Recently, there has been a surge of scrutiny regarding the treatment of travelers at U.S. entry points, especially concerning thorough inspections of their electronic devices. In some instances, travelers have faced denial of entry based on data found during these searches. It is crucial for travelers arriving in the United States to recognize the possibility of being detained for a device inspection, which may include requests to analyze phones, laptops, and other gadgets.

This situation raises significant privacy questions regarding the data on these personal devices, yet the answer to whether or not to comply with such searches is not straightforward. Below are insights on how to safeguard your digital privacy when traversing U.S. borders.

Are Border Agents Allowed to Inspect My Devices?

U.S. Customs and Border Protection (CBP) has historically enforced the authority to examine electronic devices at the U.S. border without warrants. These regulations have seen modifications over the years. Until 2018, CBP policies allowed agents to randomly examine any device, regardless of whether they had reasonable suspicion about the traveler.

A new directive implemented in January 2018 limited such searches to what they termed “basic” or manual inspection. This involves simply navigating through a device, but for “advanced” forensic searches—those requiring specialized tools to analyze the data—agents must possess a reasonable suspicion. However, the rule allows for a “national security concern” exception for advanced searches.

The landscape is further complicated by varying court decisions across the U.S. regarding border searches, as highlighted by The Verge. As such, the permissibility of basic versus advanced searches may differ depending on where you enter the U.S.

As articulated by the Electronic Frontier Foundation (EFF), even a basic search is an invasion of privacy. Through this method, sensitive information like personal notes or financial records could be inadvertently exposed.

What options are available to travelers? U.S. citizens are entitled to enter the country even if they decline to disclose their device’s passcode; however, CBP may temporarily detain them, or they could seize the device for extended periods. Lawful permanent residents share similar rights, but individuals on temporary visas may face denial of entry if they refuse a search.

Furthermore, law enforcement may insist on unlocking devices using biometric methods, though they cannot compel the use of a password or access codes.

What Changes Have Occurred?

Reports indicate that travelers, including those with valid visas, have increasingly encountered instances of being detained or denied entry into the U.S. According to EFF senior attorney Sophia Cope, the aggressive stance of CBP regarding device searches has consistently been a hallmark of the agency, suggesting stability in policy despite recent news.

However, there appears to be heightened scrutiny, particularly aimed at non-citizens. Cope notes that the government is increasingly more likely to inspect devices and deny entry to individuals who hold visas.

Moreover, device inspections have shown a steady increase over the years, except for occasional fluctuations. In the fiscal year 2024, for instance, CBP executed 47,047 device inspections, of which 4,322 were detailed forensic analyses—surprisingly, most inspected devices belonged to non-citizens. This represents a minimal percentage of international arrivals, yet it is a marked increase from the previous count of 19,051 searches in fiscal year 2016.

Assessing Your Risk

Travelers are advised to evaluate their risk of being subjected to a device search prior to attempting a crossing. It’s beneficial to make a decision regarding compliance with a secondary inspection before facing the stressful situation at the border.

Factors impacting risk can vary and include personal circumstances, alongside technical details related to the devices and data carried. Immigration status is critical; for U.S. citizens, a secondary inspection might delay travel but isn’t typically a barrier to entry. Yet, declining a device search can lead to temporary loss of access to data or retention of essential devices. Conversely, non-citizens may face entry denial if their device content is contentious, while green card holders could have their lawful status questioned based on actions at the border.

Social and legal histories, along with one’s comfort level with confrontations and personal beliefs about privacy, also significantly inform risk assessment. The nature of data stored on devices—confidential or sensitive information—along with available backup solutions plays a role as well.

A range of additional considerations is paramount when determining your risk level:

• Your travel history

• Your encounter history with law enforcement

• Your willingness to confront authority

• Your views on privacy

• The sensitivity of the information on your devices (such as healthcare data or confidential sources)

• Your need for data while traveling and backup plans for potential data loss

• Internet availability during travel to access cloud services

• Ownership distinctions between personal and work devices

Strategies to Ensure Your Digital Privacy

Regardless of the risk level, an effective strategy to enhance privacy is to minimize the volume of data carried across borders.

The EFF recommends that travelers leave unnecessary devices at home. Selective data deletion, particularly of sensitive materials, is advisable, as is storing files in the cloud for later retrieval post-border clearance. Logging out of applications and browsers accessing cloud-based services and removing any saved credentials can also reduce risk.

Another option is acquiring a secondary device preloaded solely with essential information for travel purposes; however, this might be impractical due to costs or the difficulty of managing additional equipment. Furthermore, using a device devoid of content may raise suspicions during a search.

Backing up personal information and employing full-disk encryption on devices secured with robust passwords is crucial. Disabling biometric access and powering down devices before reaching the border can thwart high-tech monitoring attempts. Detailed instructions on device encryption and effective privacy practices can be found in a helpful guide by The Intercept here.

If a search occurs and a password entry is necessary, it is recommended to input it personally rather than providing the information directly to an agent. Changing this password upon the device’s return is also wise for additional security.

Finally, while it may be tempting to erase the device entirely, doing so may appear suspicious, and increasingly, attempts to conceal or hide information could be construed as providing misleading information to border agents—an act that could have serious legal repercussions.