Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

Getting Your Devices and Data Over the U.S. Border

Many travelers have had the experience of showing documents and answering questions while crossing an international border. But these days most of us carry smartphones, tablets, and computers that can contain or access tremendous portions of our daily lives.

Sure, some data is innocuous, like snapshots of yesterday’s lunch or last week’s sports scores. But some of it can be deeply sensitive, including banking and financial information, medical histories, dossiers of our friends and acquaintances, private conversations — even records of where we have been.

As tensions rise over border and immigration issues (think walls, immigration bans, and terror threats), and as we become more dependent on our devices, demands to examine the contents of digital devices are becoming more common at the U.S. border and other border crossings around the world.

What would you do if a border agent wanted you to unlock your device? Or if they demanded passwords to your social media, email, or banking services?

If these questions give you even a moment’s pause, it’s best to give some thought to crossing into the United States before you actually get there.

What Can Border Agents Do? -- Contrary to some popular opinion, the U.S. Constitution does apply at U.S. border crossings, so U.S. citizens have rights of free speech and association, freedom from unreasonable searches and seizures, and freedom from forced self-incrimination.

However, U.S. border agents also have broader powers than U.S. police officers, including the ability to conduct warrantless searches of vehicles, luggage, and other possessions. Put another way: in the United States a police officer can’t pull you over, then search and disassemble your car unless they have probable cause and a warrant approved by a judge. However, a border officer can, no warrant needed.

U.S. border agents have these extended capabilities because courts have held the government’s interest in maintaining border integrity is more important than an individual’s privacy. In legal terms, these extended searches are considered “routine,” and are meant to enable border agents to enforce trade and import laws, to prevent dangerous people from entering the country, and to ensure entrants are authorized and properly documented.

It’s absolutely within a border agent’s purview to inspect the physical aspects of any device you are carrying, whether that is a phone, tablet, laptop, camera, or any other digital gear. This includes not just inspecting its case and controls, but also removing batteries, memory, storage, and other components.

Moreover, Customs and Border Protection (CBP) directives grant border agents the authority to examine any information “encountered” on devices. That can mean flipping through pictures on your digital camera, and (if the device is unlocked) swiping through your phone and its apps, and poking around your computer.

Many travelers are perfectly OK with this. For instance, if a border agent wants to flip through my terrible pictures (Look, a blurry thumb!) or the massive list of blocked numbers on my iPhone, I don’t particularly care: I’m nowhere near as dependent on devices as many people, and I don’t really use social media.

But my computer often contains encrypted, confidential data belonging to my clients. If border agents wanted to look through that, I might have a legal obligation to refuse. Plenty of people — especially folks like doctors, attorneys, and journalists — would be very uncomfortable with border agents flipping through patient records, correspondence, photos, financial information, and more.

Turn Off, Turn Down, or Turn a Blind Eye? -- So, if you don’t want U.S. border agents going through your devices, the solution might seem easy: lock them or turn them off! That way, border agents won’t “encounter” any information during their inspections, right?

That’s true. But now imagine a border agent asks you to activate or unlock the device, or provide a code or password to do so? It’s surprisingly common. Maybe the agent wants your Facebook or Twitter password so they can examine everything about your social media presence, not just what’s public. Maybe they want your passwords to WhatsApp, iCloud, Dropbox, or your bank. Maybe these aren’t requests: maybe they’re orders.

Now things get tricky.

  • If you agree, border agents can scrutinize and copy your information.

  • If you refuse, border agents can seize your devices and even detain you. The CBP cannot refuse to let a U.S. citizen into the country; however, they don’t have to make it easy, quick, or pleasant. The CBP can refuse entry to both foreign nationals and lawful permanent residents. All of this increases pressure to comply.

  • If you lie to border agents — “Uh, I forgot my password! That’s not my phone!” — you’ve committed a crime carrying a prison sentence of up to five years.

Requests, Orders, and Consent -- You can refuse to disclose passwords or unlock devices. The border agent might say “OK,” and move on to the next part of their inspection. Or, the agent may insist, perhaps suggesting that unlocking devices is in your best interest. If you unlock a device, that may constitute legal consent to being searched. With consent, border agents may search nearly any aspect of a person or their property.

