business. When you get to your destination your actual devices will be waiting for you. You can safely forget about the burner devices.
I think the reality we have to grapple with, regardless of rights violated, is that if you want to cross a nation border, it's best to assume that all nations involved will end up with a copy of all the data (hopefully encrypted) you move across that border. In the face of that scenario, how do we proceed?
Still, if you are paranoid enough you can mitigate the danger of your data falling into unsecured hands (at the border or by mail intercept) by using an encrypted shadow volume:
Isn't "mailing a laptop" now counted as sending dangerous goods, due to the battery?
If so, the chances of it being subject to interception and/or search might well be far higher than someone just carrying a laptop in hand luggage across an international border.
> RESTRICTED ITEMS
The following items are deemed unsuitable for shipment by our services, and are therefore restricted. Any of these items being sent may result in surcharges, delays or confiscation by authorities where appropriate. No damage cover is available with these items:
> [a long list of stuff, including laptops]
So, who here would be happy to ship their laptop internationally without damage cover?
You're confusing "not perfect" with "not good". There's an old saying: when outrunning a bear, you don't have to be the fastest guy, you just have to be faster than the slowest guy.
is that really true? I would expect that they can just perform hardware tampering when you're not present when searching in mailed items, but given that customs might use racial profiling to target you at airport, you may be better off mailing the computer securely, such as using tamper-proof or tamper-evident stickers/bags.
I've only seen two articles claiming evidence of physical tampering - like a hoax about Dell from 2005  and Bloomberg's dodgy story about spy chips from last year  - neither of which seems truthy, and neither of which involved mail interdiction.
(Of course, it's widely suspected mailed hardware can be tampered with, but most of the claims/speculation I've read has been about targeted tampering, not dragnet)
On what legal authority?
The border search exemption is about searching, not tampering.
The issue is more that border agents are taking advantage of a law written before the age of computers to use powers the founders probably never intended.
I seriously doubt that there's any legal basis to bug a computer just because it was shipped internationally.
So if the threat model is being asked for your password, not being present when the device crosses is a good mitigation.
(If you've done enough bad things they government is targeting you specifically, YMMV)
Inbound international mail is also subject to search by customs, that doesn't just happen to stuff the owner carries across the border.
Absolutely not. Any time your hardware is physically out of your control is a time when someone could install a hardware keylogger or replace your ethernet card with one that exfiltrates data or whatever.
The most secure option is to travel with an encrypted hdd/phone on you with no way to decrypt them, and separately acquire the private key (e.g. via shipping a secure hardware token which is made to be tamper resistant to a trusted friend at your destination).
If the devices leave your control for more than a few minutes, consider the hardware compromised and never unlock them again.
Laptops simply are not made to be highly resistant to an attacker with physical access, whereas hardware keys are, so it's not a good idea to ship them.
If you do ship them, you'll have to do a physical examination for suspicious hardware at your destination, (as you presumably did when you first received them if you're that paranoid), and it's damn hard to find a good lab for that in some countries.
Your advice is good as a way that's secure for most people's threat models, but it is a far cry from being the most secure solution, and I'd argue it's much less secure than simply carrying them with you.
Do not use a single key; require several keys that are with different people, combined only in the way that you know how. Ensure the people are present to notice if the police try to come in.
In short, the scope of my comment was avoiding a border seizure during travel, not 100% securing your devices from being compromised, which is an impossible goal short of just not using any devices, period.
More and more people are probably doing this so this is going to stop being suspicious.
Whenever I travel internationally on business and need a laptop, I'm required by company policy to bring a laptop freshly wiped by IT instead of my normal laptop.
edit: place a big random data file, which looks like encrypted data on your alibi notebook. Refuse to give password and let the government lab try to find the password..
This is certainly safer, though maybe not possible on the return trip (where you're returning from someplace where you only have access to your laptop). If you need to be this careful, maybe it's best to do your work after livebooting into tails or something like that.
> edit: place a big random data file, which looks like encrypted data on your alibi notebook. Refuse to give password and let the government lab try to find the password..
Funny, but unnecessarily risky if you ask me.
head -c 1000000000 /dev/urandom | openssl enc -aes-256-cbc -a > risky.1Giga.file
I'm not sure this is good advice. I think it's almost certainly better to have an unblemished record of assertion than a mixed record of assertion and acquiescence. Surely the latter appears far more suspicious.
Edit I'm not saying it's a bad idea to encrypt your drives, just that it doesn't save you from someone determined..
Encryption works great for this usecase, that almost everyone in this thread will be using it for.
People being tortured for their personal phone password by a rando border guard in basically any country, just isn't something that happens, despite what the internet memes would lead you to believe.
Even in supposedly bad countries, I really doubt that this "attack vector" is something that happens frequently.
