back to article Canadian bloke refuses to hand over phone password, gets cuffed

A 38-year-old Canadian citizen has been arrested for refusing to hand over his smartphone's password to border agents. Alain Philippon, of Sainte-Anne-des-Plaines in Quebec, arrived at Halifax international airport in Canada from the Dominican Republic on Wednesday – and was selected by the Canada Border Services Agency for …

  1. JDX Gold badge

    CAN$25,000 (US$19,900)

    This WAS a UK website last time I checked.

    1. diodesign (Written by Reg staff) Silver badge

      Re: CAN$25,000 (US$19,900)

      Most of our readers are in North America.

      C.

      Edit: Downvotes? The British are coming! The British are coming!

      1. Anonymous Bullard
        Trollface

        Re: CAN$25,000 (US$19,900)

        That explains the dumbing down.

      2. Anonymous Coward
        Anonymous Coward

        Re: CAN$25,000 (US$19,900)

        "Most of our readers are in North America."

        I'd noticed the quality of the commentariat declining with the increasing volume. Perhaps you could all decamp to the US if that's your chosen location, and clear the way for a UK focused tech site?

        1. Anonymous Coward
          Anonymous Coward

          Re: CAN$25,000 (US$19,900)

          "...clear the way for a UK focused tech site?"

          I'm American, but I thought the British took pride in.... https://twitter.com/DailyMailTech

          BTW, Indian Jones might die...?

          http://www.dailymail.co.uk/tvshowbiz/article-2981920/Harrison-Ford-rushed-hospital-critical-condition-crashing-vintage-plane-golf-course.html

          1. Steve Davies 3 Silver badge
            Coat

            Re: CAN$25,000 (US$19,900)

            No one on the right side of the 'pond' believes what that comic (formerly known as the Daily Mail) says.

            Their headlines are straight out of the drawer marked 'National Enquirer rip-offs'.

            mines the one with a copy of the London Gazette in the pocket.

          2. Captain Scarlet Silver badge

            Re: CAN$25,000 (US$19,900)

            The Daily Mail doesn't have Hagar the Horrible!

      3. diodesign (Written by Reg staff) Silver badge

        Re: CAN$25,000 (US$19,900)

        Guys, I did add a £ conversion. We still love you.

        C.

    2. Nolveys Silver badge

      Re: CAN$25,000 (US$19,900)

      Moreover, the Dominion of Canada is a British colony. Fines there should be expressed in pounds, shillings, pence and beaver pelts.

      1. Hollerith 1

        Re: CAN$25,000 (US$19,900)

        Canada was a Dominion until the British North America Act was patriated to canada from the UK Parliament about 20 years ago. Although I think beaver pelts (with martin and coyote and bison and bear) would make an awesome currency. if bulky.

      2. Anonymous Coward
        Coat

        Re: CAN$25,000 (US$19,900)

        Moreover, the Dominion of Canada is a British colony.

        I love the Canadian national anthem.

        Fines there should be expressed in pounds, shillings, pence and beaver pelts.

        Nice beaver.

        1. Midnight

          Re: CAN$25,000 (US$19,900)

          I love the Canadian national anthem.

          That's the old national anthem. The new one is much better.

    3. Anonymous Coward
      Anonymous Coward

      Re: CAN$25,000 (US$19,900)

      Well, Flagfox gives the server location as the UK....could be spoofed though?

    4. Sarah Balfour

      Re: CAN$25,000 (US$19,900)

      Where ya getting ya conversion rates, anyŵay…?! CDN$25,000 is (very roughly) $20,000 US.

      At the minute to convert from $s (US) to £s, simply divide the amount by 3 and multiply by 2. There are, very roughly CDN$2 to the £.

      Exact rates (to 3 sig figs):

      £ to $ = $1.52

      $ to £ = £0.66

      £ to CDN$ = CDN$1.90

      CDN$ to £ = £0.53

      Now quit yer bellyaching.

      SJ: Doing the hard work, so others can STFU and quit their whinin'! Shut yer pieholes!

      Kieran, it stands to reason the Reg would have a larger North American readership - what's the population of North America compared to Blighty…?!

      Yes, I'm grumpy coz it's early, and there's no fucking WAY I'm drinking Nescafé! Nestlé is the most evil company on Earth (did you hear that its president - whose name I can't remember - believes that water should be a chargeable commodity, and not a basic human right…? Cunt! He'll be saying that nobody is allowed to breathe, unless they're breathing Nestlaire, next! I wanted to have a rant on the coffee pod thread, coz someone admitted to owning a Nespresso machine. Luckily for him, News360 went screwy).

      I don't like Nestlè very much.

