Finally, Wessler recommends that travelers make sure they update their operating systems on both laptops and phones before crossing the border. This is because CBP could, in some cases, use tools such as celllebrite or graykey to exploit vulnerabilities not eyelids on those devices, accessing them without the user unlocking them. “It may be that if your operating system is outdated six months, your device is vulnerable,” says Wessler. “The newest version may not be.”
Keep passwords secret
This is the difficult part. American citizens cannot be deported for refusing to give up passwords for social media accounts or encrypted devices, says Wessler of ACLU. That means that if it remains firm and does not reveal passwords or pins, it can be stopped and its confiscated devices, even sent to a forensic installation, but will eventually pass with its privacy much more intact than if you disclose secrets. “They can confiscate their device, even for months while trying to break,” says Wessler. “But you’re going to get home.” (Despite the impressive Trump administration treatment in some cases of foreign permanent residentsThis protection also applies to green card holders, says Wessler.)
However, keep in mind that denying access to customs officials can drive at least hours of uncertain detention in a desolate CBP office without windows. In some US airports and in several states, judicial decisions have put limitations and restrictions In what CBP officials can do to access their devices, but there is little guarantee that these restrictions will be followed in practice if border agents have their computer or telephone in their custody without supervision.
In general, the CBP contours Two types of device searches: basic, where a “manually” officer checks the content of a device; and an advanced search where a device is connected to external equipment and its content can be reviewed, copied or analyzed. The last search requires a “reasonable suspicion” of a crime, says CBP. The agency’s official guide prevents people from being required to deliver passwords, avoiding the problem by saying The devices must be presented “in a condition that allows the exam.”
“If the electronic device cannot be inspected because it is protected by an access or encryption code or other security mechanism, that device may be subject to exclusion, detention or other appropriate action or disposition,” says the online agency.
For non -Americans who come to the US. In a visa or from a country of Waiver de Visa, Wessler warns that they face a much more marked dilemma: they refuse to give up an access code or pin and can be denied input. “There is a very practical evaluation that people have to do about what is most important for them,” he says. “Entering the country but sacrificing privacy or protecting its privacy, but risking that it can be turned around the border.”
Minimize the data it carries
For the most vulnerable travelers, there is a clear solution to that dilemma: the best way to keep customs away from their data is simply not traveling with him. Instead, such as Lackey, configure travel devices that store the minimum confidential data. Do not link those “dirty” devices to your personal accounts, and when you have to create a linked account, as with an Apple ID for iOS devices, create new usernames and unique passwords. “If you request access and cannot reject, you want to be able to give them access without losing confidential information,” says Lackey.
(Social networks accounts, without a doubt, cannot be abandoned so easily. Some security experts recommend creating secondary characters that can be offered to customs officials while maintaining a more sensitive account in secret. But if CBP agents link their identity with an account that tried to hide, the result could be a longer arrest and, for non -citizens, even the denial of entry)).