And for quite a lot of other people, even not being personally detained, but having to acquire new devices is inconvenient enough to compel cooperation. Who wants to buy new devices? Who has a need for two sets? It'd only be a cost of business for someone who does a decent amount of traveling and has confidential information to protect.
But then, that's a trap too because why should people need a reason? Why are only people with business/legal confidential information a protected class?
The answer is not very long. I'd call "a couple days" to be not a big deal, and not at all equivalent to being tortured to death, like the person I was responding to was implying would happen.
So yes, encryption does work, and all that will happen to you is that you could be moderately inconvenienced.
But even that I would expect to be rare. Most border security would just look at your computer, or whatever, not find anything on it (because the thing you show them just looks like an empty computer), and move on their way.
The narrative that I was responding to was this idea that technology solutions can always be bypassed, by torture or something, therefore technology solutions are worthless. And that's just not true.
An extremely effective technology solutions to an incompetent border guard that is interrogating you is for all your devices to just appear like there isn't anything on them, like a new factory default computer that you just bought.
A guard will just look at that, not see anything, and then move on to the rest of his crappy job.
I think a couple days is good enough because people will miss holidays, work, plans etc. That's Western nations "torture" equivalent of a wrench
Ok, and does this happen in real life?
The answer is no. It does not. In almost any western country in the world, the low paid border security guards are not detaining people in mass for days on end.
This stuff just isn't really happening to any large degree.
The answer is "not that often".
The example you gave was of someone who was suspected of murder.
The amount of people who are in the population of "people suspected of murder, and are jailed for not giving up their password", is a very small population size.
I never made any claims about what is or it is not OK.
The only claim that I am making is that this whole "XKCD wrench meme" is dumb, and that encryption actually works really well for the vast majority of people in the vast majority of usecases.
That's all. Encryption works, and you are not going to be tortured, or locked up forever, because you refused the order of a low paid border guard.
Such situations are extremely rare, and it is annoying that people keep bringing them up when they basically don't happen to anyone.
What country do you live in that has to worry about people being tortured to death on a frequent basis?
This stuff just doesn't happen often, despite what a silly XKCD comic would lead you to believe.
Encryption actually works pretty damn well, for basically all usecases that a normal person would come across.
The world is not a James Bond spy move.
Extraordinary rendition to the Guantanamo Bay is what concerns me.
That said, the most practical scenario here is to keep your important files secured somewhere else, cloud or elsewhere, and when they ask you to unlock your phone or laptop you say "Sure!" Because there's nothing to find and you're compliant and helpful so they quickly let you go after a proforma search.
Yeah, there is no James Bond outside the books and screen. But thermorectal cryptanalysis is out there and still beats most of cyphers with ease. And it's not letal!
I wonder if you could make the case here that the US government should be ensuring the functioning of its judicial system by issuing lawyers who leave the country a “loopback” diplomatic pouch—one issued by X, destined for X, protected during travels to all not-X.
(This could currently be achieved by X-gov issuing a pouch destined for X-embassy in transit country Y, which the traveller must visit to have their documents re-wrapped in a pouch from X-embassy back to X-gov. The change would just simplify things by making the visit to X-embassy unnecessary.)
Could he be censured for failing to secure information about clients? IANAL, but I'm pretty sure that over-sharing about clients can be a poor career move.
And what if this had been a US lawyer, who was representing someone who'd received a US NSL? Would he have violated the NSL? Who would the US go after, him or Canada Border Services?
If this were a US attorney at a US border, almost certainly not. ABA rules permit attorneys to disclose client information (among other reasons) "to comply with other law or a court order."
Even as far as a US attorney receiving orders from another country, or a blatantly illegal instruction within the US, they should be alright. The lawyer didn't actually disclose client information, they just lost control of it. The ABA only requires "reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information" about clients. Offering up the password might not have been a reasonable effort, especially in the absence of consequences for refusing, but having the device imaged and cracked seems to clearly exceed reasonable efforts to prevent unauthorized access.
As for NSLs, what a mess. I'm not sure anyone can answer this for you. They already push the established bounds of compelled speech, so general precedent wouldn't be a trustworthy guide. And any NSL-specific precedent was almost certainly set in closed, confidential hearings, so the people only people familiar with it wouldn't be able to discuss it.
The system works when corruption and deceit aren't present or tolerated - when they are the institutions become suspect.
My problem is that our prosecutors are often dishonorable!
As the US has the 4th amendment, most US search-and-seizure cases rest on it. If anyone were ever so bold as to argue a positive right to privacy for all humans--rather than the weaker but easier to prove prohibition against US governments committing privacy-violating acts--and the case was decided on it, that case could be used as precedent everywhere.