      1. People's Poet

        Re: CAN$25,000 (US$19,900)

        @ Sarah Balfour Buy yourself some of these (available in Tesco) and calm down woman! PS. Instant coffee is vile and should only be used for people you don't like!

        http://www.amazon.co.uk/Lyons-Coffee-Bags-Break-bags/dp/B009YXLY5O?SubscriptionId=AKIAIQWHH4HRPK7LRQTQ&tag=ip-bd-21&linkCode=xm2&camp=2025&creative=165953&creativeASIN=B009YXLY5O&ascsubtag=Lyons000Coffee000Bags

      2. e^iπ+1=0

        Re: CAN$25,000 (US$19,900)

        "Where ya getting ya conversion rates, anyŵay…?! CDN$25,000 is (very roughly) $20,000 US."

        Not sure what the fuck this CDN you're on about is, personally (for legacy reasons) I've still got things like CADUSD=x, GBPCAD=x in various lookup tables.

      3. heyrick Silver badge

        @ Sarah

        Upvote for epic rant. Seriously? He thinks WATER should be a chargeable commodity?!?!?! WTFingF?

    5. JDX Gold badge

      Re: CAN$25,000 (US$19,900)

      Oops, I seem to have hit a nerve.

  2. JeffyPoooh Silver badge

    This is a trivial 'software requirements' problem

    ...

    17 - To unlock your device, enter your passcode on the lock screen.

    18 - To appear to unlock your device, enter the secondary passcode (3968 or "F YOU") on the lock screen. The device will minimally unlock, allow access to a limited list of harmless data-free apps and only genuine-looking sample data. This will satisfy any legal requirement for unlocking your device while not actually unlocking your private data.

    ...

    Over to you Google and Apple.

    1. Charles 9 Silver badge

      Re: This is a trivial 'software requirements' problem

      Only trouble is some of the plods aren't stupid. They'll just turn around and go, "OK, now give us the other password. You know, the one that reveals where the REAL contraband is located." Which poses a problem if you're honestly NOT using a hidden volume.

      1. Oninoshiko

        Re: This is a trivial 'software requirements' problem

        except that they can't prove that there IS another password. Truecrypt does exactly this.

      2. Anonymous Coward
        Anonymous Coward

        Re: This is a trivial 'software requirements' problem

        @Chas9

        Presumably they're looking for child porn (they seem to be preoccupied by that subject matter). So, i.a.w. The Art of War, we have yet another false passcode that opens up a stock collection of Granny porn (elderly ladies without clothing). Perfectly legal in most Western jurisdictions, and such an image collection would immediately terminate the border inspection proceedings and you'd be on your way. Hopefully it would also cause some gentle mental trauma to the border inspector to curb their future curiosity.

        1. Gordon861

          Re: This is a trivial 'software requirements' problem

          No reason why the software to set up an extra pin number shouldn't allow for as many pins/accounts as the phone has memory. The front end would just ask for a pin and then open the relevant hidden account.

          1. Charles 9 Silver badge

            Re: This is a trivial 'software requirements' problem

            One good reason. Unlimited panic PINs means unlimited chances for the border patrol to use the rubber hose.

            "What's the REAL password?"

            "Now what's the REAL real password?"

            "Now what's the REAL real real password?"

            Remember, you're not technically IN the country until you pass the border patrol. And they don't run on a time limit.

        2. Charles 9 Silver badge

          Re: This is a trivial 'software requirements' problem

          "So, i.a.w. The Art of War, we have yet another false passcode that opens up a stock collection of Granny porn (elderly ladies without clothing)."

          While legal, border agents may see it as a deliberate attempt to hide something illegal. And since they're not working with a time limit, they can just slam the lid, confiscate it for further review, and send you to the silent room while they call for the old veteran to take a crack at it (since the veteran is likely an old man himself so wouldn't be so repulsed by granny porn). Well, either him or an astigmatic or far-sighted man (meaning he's wearing glasses to read things up close and can take them off when needed to make everything look like a blur).

      3. Anonymous Coward
        Anonymous Coward

        @Charles 9: Re: This is a trivial 'software requirements' problem

        Burden of Proof is on them, not you.

        And Innocent until proven guilty isn't the proper saying contrary to popular belief.

        The correct grammar version is: Innocent unless proven guilty.

        The former implies that you were guilty the whole time and it's only a matter of time until they convict you; maybe this is the reason why we have so many idiots that let the government do this in the first place. If we had an intelligent public, we'd wouldn't be in this mess at all.

        1. Anonymous Coward
          Anonymous Coward

          Re: @Charles 9: This is a trivial 'software requirements' problem

          > The correct grammar version is: Innocent unless proven guilty.

          That was before Tony Bliar.

          Nowadays if at first you cannot be found guilty, they'll just keep trying.