If you refuse a request, border agents can escalate to an order. Agents are sometimes ambiguous about the distinction between a request and an order because implicit consent to a request gives them better legal footing. If in doubt, ask.

You can refuse an order to disclose passwords or unlock or activate devices, but border agents can seize your devices. How long can you go without your phone, computer, and the information they contain? Can you afford to replace them? Agents can also escalate the engagement to include additional officials or even detain you.

Once border agents have a device, they can copy its contents and share the data with other agencies or third parties for interpretation or forensic analysis. If the device is not unlocked, they may attempt to copy and store its data anyway, even if it’s encrypted. After all, if the government gets a password (or has/finds/buys a loophole or flaw in the software protecting the data), they may be able to decrypt it anyway. Same with any encrypted data on an unlocked device.

How long can the government hold on to data or devices? Generally, the CBP is supposed to destroy copies of data and return seized devices within five days, but retention of both can be extended almost indefinitely. Additional data about travelers and searches entered into a system called TECS — formerly known as the Treasury Enforcement Communications System — can be retained as long as 75 years. This may include passwords and other credentials revealed to disclosed agents.

How to Protect Your Data -- If for any reason you don’t want to be put in the position of disclosing your entire digital life to U.S. border agents, you need to plan ahead. If you’re already in line at a border crossing and suddenly decide you want to protect your data, it’s too late.

First, assess your risks, perhaps by making a list of potential problems if your devices were seized or information on them was accessed (and potentially copied and shared) by border officials. For instance, if you rely on your iPhone to manage your boarding passes, lodging, and car rentals — or perhaps use Apple Pay while traveling — having your phone seized by border agents could present a major problem for the rest of your trip.

Worse, if you’re a physician traveling with patient records, an attorney with confidential documents, or a journalist with sensitive information, having the government leaf through your data could represent a huge professional and ethical problem.

Honestly, for most people, the risk analysis stops here. Even people who are tremendously reliant on their smartphones, devices, and social media rarely do anything sensitive. Sure, we might not want border agents reading text messages to our friends and relatives, but it’s not really a privacy disaster if they flip through selfies or uncover a group chat planning a surprise party for the grandparents.

However, if you feel the risks are significant — perhaps you’re party to a high-profile lawsuit, planning a divorce, work with classified information, have data on your device that is legal but perhaps controversial, or have legitimate worries about your status in the current political climate — you can take some steps to protect your data.

  • Take fewer (or no) devices. You can’t be asked to unlock something you don’t have. A colleague who travels regularly between Japan and the United States has stopped carrying any devices at all. Another who does a similar commute from Sweden uses a travel-only phone.

  • Use device encryption. iOS devices have had on-device encryption for most of your data enabled by default for years. On Macs, this means enabling whole disk encryption via FileVault, which has been available since 2011 (for assistance, see “Take Control of FileVault”).

    Then, turn your devices off. A device that’s merely asleep or locked is considerably more vulnerable to having its security compromised than an encrypted device that is fully shut down. This is probably the strongest (and easiest) thing most travelers can do to protect their data — as long as you’re using strong passwords and passcodes (for details, see “Take Control of Your Passwords, Second Edition.”) Do not rely on biometric security like fingerprint readers.

  • Consider migrating some of your data to the cloud. In many cases, there’s no reason you need to carry your data with you on your devices: you can simply upload it to a cloud service — whether iCloud, Dropbox, or some other provider — then delete the data from your device, and re-sync with the cloud provider once you reach your destination. The process might take some time (or involve expensive data roaming charges), but it eliminates the need to physically transport your data over the border.

    There are two main potential problems with this approach. The first is that deleted data on a device can often be recovered via forensic analysis. Just because you delete an item from a device doesn’t mean it can’t be recovered by an expert. Second, border agents may just demand passwords to your cloud accounts. (Remember, lying to border agents is a crime.)

  • Don’t know your passwords. This is perhaps the trickiest option — and takes the most planning — but an attorney I’ve worked with occasionally over the years uses it. When he has had to travel with sensitive information recently, he has encrypted it with a strong password that is too long to remember, and then sent that password in an encrypted note to his own attorney. The result is that if he is asked to unlock the encrypted data, he can truthfully reply that he does not have the password. Further, if officials demand he retrieve the note that could reveal the password, it would be protected by attorney-client privilege.