Judges are generally careful about not doing that, for obvious reasons. If a lawyer tried to make the case about a right to privacy, the judge might decide the outcome of the case base on that, but the opinion would certainly say that the litigant won or lost because of some other reason.
Statutory law is generally robust enough that judges can almost always decide based on it rather than on discovered law. So it's not that Canadian courts couldn't accept American precedent, it's just that American courts make special efforts to not set any Common Law precedent that a Canadian court can use. If it ever happens, it's likely to be in civil equity cases between two or more non-government parties.
This is hosted on CBC (Canada broadcasting corp) and clearly this is about the "Canada Border Services Agency (CBSA)"
what does US laws have to do with this?
And all it takes is to bribe an officer.
I actually once did pay a speeding ticket to an arresting officer (in Montana or Wyoming or one of the Dakotas IIRC -- it was decades ago) an it was very clear how the officer handled it that he was not pocketing the money (e.g. he held an envelope I placed the check into, I licked and sealed it, and his boy never came in contact with my check, though cash was also an option).
Pardon me while I humbly disagree.
Along the same lines a case could be made for legal malpractice if it was reasonable for the attorney to know that there could be a search (and it is he is an attorney and the assumption is he is familiar with the law). It is similar to putting his phone unlocked in a car and the phone or the car is stolen. There is a reasonable expectation that the attorney will safeguard client materials (is what I would argue). (Paper files in the office and not giving the proper protection the same).
Bottom line is the fact that he is an attorney does not magically in itself also mean he doesn't have to take prudent steps to prevent the release of information (with regards to malpractice).
That isn't what this is about. Nobody is talking about what this is really about and it isn't anything to do with him being a lawyer. This guy (1) was traveling alone (2) to a distant (3) and poor (4) country without preexisting business ties (5). Those are all red flags for sex tourism.
I cannot say this strongly enough: I would never say this guy is a sex tourist, nor would boarder services. But they do run a program that targets people who meet certain criteria, criteria that this guy seems to have fallen into. Most famously, a bishop returning from Thailand had his laptop "randomly" searched by this program. (https://en.wikipedia.org/wiki/Raymond_Lahey) There have been other less-pubic successes too. The program is controversial but within the bounds of Canadian law.
So before everyone goes nuts about terrorism and attorney-client privilege, realize that this innocent person was caught up in a program that has nothing to do with those things. Canadians are polite, especially when dealing with sensitive matters. Canadian cops don't shout things from rooftops. Because of the nature of what they are looking for, boarder services isn't going to give any public explanations. They will hold the electronics for some time, as is their right, but they likely regret "randomly" selecting this particular person. In the future they will probably add "not a lawyer" to the criteria.
http://latinalista.com/columns/globalviews/venezuela-no-1-tr... (see the chart, plenty of flights stop in Guatemala).
Still, it's no excuse to search Canadian citizen's phones or laptops. Either find probable cause (ie, some actual evidence which indicates a crime besides abstract "red flags" about travelling which could apply to thousands of innocent people) and get a warrant or don't do it. Otherwise it's open for tons of abuse and unnecessary invasions of privacy.
Notice that this guy is now free and able to tell his story. He wasn't detained in handcuffs for days. He wasn't transported to a remote jail for interrogation. He wasn't charged with some trumped-up excuse to hold him. He wasn't subjected to a body cavity search. He wasn't added to some terror list. There is no allegation of racism. They seem to have politely explained the situation and let him on his way. Canada does things differently.
[edited for clarity, for those who require simple literality].
> 3) based on reasonable and probable grounds to believe that an offence has been committed and there is evidence to be found at the place to be search.
This is not some unique American concept. Otherwise I don't see what point you're trying to make...
In other words, just because this kind of profiling wouldn’t constitute probable cause in the US, doesn’t mean that it doesn’t constitute probable cause in Canada. (I’m not sure that it does constitute probable cause in Canada; I just don’t know for sure that it doesn’t.)
As a Canadian, I would say “not really”. Plenty of examples of people’s rights being violated by Canadian officials. Those events don’t get the scrutiny that US events do, but they certainly happen.
I don't know why you're trying to make a point about Canada vs US and how one is better than the other. Just because he's free to tell his story and wasn't prosecuted doesn't mean that the CBS is off the hook for seizing upon his electronic devices - without reason - and even threatening that they would be sent to a lab to be cracked.
I'm neither an American or Canadian citizen, but when I do travel to these countries I would expect that my privacy not be breached, especially not without reason and when I've already cooperated and consented to my bags and other personal items to be searched.
Now the next time you travel, and the CBS or US CBP decides to seize your devices, are you going to just surrender your devices, given that they've explained everything nicely and will let you go on your way?
I think you mean US Customs and Border Protection, not the TSA.
