RRM Law Office
Book Online

Blogs

Home > Blogs

TRAVELING TO THE US? PROTECT YOUR DATA

Immigration law

14 Apr

Throughout March 2025, reports have surfaced about immigration officers denying entry to travelers at US borders, including permanent residents and visa holders, based on content found on their electronic devices such as smartphones and laptops. Travelers are being turned away as part of an aggressive new border strategy.

 

Immigration officers are asking travelers to turn in their electronic devices for review before being granted entry into the country. While refusing an officer's request to access your devices will almost certainly lead to denial of entry, the issue raises significant concerns about privacy invasion.  Depending on your particular circumstances, you might try to opt out of a search, but there are potential consequences. Customs and Border Protection (CBP) can ask to search and even confiscate your electronic devices upon your impending entrance to the United States.

 

Although official data from the CBP indicates that only a small percentage of travelers' devices were searched in 2024 (around 47,000 devices out of the 420 million people who traveled to the US), testimonies from travelers suggest that this practice has increased significantly since the Trump administration took office.

 

This policy has not only been limited to those on tourists visas, but also green card holders, who are permanent residents in the US. The CBP may align with the Federal Bureau of Investigation (FBI) or local police departments to open domestic investigations.


The recent rise in border denials has prompted several countries to release updated travel warnings.

- Countries like France, Germany, Denmark, and Finland, along with others, have issued travel advisories to their citizens regarding trips to the United States. 

- Countries like Uruguay and Japan have released warnings about traveling to the US because of the widespread gun violence and hate crimes. 

- Germany, Canada, and the United Kingdom, which are major sources of tourists to the US, have also issued international travel advisories.


While no visa guarantees entry to a country anywhere in the world, new border policies have been surprising to tourists seeking to enter the US. This has especially been the case for permanent residents and those holding Electronic System for Travel Authorization (ESTA) visas, which are part of the US Visa Waiver Program.

 

The device search can be either manual, where CBP agents physically go through your phone, or conducted using forensic tools. Steps that can be taken to make a device search more difficult for CBP officers and better to safeguard your data.

- Experts advise that the most effective approach is to plan in advance. 

- The Electronic Frontier Foundation (EFF) suggests that travelers should, prior to their journey, prepare as though they will be subjected to secondary screening, during which they may be asked to surrender their devices. 

- If you agree to the search, the EFF advises that you unlock the device yourself by entering your password, and refrain from sharing your device password with the agents.

- you should determine whether you will comply with border agents' requests or choose to refuse. It is  important to note that even if you don't surrender your password, agents have access to various tools that may allow them to unlock your device. (It is important to keep in mind that even if you decline to provide consent, your device could still be seized.)  If CBP officers seize your device, request a property receipt to document that your device is in their possession.

- Ensure your password is strong by creating a long combination of numbers, letters, and symbols, with a total of nine to twelve characters. There are several websites available that can help you generate a robust password. 

- The EFF also advises disabling biometric unlock features, such as Face ID and fingerprint recognition, on your devices. These methods make it simpler for officers to access your devices.

- Avoid wiping your phone clean as a precautionary measure. While the uncertainty of what information might lead to a denial can make a full wipe tempting, such an action could make you appear more suspicious.

- The EFF recommends selectively deleting data or messages on your phone that you prefer not to have accessed.

- Ensure that you delete your data securely, which includes clearing all deleted files from your trash as well.

- Another recommendation is to delete certain apps entirely that you don't want to be searched, like WhatsApp or social media apps. (However, be aware that metadata may still reveal that an app was once installed on the device)

- The most crucial step you can take is to encrypt your device’s data. Encryption helps protect your data, but it can be bypassed if someone can easily access your device. A strong password ensures that unauthorized individuals cannot easily unlock your device and gain access to encrypted data. If your password is weak or easily guessable, encryption won't provide much protection. Most recent versions of iPhones and Android phones automatically encrypt data (check your settings to ensure this option is enabled).

- Many devices offer biometric unlock methods (like fingerprint scanning, facial recognition, etc.) for convenience. However, these can be less secure than a strong password, especially if the technology can be fooled or bypassed. If you're relying on encryption for security, it's important to disable biometric unlock features to prevent unauthorized access via methods that could be less secure. 

In short, even if your device is encrypted, it’s only fully secure if it’s protected by a strong password, and you should avoid using potentially less secure biometric methods for unlocking the device.

 

Laptops require a different approach when it comes to encryption. You will need to use a specific tool, such as FileVault for macOS or BitLocker for Windows, to encrypt your device.

 

RRM Law can help by providing legal guidance on data privacy, cybersecurity, and encryption-related matters. They can advise on compliance with data protection laws, such as GDPR or CCPA, and ensure that your business or personal use of encryption meets legal requirements.

 

Additionally, they can assist with drafting contracts, reviewing agreements with encryption providers, and representing you in cases involving data breaches or cybersecurity issues. RRM Law can also help navigate regulatory compliance for industries that require specific encryption standards, ensuring that your data practices are legally sound.

Speak with an experienced attorney  today. Call (905)798-3776