    You could use a similar approach to passwords used to unlock devices, email, social media accounts, banking information, and more. But doing so requires a great deal of effort and almost certainly needs a trusted third party. (And if that third party makes a mistake, you may lose access to your accounts altogether.) Moreover, border agents may regard it as highly suspicious if a traveler doesn’t know the passwords to their own accounts or devices — and that may increase the likelihood of greater scrutiny or an escalated encounter.

If Your Devices or Information Are Taken… -- If border agents seize your devices, politely insist on a property receipt. If you feel you are being mistreated by border agents or your rights are being violated, politely ask for their names, badge numbers, and agencies of the officers you encounter. Do not be rude, aggressive, or belligerent: it will never work in your favor. Also do not physically interfere with border agents: they can respond with physical force.

Want To Know More? -- This article is just an overview of some issues involved with crossing the United States border with your personal data. Furthermore, I am not a lawyer, so this article should not be construed as legal advice!

Fortunately, there are more-extensive guides to these topics written by real lawyers. If this topic is of particular interest to you, I recommend them highly:

Plus, many of the legal issues surrounding what border agents may and may not search on devices at the U.S. border are still poorly defined, with cases still working their way through courts, and members of Congress introducing potential legislation that would require a warrant before searching digital devices.

The situation is complicated and getting more so all the time. But if you’re at all concerned about the privacy of your data while crossing the U.S. border, it’s best to be prepared before you show your passport or identification.

Will these device searches cause you to change your behavior when traveling? Let us know in our informal Twitter poll, which is open until 25 April 2017. So far, the overwhelming majority have said, yes, it will cause them to act differently.


READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <>
Special thanks to David Bogart, Don Lockhart, James Forslund, and Paul
Michaelis for their generous support!

Comments about Getting Your Devices and Data Over the U.S. Border
(Comments are closed.)

Charles  2017-04-14 14:23
You are making this too hard. We are Mac and iOS users. It is very simple, at least for iPhones.

1. Back up your iPhone to iCloud before approaching the border crossing.

2. Settings>General>Reset>Erase All Content And Settings.

3. Once you pass the border, restore your iPhone.

The only foolproof security measure is to have nothing to secure.
Geoff Duncan  An apple icon for a Friend of TidBITS 2017-04-14 18:25
That'll certainly work for some folks.
What would you do if border agents wanted your iCloud password?
And how easy is that with a 128GB device on hotel WiFi? And how long does it take to restore? Often not returning to home from foreign countries. And why should Border Control agents have so much power? They shouldn't be able to make your life miserable. How much re-accomodating do you want?
Charles  2017-04-15 17:21
iCloud? What's that? Never heard of it before.
Lewis Butler  2017-04-16 16:17
that would probably be considered a lie.

"There is no iCloud account on that device," is not a lie.

"I have many cloud accounts, and they all have passwords I don't know." is also not a lie.

(I know nearly none of my passwords, but of course I need to know my iCloud password). This is my plan for returning to the US later this year if Trump hasn't been removed from office yet.

Step 0: Password vault. All your passwords should be in one. You need to know this password. If the password vault is web-accessible, this is the ONLY password you need.

Step 1: Create a new very secure password for iCloud in your password vault. You will *not* know this password.

Step 2: Now, change your iCloud password to the password your chose in step 1. Copy/Paste it from your vault so that there is no possibility of an error.

Step 3: sign out of iCloud on your phone. This will remove ApplePay as well as all iCloud data. (Safari saved passwords and the keychain will also be removed). If contacts are important to protect, remove them. If not, leave them.

Step 4: remove any other mail accounts, twitter accounts, Facebook accounts, and twitter apps as well as all the social media apps. All of these accounts should already have passwords you do not know stored in your password vault. If not, make sure you change them. You should know *NO* passwords other than your vault password.

Now, you can honestly say for any account they ask about "I don't know those passwords. They are stored on my computer at home." Which is true. You do not have to volunteer they are also stored in a web-accessible vault, if they are.