A relatively wealthy, privileged person going someplace poor for sex is probably doing it because it facilitates doing rather nasty things in a way that is comfortable for them. They don't need to be ugly about it. Someone else will be ugly about it on their behalf while making them feel great about spreading their money around.
This often means they are raping children or otherwise indulging sexual predilections too unseemly for sex workers in more well-heeled parts of the world.
So sex tourism is generally understood to be a polite term for exceedingly depraved behavior with a veneer of civility.
Keep it among genuinely consenting adults, and I don't care how many, what genders are involved, how you folks agree to get your freak on and yadda.
Just one easily findable prior comment by me:
That's just how politicians package it so the people swallow the poison pill.
That said, I feel like people vastly overestimate the similarity of governments of the US and the UKs vassal states like Canada, and that false expectation is part of why people get outraged. Once one understands this the authoritarian approach of the "Commonwealth" nations things make much more sense.
If you want to narrowly define Puritanism as against child rape, okay, I will proudly accept that label.
Beyond that, I think you are barking up the wrong tree. I'm not here to discuss politics. I have very little to do with politics. If you think explaining the term sex tourism is some sort of political agenda, agreeing with a particular policy, etc, you are reading in a whole boat load of stuff that isn't there.
I'm a private citizen, not a politician. I'm engaging in discussion on a forum. That's the extent of that.
>I'm a private citizen, not a politician.
You mean citizens don't bear responsibility for politics? Does it mean that politics is disconnected from society?
You've provided no basis for this claim.
> Let's get real here, stuff like this is about control, not about security, and certainly Nota about morality...
> That's just how politicians package it so the people swallow the poison pill.
I take this as an expression rather than a claim, but still it doesn't teach us anything.
You haven't tied your point about sovereignty to the topic of discussion, and when commenters don't do that we get taken off into generic tangents.
This is not about holding controversial opinions. It's about failing to meet the standards of discourse here, and meeting them is a rather mechanical thing which all commenters are capable of.
> Be kind. Don't be snarky. Comments should get more thoughtful and substantive, not less, as a topic gets more divisive.
Or simply because it's easier because prostitution is not (as) criminal and/or it's well organised (e.g. red light zones), and not forgetting it's likely to be much cheaper. To assume their choice of destination for something as nasty as raping children is quite a jump.
It may not be universally true, but the fact that it is fairly often true is why the term has such negative meaning for most people.
I have no idea why you are nit picking this. I'm not going to discuss it further with you.
Hence, I was interested in actual data. That's all. Enjoy the rest of your day.
But a 17 year old is legally still a child in many jurisdictions. A lot of men in their twenties see nothing wrong with getting involved with a 17 year old.
If you are talking a dating situation, my views on that get a lot more complicated. If you are talking prostitution, a 17 year old sex worker is highly unlikely to be there by choice.
At that point, it is, in fact, child rape, even if you aren't comfortable with the terminology and wish nicer language were used to describe it.
I don't feel compelled to try make it sound nicer given how damaging it can be to the child in question.
Statutory rape doesn't have to be violent. The minor may even have nominally agreed. But the law says they can't actually meaningfully consent as a minor.
If they are a minor and a sex worker, they are likely being trafficked. That's where this gets really nasty. The guy paying for the service may be blissfully oblivious to just how much she is being pressured, has no real choice, etc.
I covered that in my original comment. That's a large part of why this is an ugly thing.
You (the general "you", not you in specific) hand wave away that she's 17 instead of 18 because it's only a few months and he may not have actually known her age etc.
It's a slippery slope that basically says if you can fudge on enough "little" details, it's totes fine to rape children. Traveling to a foreign country for your cheap sex is a very handy way to gloss over those details and pretend it was all above board and nice when it probably wasn't.
Now will you please consider giving some data or some kind of percentage or explain why you said "probably"?
No one is trying to claim this kind of horrible behavior doesn't exist. But I want to understand the scale of the problem. Trying to figure out if it's 10% or 90% is not nitpicking!
There are many readily available articles on the topic just a Google away if you really want to know more.
> Thailand’s Health System Research Institute reports that children in prostitution make up 40 percent of sex workers in Thailand.
I can't find this report even though I've been using the HSRI's own searchable database and search engines (you'll need Google Translate unless you can read Thai). I did, however, see see numerous other reports reusing the same quote in the searches returned by an engine, so it's well used.
If we continue the same paragraph:
> At the other end of this debate many NGOs estimate the number of CSEC victims to be in the hundreds of thousands. Other reports estimate the number of child victims of prostitution to be at least 80,000 but likely to be in the hundreds of thousands (ECPAT International; The Protection Project, 2002: 539).
