U.S. customs authorities have assigned themselves the authority to copy all data on your laptop or other electronic device when you cross a U.S. border. I wrote about this policy last year.
Now, customs authorities in Canada (and other countries, especially the U.K.) are getting into the act. I've received reports from several sources (among them from J. J. Luna, author of the classic How to be Invisible) describing intimidating encounters at the Canadian border. Luna reports that after being routed into a secondary inspection queue, customs officials forced him to reveal the passwords to his two laptops and USB flash drives. Then, they disappeared with these devices in hand for nearly an hour, presumably to copy and inspect them.
Your smart phone may be subject to the same type of inspection, and all your photos, text messages, online searches, and calling records copied onto a customs database.
To avoid a border inquisition, the best precaution is not to carry any electronic device across an international border. For most people, this isn't practical, so the next-best strategy is to carry only "sanitized" devices.
For instance, I have a laptop I use only for international travel. There's nothing on it except for the operating system and program files. I also have an "unlocked" cell phone I use only for international travel. When I arrive in a new country I purchase a domestic SIM card from a local phone dealer. This not only protects your privacy at the border, but also insures your domestic carrier has no record of your international calls. And, it eliminates roaming charges.
If you do carry your cell phone across the border, delete any photos or text messages you feel to be even remotely controversial, and then reset it to factory settings. You can find instructions for doing so at http://www.master-reset.com.
What if you need access to confidential data while traveling internationally? One option is to upload a zip file containing your data to a commercial backup service, such as Carbonite (http://www.carbonite.com). Be sure to encrypt the data before upload it, using a product such as PGP Whole Disk Encryption (http://www.pgp.com) or True-Crypt (http://www.truecrypt.org).
Another option is to send an encrypted USB flash drive to your destination via courier, and send it back via courier when you're ready to return home. I've done this several times without any problems.
If you must travel with confidential data across a border, you should encrypt all the data on your laptop or USB flash drive, including the hard disk itself, again using a program like PGP Whole Disk Encryption or True-Crypt. However, customs officials may demand that you decrypt any encrypted files before they allow you to proceed. If you refuse, you might be detained until you agree to decrypt the laptop for inspection. You could even be placed on a blacklist and denied re-entry to that country.
One possible solution is that True-Crypt lets you type in a special access code that provides access only to part of your hard drive. The remainder of your data remains protected in a hidden hard disk partition. But it wouldn't surprise me if customs officials begin using software that can detect the hidden partition, and demand access to it as well.
Have customs officials demanded access to your electronic data at an international border? Share your experiences as a comment!
Copyright © 2010 by Mark Nestmann
Great and timely article Mark! I'm going to Canada next month to open a bank account there. Will bring an old clunker notebook with nothing on it, especially Sovereign Society files! Emails and needed data is on a secure offshore server.
Posted by: A Sovereign Person | January 14, 2010 at 07:37 PM
> But it wouldn't surprise me if customs
> officials begin using software that can
> detect the hidden partition, and
> demand access to it as well.
> customs officials begin using
> software that can detect the
> hidden partition, and demand access to it as well.
Actually main point of TrueCrypt is to exactly prevent this. If you are using hidden partitions, rest of partition space, including those used to store "real" partition appears as if there's nothing there. (Appears as free space) You can even accidentally corrupt partition for real OS if something happen to write to that part of the disk while your secondary OS. It would be extremely difficult if not impossible to detect such partition as TrueCrypt store those space as pseuedo random numbers without no signatures that such partitions exist beside your secondary OS.
Posted by: GNU Privacy Guard Kouza | January 15, 2010 at 04:23 PM
That was inspiring,
This is very helpful as i have stuff on my computer that i wouldnt like to get copied and put on file,
Thanks for bringing this up
Posted by: software development in london | January 18, 2010 at 08:46 AM
This seems to be a safe way to protect your data from getting into the wrong hands.
Posted by: Cheap Computer Canada | March 28, 2010 at 08:10 AM