Think that should cover everything.
Tonya Engst  An apple icon for a TidBITS Staffer 2017-04-19 14:10
For this sort of approach, after you backed up your phone, you could set it up as a new phone and leave it very generic or nearly generic—using a new Apple ID and iCloud account. Now, if you are asked for your iCloud password, give them the one that goes with this account.
Norbert E Fuchs  An apple icon for a TidBITS Benefactor 2017-04-16 08:16
"U.S. border agents have these extended capabilities because courts have held the government’s interest in maintaining border integrity is more important than an individual’s privacy."

In the article and the comments I see only technical solutions to the problem. How about political solutions towards rebalancing personal freedom and border protection?
^^^ THIS.

I am sick and tired of people trying to find technical solutions to what is a legal problem. Essentially the Bill of Rights has gone out the window. I am de facto forced to give up either my privacy or international travel. It's ludicrous.

And trust things to the cloud? LOL. So instead of putting my faith in CBP I should trust a corporation like Google? Never. The only body I want to trust is myself. And that is essentially being prevented by "laws" that require me to hand over passwords to LE or CBP.

Finally, to all those who like to say things like "I have nothing to hide" or "it's just an innocent text, the CBP can read through that" or like in this very article "if a border agent wants to flip through my terrible pictures or the massive list of blocked numbers on my iPhone, I don’t particularly care": wake up people. This is America. We are supposed to be free people. With rights. The State should have to present compelling reasons why I should share something. No matter how innocent, as long as the government cannot show evidence why I should be forced to make something public, it should remain private. How innocent or trivial the content is is entirely irrelevant. And if you're still not convinced because after all you know you've done nothing illegal, well just consider this. CBP will eventually lose that password you gave them, or they'll get hacked. Your password and/or the data they took off that device will eventually fall into the hands of a malicious hacker or the general public. It's just a question of time. Still feeling comfortable now? Exactly. That's why you never should have to hand over anything just for the sake of it or because "I have nothing to hide". Any time you hand over anything, there should be compelling reasons to do so. Since we are free citizens and innocent until proven guilty in as court of law, a CBP agent would pretty much have to see me perform something illegal in front of him to produce such a compelling argument on the spot. In the absence of that, leave me alone or get a court order. That's the way things should be and any sane person born after the French Revolution knows it's true. If things are not that way in reality, we need to change the law to correct the situation. Plain and simple. Unless of course we no longer want to be free citizens.
Adam Engst  An apple icon for a TidBITS Staffer 2017-04-20 10:44
While I understand and agree with the concern about the political problems being expressed here, I think that's also why people look for technical solutions. Technical solutions have one big advantage: they don't rely on what many have come to feel is a government that doesn't have their best interests at heart. Yes, government can be changed, but that's a slow and often bumpy process.

At their core, technical solutions feel as though they allow people to trust only in themselves. That is often, or even usually, not true, given how entwined modern day tech corporations are in their products, but the technical solution still seems to promise that sort of personal autonomy.
I think you make a very valid point, Adam.

I guess I am a bit pessimistic in the sense that I do not believe individuals can ensure their privacy with technical measures alone and stay ahead of government/corporations for a significant period of time.

And as a consequence I see the chase after such solutions are competing for people's time and attention rather than fixing the underlying legal issue. I'd like to see more focus on changing laws and kicking out legislative representatives that do not respect liberty and privacy. I realize that alone won't fix it (and I agree even if we're successful at that we'll still need technical measures), but I'm certain without that fix in the long term we are going to lose regardless of how many gadgets or how smart the algorithms we employ.
Dennis B. Swaney  2017-04-24 23:37
"U.S. border agents have these extended capabilities because courts have held the government’s interest in maintaining border integrity is more important than an individual’s privacy."