I can't find any Protection Project report about Thailand in their publications, nor do they include Thailand in their list of country reports. I also cannot be sure that either of the reports I found on ECPAT's site are the one cited. The larger one, which was published in 2011 (but is the 2nd edition so perhaps it is from 2002) does not include the figure. It does however have this:
> Prostitution is technically illegal in Thailand, but sexual services are sold openly with an estimated 60,000 children under age 18 involved in prostitution.15
This is note 15:
> U.S. Department of State, 2009 Country Report on Human Rights Practice, Thailand. Accessed on 13 July 2010 from: http://www.state.gov/g/drl/rls/ hrrpt/2009/index.htm
This is the statement in the report:
> In 2007 the government, university researchers, and NGOs estimated that there were as many as 60,000 prostitutes under age 18.
No note for that one, it's a dead end.
This doesn't mean the figure is wrong, of course, but it does support the idea that people should be able to question figures, and when challenged, claims should be backed up by something better that circular references, missing reports, and dead ends.
> At that point, it is, in fact, child rape, even if you aren't comfortable with the terminology and wish nicer language were used to describe it.
- Where did I say or imply that it wasn't child rape?
- Where did I say or imply I wasn't comfortable with that terminology?
- Where did I say or imply I was wishing nicer language were used to describe it?
I'm not sure how you hope to have an adult discussion on a sensitive topic if you're going to insinuate that asking you a question is tantamount to defending child rape.
I for my part have tried to find out more from someone who says they know more. I'm reading the research from one of the Wikipedia references you gave and questioning some of my assumptions while trying to remain sceptical and clear headed enough to analyse it.
> I don't feel compelled to try make it sound nicer given how damaging it can be to the child in question.
I think it's unlikely that most people in this discussion are condoning or defending this behaviour (or maybe they are but they should still get a chance to give their point and be challenged). Since we know most people will say they're for the protection of children wouldn't it be better to take them at their word, play the numbers and realise the majority here will be the same, and, if not tone down the description, tone down the attitude?
It's Hacker News, not Twitter.
That's true for most workers of all ages.
From what I have read, even sex workers generally agree that most adult sex workers "made a choice" if they remain in the life and "it's different if they are underaged."
Among other things, I've read a few biographies by sex workers.
I would love to see sex work generally see an improved track record of human rights protections. In developed countries, child labor is generally deemed to be a bad thing, even when the work in question isn't inherently exploitative.
I stand by "raping children is a bad thing" and "underaged sex workers are victims of child rape."
Travelling abroad as a tourist for sex, with willing and legal participants, is obviously fine.
Edit: fine. I guess some people here need the talk. This is about the phenomena of men traveling from rich countries to poor countries to engage in sex with children. Not this guy, but it does happen. These men often return with digital images stored on laptops and cellphones. Possession of such images is illegal in canada and so Canadian boarder services targets men who fit the profile of a potential "sex tourist". The term is a polite euphemism for a darker profile, not a literal reference to having sex while being a tourist.
I for one did not immediately equate sex tourism with child slavery or pedophilia until I saw your sibling comment.
Freudian slip right there if I've ever seen one
It's not like you need to 'smuggle' any form of data physically.
I mean, any data considered to be dangerous (like terrorist attack plans, atomic bomb designs or political inside information) can be accessed across borders via the internet. You don't need to have those on any of your devices.
And even if you had the data on a laptop, how does border patrol even know what they are looking at?
They have shown this very thing on the show where they found on their device that they were making these arrangements. It seemed very invasive and disturbing. They got their password and were looking at their phone and laptop in a backroom. The traveller didn't even get to see what they are doing or anything.
I don't have anything to hide, but I would never feel comfortable with ANYONE having free reign over my unlocked devices, especially not a government border agent doing it behind closed doors.
that’s not for you to decide (unfortunately)
For some goals it can actually be useful, though I'm not sure if this is done during regular border checks or just in the context of asylum requests or similar: Accessing location histories, picture metadata or social media profiles on your device can be a fairly easy way to check that you're not giving them false information about where you're coming from or where you've been. This can be done automatically, so the officer doesn't need to figure out themself what they're looking at.
I had my laptop searched at the border once. It was my work laptop. They told me the same thing, if I didn't share the password they would confiscate my computer.
It felt wrong that they should be able to search my computer, but I also felt bullied because I was going to need my computer the next day if I wanted to work and I think most people, including my boss at the time, would not see a problem with the search, so I let them search.
All they did was open up Windows Explorer and do a search for *.jpg. Then she looked up at me and said, "What kind of images am I going to find on your computer today?"
I don't remember what I said, but basically it took about 30 minutes for Windows to display all the results. She looked through them all and then I was free to go. I got the impression that they were looking for child pornography, but I don't know that for sure.