These are the same courts that say we can't deport the illegals! Thus non-citizen illegal entrants are protected but legal U.S. citizens are not.
Jolin Warren  An apple icon for a TidBITS Supporter 2017-04-25 06:46
I think technical solutions are the only realistic method. Maybe there will eventually be a political solution in the US. But what about all the other countries that have similar or worse rules about the ability of border agents to search, seize, and demand information? Better to be prepared and minimise the data you're travelling with (and know), than wait for some globally-applied travellers' rights bill.
Frans Moquette  2017-04-16 17:52
So this is what the US government considers to be protecting ''Life, Liberty and the pursuit of Happiness"?
I am so glad I live in The Netherlands!
Exactly. Growing up in the US during the Cold War we learned that we were born free. We had rights. Government was here to serve us and protect these individual rights granted to us all through birth alone. The places where people could be searched without reason, where warrants and court orders weren't required, where people could be assumed guilty by default, that was the totalitarian world. The "others", or "those countries". We were free.

And now look at this post-9/11 world we have created. We in the US should be going absolutely bonkers that we have essentially become like "those countries". We should be going nuts that we have given up our freedom and our birth rights. But instead we have half the population vote for idiots, and the other half split between those trying to rationalize (as if freedom could be sacrificed for security) and those trying to find technical solutions as if they seriously believed they stand the slightest chance against the technical capabilities at the disposal of the US government.

Indeed, lucky you live in a country (I lived in Groningen for a while, loved it apart from the weather) where instead of talking about freedom, people are actually still free. I hope we one day aspire again to lead that camp rather than just delude ourselves into believing we are still part of it.
Ian Orchard  2017-04-24 20:32
A lot of data can be stored on a microSD card that can be concealed in a thousand places in the average travellers luggage or clothing (or camera). The only hassle would be having to carry an iPhone dongle to access the info once you are thru Customs/Security.
On MacBooks there would also be the option of invisible partions that few if any front line Security oinks would even think to look for.
What is so frustrating about this appalling charade is that real terrorists would be very difficult/impossible to spot if they got even halfway serious about concealing their intentions.
Geoff Duncan  An apple icon for a Friend of TidBITS 2017-04-24 20:46
It's worth noting that if you are singled out for special attention, those third parties and forencis tools that border agents can use on your devices are likely to pick up hidden partitions and the like. Even if that data is utterly innocuous, just having those partitions can look fishy.

Plus, if border agents ask "do you have any data hidden on this device or in your possessions?" and you say no…you've just lied.
Suzanne R Brown  2017-04-24 20:59
Oh for heaven's sake! Whether or not one likes Trump, I can promise you that he is not going to issues an executive order that all devices must be searched extensively at all borders. It would bring going through Immigration and Customs to a total halt as nearly every single passenger has at a minimum a smart phone, including many children.

If ones name is tagged in the computer check of passenger manifests, then one may be put through a significant process entering the country, but there is usually a very valid reason for this. My son travels internationally for business on a regular basis and has never had this happened to him. Yes, he's white and a native US citizen. I have no idea if it would be the same if he appeared to be of Middle Eastern origin.

What I DO know is that traveling with a medical device has become more and more difficult. I use a percussion vest and a nebulizer. If it's a long flight I will need to use my nebulizer while on board, which is allowed, so it cannot go in checked luggage. The percussion vest has become a problem. According to the manufacturer, it cannot go in checked luggage - even gate checked. Medicare paid $16,000 for this device so I must be very careful with it! The ADA allows a medical device, one carry-on and a personal item to be carried on the plane. Unfortunately, this does not apply to overseas carriers as I discovered two weeks ago when my flight from Detroit to London was cancelled and I was re-booked by Delta on a flight to Amsterdam and then a BA flight on to London. I had a signed letter from my doctor saying I needed both devices but would not be using the percussion vest on the flight. I was told that I either had to check my carry-on (with all my meds in it and yes there were far more than would fit in my handbag), or the percussion vest. After much arguing at the gate, the agent finally allowed me to take both on board. I doubt if she would have if I hadn't been in First Class.

Even when checking in at my local small city airport, Airport Security pulled me aside and asked if I took heart medication. No, lots of meds but no heart problems. They then told me that my percussion vest showed traces of nitroglycerin on it and they were considering calling the bomb squad and blowing it up! It lives in my basement, under a table on which I have my computer - no explosives, gun powder or any other such things in my basement -just a lot of dust. I'm a 73 yr old white, upper middle class woman but I got the full pat down from a very embarrassed Airport Security woman agent. I was finally allowed to go to the gate and board my flight to Detroit. Imagine if they had blown up my percussion vest! I would have to have postponed my trip until Medicare approved a replacement, if they even would!