Either way, it was a pretty innocuous search, but this was also about 10 years ago. From what I understand, they now pull all the files off your computer and index the contents. They likely have a list of keywords that it searches against immediately and then it's indexed for when they add more keywords later.
Never have faced any search, but interesting stance there.
You and I disagree wholeheartedly there, that's an extremely invasive search.
It's extremely invasive for some random civil servant to execute an unexpected search on a device that most reasonable people assume is private.
That said, under nearly any other context, I agree that it would be harmful and offensive.
I think they are just looking for crimes like drug mules, people coming to work with tourist visa etc. Everyone here talks about nuclear plans but I doubt.. probably bully too but against simple minded criminals it can work. Texts of arranging work or when is the package going to arrive etc.
It saddens me that we think of federal governments as benign protectors of our rights. The States did not need and did not want a federal government. We feared they couldn't protect our interests. We had to be persuaded through the Bill of Rights to accept their "protection." The feds have some idealistic people within their organizations, but their stance is to utilize state-level resources for their own needs, such as international warfare wealth accumulation. This includes domination of individuals. We have only our states and the Bill of Rights to protects us from the feds.
Computers represent a very real threat to federal power. People could use them to rise up against federal governments and make their lives very uncomfortable, which is to say, much like our own. These dreams of small groups contacting one another and creating world peace beginning through networked communication were made explicit in the 90s and early 2000s. The maintain its dominion, international governments from around the world simply have to assert themselves in every aspect of our lives. With state protections, one of the key places feds can insert themselves is at borders, where reaching out to people from other nation-states happens.
Efficiency is for little people, like you and me. Federal governments print the paychecks for the border patrol, tax they money the pay them, then tax the people the border patrol buys all their worldly possessions. They care about efficiency less than google cares about disk space. I know I sound like a paranoid libertarian here, but I'm actually only a slightly-light-of-center person trying to bring a little reality and clarity to the situation. We are essentially pets.
It sounds like you're just skeptical of a powerful centralized state, and it's coming out through the lens of historical American federation/republicanism. That isn't wrong, but it's as much a history of competing factions as it is an strong intellectual basis.
You're not the only one skeptical of a powerful, centralized state. Try reading Kropotkin or Luxemburg. You might find the ideas resonate with you. Those authors have a coherent ideological basis, and suggest paths to decentralized democracy that has been realized in various forms in recent history, but is radically different to the current American government.
It's huge! The power to drive international trade and warfare, for starters! Also, the ability to create laws that don't reflect people in your area/community.
Also wrt this thread, states don't (generally) enforce searches at their borders, because states aren't fighting for domination with nation-states. States are only trying to control their geographic area.
Thank you for the references, I'll check them out.
However, I think the answer is that I'm way too optimistic. There must be lots of people who voluntarily do carry incriminating information with them across borders because they either don't care or they're just stupid. Others have mentioned emails or text about a job when you're not travelling with a work visa.
If this is true then I think border control is also just being merely pragmatic.
With a bit of questioning and informal profiling they can spot people whose story doesn't ring true: next they just need a way to figure out what's false with that one particular person. A success rate of 38% for electronics searches was quoted: that is very high and certainly makes mobile/laptop search to the top of the list of what to look at when you bring the traveller in and start investigating. I think they'd do it even for a 10% success rate: checking a few emails and messages is fast and apparently a low-hanging fruit.
That's pretty much what I would do if my job was to figure out what's wrong with a person's story.
It's akin to starting debugging by enabling asserts and running the binary in a debugger to catch any obvious issues live with a stacktrace, or something similar. Won't help with most of the trickier bugs but sometimes it points right at the culprit and it's a cheap test to run.
They wouldn't find the folder containing your blueprints for that bomb but they'll see you'll be meeting some people next week in a place that is very, very far from where you said you'd be vacationing.
A far harsher and less charitable theory is that border control is where paranoids, xenophobes, and authoritarians accumulate and the point is control and punishing "the other" instead of actual effectiveness.
Most government can't do that (in theory...) when you are a citizen or maybe even just a resident, except when you cross the border. So if they want to watch you politically, they do that (at least) at the border.
Edit: given the source, the 38% could also be inflated (perhaps by not counting certain false positives) since it comes from the department looking to justify their work.
There's TV shows that follow border agents for various countries during their day-to-day work.
So the actual reason customs agencies perform these searches is that they are allowed to do so because of the way the laws are written and precedent is set.
The data may be a by-product of using the device. I suspect they are primarly looking for communications data that is bound to be on every device that is actively used to communicate.
The more end-to-end encryption is used the more interesting the ends become.
>And even if you had the data on a laptop, how does border patrol even know what they are looking at?
Maybe they just copy everything for later analysis in case communications data hints at this being a person of interest.
That is such a great line that encompasses about why more and more the ends of the end-to-end encryption are being attacked.
Because most people don't have the technical know how, or desire to spend the effort to ensure that the data they _are_ bringing across the border is safe to disclose.
Even elsewhere in the comments here is a long debate about the "safe" way to deliver data across borders, some of which are actually terrible ideas.
Yes, theoretically, people could avoid bringing any sensitive data physically across the border, but most do anyways and I bet you do too.
"Prank them with an undecryptable random file" https://news.ycombinator.com/item?id=19834934 and "prank them with 20,000 goatse images" https://news.ycombinator.com/item?id=19837896 as they can get you back by seizing your electronics. Of course, those sound like jokes not serious suggestions.
"Have it remotely locked by an administrator" https://news.ycombinator.com/item?id=19835097 as they won't understand that technical mumbo-jumbo and will just seize the laptop.
"Have a hidden dual-boot system" https://news.ycombinator.com/item?id=19836135 as if they take a disk image and spot it, they'll be particularly suspicious of you.
Some posters also think "Send your encrypted laptop by mail" https://news.ycombinator.com/item?id=19835019 is not good advice.
2) The people who make these decisions (politicians) don't really understand how any of this works (aka luddites)
I really want to understand what kind of digital data is considered a customs-related offence.
I actually learned this the hard way, I was in your shoes, 100% remote job, for a US company, US clients, and went to Europe and thought I might work while traveling. I was detained at the border, interviewed, and very nearly denied entry. I was let after a couple fairly lengthy interviews (I was detained for about 16hours) and proving I had funds to support myself without working. I was given a "visitor record" and a firm exit by date, not sure what all the record entails but I get questioned every time I enter now.
Anyway, point being, legally speaking what generally matters is where you are located when performing the work, and that's really the only way that makes sense to judge where the work takes place.
With all that said, in reality being caught is extremely unlikely and plenty of people get away with it and I don't think there are many countries actively trying to crack down on that sort of short term work while being a tourist. If you want to be above the board though, unless your work counts as what a business visitor can do, you would need a visa to perform any work. There is generally no distinction between traveling for the purpose of working, and working while traveling for other reasons.
I'm not a lawyer though but I've spent a fair bit of time actually looking at the restrictions on the tourism and business visitor visas to stay legal while traveling long-term and working remotely.
I basically had my mornings free every day until I ate lunch then i would sit down and start work for the day.
Your use of the word obvious is not well supported by your argument. Do you have an unstated premise that Border Services only detect "obvious" offenses?
Not to suggest that all of the 38% count for that, but with the popularity of drawn pornography I'd wager it makes up a sizable chunk.
 Hentai refers to anime-style drawings of fictional characters.
Also, if I have a copy of Nabokov “Lolita” on my kindle, will I get in trouble? Stephen King’s It? An apt pupil?
Enforcement is selective.
Until there is evidence of that, it seems strange to say that's a conclusion at all, or that it's likely. In fact, Patrick Galbraith's work on how users of fictional CP actually interact with their materials suggests exactly the opposite: they have developed a form of sexuality for the representations themselves - the more fictional, the more real to them. To add to that, the research I've read shows that pornography is not associated with increased rates of sexual assault or rape. If the link isn't even there for regular porn, what would make you say it's "likely" there for cartoon representations?
Furthermore, do we apply this standard elsewhere in society? If there were no research on the link between video games and violence, would you conclude that it is "likely" it indirectly creates a demand for videos of real violence? Is the fact that someone might be spurred on to do a different act sufficient to illegalize the original act which spurred them? I would say not, unless we were to illegalize drugs (for example) because those who partake are likely to be violent? Should we prosecute cannabis users because they create demand for drug cartel products which finance murder? Apple users because they create demand for the appalling treatment of Chinese workers?
Most researchers on the philosophy of law in this area (e.g Suzanne Ost) while obviously opposed to actual child pornography find no philosophical basis in the harm principle to illegalize fictional representations. As such, it's not reasonable at all. You need to justify why you think it's "likely" and just what that standard means. If it cannot be justified, then we may say that any likelihood is sufficient to illegalize any material, but I doubt that's a conclusion you'd want to follow to its extreme.
Finally there's the issue of penalties - isn't punishing someone for something they might do (access real CP) unjust? This seems shockingly close to the notion of pre-crime. To avoid that, you'd want to look more at punishing the creators of the material rather than those who have consumed it and harmed nobody (other than themselves perhaps).
If there is no cultural understanding of the real people themselves, how they read the text and how they interpret it, any law is based merely on speculation and I must stand firmly against such speculative laws.
> do we apply this standard elsewhere in society?
If there is a demonstrable link between them, sure. The same way real CP is illegal because it creates demand, which causes more CP to be made. Remember, owning CP does not directly harm anyone.