Again, at Heathrow, I was given the full pat down - this time it was due to an underwire bra - guess I'll go braless on my next flight!

I have no problem with Airport Security being zealous - I WANT them to be - but a bit better training might be in order. These are problems encountered daily by passengers, not this ridiculous 1984 stuff about our electronic devices.
Geoff Duncan  An apple icon for a Friend of TidBITS 2017-04-25 12:06
I agree traveling with medical devices can be tremendously difficult. An acquaintance travels occasionally with a CPAP machine and almost always has a hard time. I'm sorry that your travels have become more difficult.

I'm sure in many cases CBP has valid reasons for searches they conduct. In at least some cases, however, it appears they may have no reason other than random selection.

My personal experience would seem to indicate the selection can be less-than-random. I'm a white American male, my criminal record consists of two parking tickets. I vote, I turn up for jury duty without complaint, I pay all my taxes (with some complaints). I have been granted (low level) security clearances to work on select federal and law enforcement projects since I was 22.

Over the last 20 years, I have have been stopped and searched when re-entering the US from Canada probably two times out of three. On three occasions this has included partial disassembly of the vehicle I was riding in. On two occasions CPB threatened to seize property, including my vehicle. In the last five years, each time I was stopped I have been asked to unlock and grant full access to my digital devices. On one occasion (returning from Mexico) I was detained for about six hours while CBP took away my devices for inspection. One (a MacBook) was returned damaged.

Am I suspicious because I'm a musician? Because I can program a computer? Because I write articles like this one? Who knows.

I agree Trump isn't going to sign some executive order requiring contents of all digital devices be thoroughly searched at the border. But, for some people, this isn't "ridiculous 1984 stuff."
The problem with this type of policy is that it doesn't work, except with not very clever terrorists. Anyone with a good education in computer science or computer engineering can hide stuff on a laptop ranging from difficult to impossible to find.
I think you are absolutely right.

Unfortunately, this seems to fit a more general pattern when it comes to recent changes in regulation, not just air travel. It appears nobody is tasked with proving or at least investigating efficacy of these measures before they are put in effect. While they inconvenience millions of law-abiding citizens, they offer questionable or no beneficial outcome at all.

In my book, it should be the other way around. The only reason to impinge of the rights of innocent and free citizens is if it allows you to achieve a benefit for those citizens which no other approach could deliver. Yet here we are, punishing regular citizens while the actual bad guys are neither discovered nor hindered. But yeah, let's continue to focus on 3 oz bottles, social media accounts, and other kabuki that does absolutely nothing to actually protect people.
DavidB  2017-04-25 13:06
I don't have an iCloud, Facebook, Twitter, or any other online/social media account.

What if they don't believe me when I tell them there is no passsword because there is no account?
Geoff Duncan  An apple icon for a Friend of TidBITS 2017-04-26 14:28
Most likely you'll be fine. Worst case, in theory CBP could seize your devices to conduct a more-thorough examination of them. When they find there are no cloud accounts associated with them—and presumably are unable to find any such accounts independently—they've pretty much got to believe you and return them, You didn't hide anything, you didn't lie. But if for whatever reason they do not believe you, it is possible (if unlikely) you'll be without your devices for a while.
Richard A Mageau  An apple icon for a TidBITS Contributor 2017-04-25 15:57
We lived exactly two miles from the border for ten years, on the Canadian side. We crossed hundreds of times to visit, shop and eat. We now live in Ecuador, travel to Canada frequently, usually stopping off in the US. NOw, we make it a point NOT to stopover and we do not visit the US any longer.Thiis is sad, as we like the people and the country Lot, but we will not be subjected to the paranoia rampant in this once great country
Marco Peterson  2017-04-26 08:01
These oppressive overreaching policies, especially towards non-US citizens are exactly why I (sadly) canceled my October 2017 holiday plans to USA and am now traveling through China and Malaysia instead. Not worth the risk of being turned around at US airport because some amped up border guard is having a bad hair day. One day when the cold war soviet regime is gone from USA and sanity returns... I hope to visit you guys one day.