> If there were no research on the link between video games and violence, would you conclude that it is "likely" it indirectly creates a demand for videos of real violence?
No, because video games and videos are completely different things. People who play violent video games don't do it because they like watching violence, they do it because they like playing video games.
> isn't punishing someone for something they might do (access real CP) unjust?
They're not being punished for something they might do, but that they did do. If fictional CP is illegal and someone is in possession of it, then they've committed a crime.
The possession of real CP in most places isn't illegal because it creates demand, but because in order for its creation it required the actual abuse of children, and it's a violation of their privacy. Arguments against possession nowadays rely on two factors: the risk of harm (which is frequently not justified) and the violation of privacy. The second is a direct harm. CP is more often than not accessed for free in ways where the original uploaders have no way of knowing how many people consume the material - in the same way that Usenet posts circulate, and in an even more opaque way to BitTorrent. You can't see how many seeders you have on CP sharing sites. Paying for it is dangerous, so most consumers tend to coast on what they can find for free.
>No, because video games and videos are completely different things. People who play violent video games don't do it because they like watching violence, they do it because they like playing video games.
They are different, but the argument could also be made that comic books (in which lolicon hentai is most often published) are different to videos, and Japanese visual novels (which are branded and appreciated as games in their own right) which contain virtual CP are different to videos too. Yet we also would suppose that most people who play violent video games select violent video games for a reason over other non-violent games. The violence is an allure just as much as playing the video game is. For what reason, I don't know - perhaps to experience the limitless world of the imagination, or a break from life. Either way, people who read underage hentai don't do it because they like the idea of children being abuse, they do it because they can find a way to engage their erotic desires in a fictional world - but again, they must also have some reason to select lolicon over other content, and that's accounted for in the history of the status of women in Japan and the concept of moe. We can abstract away from video games and violence too; what do you think about movies that show violence, comic books that show disgusting levels of violence and pain, anime that shows violence...
>They're not being punished for something they might do, but that they did do.
Then the law is unjust - we would be punishing a victimless crime if we outlaw possession of things which cause no harm. Evidently the crime itself can't be located in the mere fact of the violation, since presumably it's a crime for other reasons. If it's a crime because "the viewer might do x, y, z" then it's punishing someone for something they might do through the creation of a law which punishes something they did do. It's simply adding another layer of explanation and indirection to the process, it doesn't automatically add any more justification. That's how the concept of pre-crime works, the pre-crime itself is made into a crime that can be prosecuted. I'm not suggesting that due process is being abandoned here, I'm saying that the rules in deciding what should and shouldn't be crime are being abandoned in favor of speculation.
> I only say that it is not inconceivable to me that fictional CP increases demand for real CP.
On the same token with the same amount of conviction (i.e none) I can say that it's not inconceivable that fictional CP lowers (or doesn't affect) demand for real CP. Now I don't really believe that's true, but I have as much reason to believe that as you do to believe the opposite. Perhaps posting on HN increases the demand for brutal startup founders who abuse their employees.
Among a huge number of intractable problems with fictional works, this also would make it illegal for many abuse victims to talk about what happened to them.
So the bible and the quran cannot be imported legally into these countries?
Even though it has a trivial workaround of not looking the part. The Lod Airport Massacre "terrorism swap" with Japanese Red Army Terrorists and Popular Front for the Liberation of Palestine-External Operations in 1972 shows just how useless it is as a measure.
It's just so dumb, and I've heard a lot of older people especially who will say the common "Why is it a problem if you've got nothing to hide?". I think some people fail to understand the kind of data people can have stored, and how much of some people's lives are part of their digital devices. I'm sure they wouldn't want police coming into their house and searching it.
They can't extend the traffic stop to bring in the dogs unless they have reasonable suspicion. https://en.wikipedia.org/wiki/Rodriguez_v._United_States
Photo of someone smoking a joint in a legally (at the state level) operated dispensary. A pirated MP3 or video file.
There's all sorts of minor "customs violations" that would come into view looking through a device that frankly, aren't serious enough to warrant the violation of privacy.
In the first place, piracy is not illegal in Canada. Provisions surrounding copyright violations fall under bill C11, and that's a civil juncture, not a criminal one. So CBSA agents wouldn't be looking for that in the first place, nor would they have any grounds to do anything about it, since they aren't the rightsholders.
And even if they did, they have an interesting burden of proof in proving a given file was obtained via piracy. And what would they do? Detain you indefinitely because they want to "have a discussion" about some pirated Katy Perry song? I would agree that photos of doing drugs could be met with refusal at the border, but be reasonable.
It's not the data, it's what the data reveals.
Like an SMS with 'I put $100K in your panama account'.
Obviously a bad example but you get the idea.