          1. This post has been deleted by its author

          2. Anonymous Coward
            Anonymous Coward

            Re: @AC 21:04: This is a trivial 'software requirements' problem

            "Nowadays if at first you cannot be found guilty, they'll just keep trying."

            I'm still facepalming at the gullible stupid public for voting that PM in; easily the worst PM since Thatcher. (whom we hated for different reasons)

            Now it seems that whoever we get is hell-bent on destroying whatever privacy we have left, and the worst of it is that joe public doesn't seem to care or even want to care; we're circling the drain, I'm just wondering when they'll wake up and kick the government out, hook or by crook.

        2. Charles 9 Silver badge

          Re: @Charles 9: This is a trivial 'software requirements' problem

          Actually, because you're not technically IN the country yet, IIRC, international law applies, and that has no presumption one way or the other. The Border Patrol can simply deny you entry, so the ultimate burden of proof is on YOU because they're not REQUIRED to let you in.

          1. Anonymous Coward
            Anonymous Coward

            Re: @Charles 9: This is a trivial 'software requirements' problem

            > Actually, because you're not technically IN the country yet

            I should point out that almost always, customs inspection points are in the country concerned¹ so you are already subject to their laws. I found out the hard way.

            ¹ There are some exceptions such as EU customs checkpoints in Morocco, but extra-territoriality does not apply to airports, contrary to common misconception.

            1. Charles 9 Silver badge

              Re: @Charles 9: This is a trivial 'software requirements' problem

              "I should point out that almost always, customs inspection points are in the country concerned¹ so you are already subject to their laws. I found out the hard way."

              Although they ARE, strictly speaking, IN the countries in question, as far as inbound people are concerned, you are in a legally-designated Port of Entry. These are subject to special rules which means you are NOT allowed certain protections under the law YET (that's covered by International Law regarding travel).

        3. Anonymous Coward
          Anonymous Coward

          Re: @Charles 9: This is a trivial 'software requirements' problem

          AC "Innocent unless proven guilty."

          Google: three felonies a day

    2. Mark 65

      Re: This is a trivial 'software requirements' problem

      Although not terribly convenient, just perform a device reset before entering country then after you've passed through customs and out the other side just enter your cloud account details and re-sync. Upside is they get a blank device, downside is you need to spend ages in McDonalds or Starbucks.

  3. Interim Project Manager

    Hidden TrueCrypt volumes

    "That's why things like TrueCrypt with hidden volumes were invented."

    The point is you shouldn't need to hide it. Why should they be able to just look through whoever's personal files they feel like, without any reason. Of course it is keeping us safe from terrorphiles so it's ok.

    Also what do they hope to achieve by doing so, and having a cursory browse of someone files. That the person will be travelling with an entry in their contacts for 'Terrorist Bob- Sleeper Cell Leader'. Or a file on their desktop called 'Secret Hijacking Plans'. Border security is ridiculous - airport security in particular.

    1. druck Silver badge
      Facepalm

      Re: Hidden TrueCrypt volumes

      Given that some twunt posted on Facebook he was about to make an armed raid on Tesco, someone may be that stupid.

      http://www.bbc.co.uk/news/uk-england-norfolk-31747012

      1. Doctor Syntax Silver badge
        Happy

        Re: Hidden TrueCrypt volumes

        For the benefit of the majority of ElReg readers: Tesco is a UK supermarket business.

        1. Anonymous Coward
          Anonymous Coward

          Re: Hidden TrueCrypt volumes

          For the benefit of the majority of El Reg, the UK is a small island nation to the right of you on a map just past the big bit of water.

          1. cs94njw

            Re: Hidden TrueCrypt volumes

            P.S. We have very little oil.

          2. fruitoftheloon
            Happy

            @Ac Re: Hidden TrueCrypt volumes

            To our cousins across the Pond, NO, I do not know your friend who works in 'a mall somewhere near London' - which was a genuine enquiry from a nice old dear when I was parking up somewhere west of Boston.

            She was genuinely shocked when I pointed out that London (the important one) is actually quite large and a lot of people live there..

            Btw I love the states....

            Cheers,

            J

            1. This post has been deleted by its author

              1. fruitoftheloon
                Joke

                @Symon: Re: @Ac Hidden TrueCrypt volumes

                Symon,

                DUH she hates getting stuck in traffic jams just as much as us commoners....

                Jeez, talk about a daft question!!

                Cheers,

                j

            2. This post has been deleted by its author

          3. Pascal

            Re: Hidden TrueCrypt volumes

            > For the benefit of the majority of El Reg, the UK is a small island nation to the right of you on a map just past the big bit of water.

            I've looked up a map and can't find that place called "You".

            1. Anonymous Coward
              Coat

              Re: Hidden TrueCrypt volumes

              its in a hidden volume

          4. Fruit and Nutcase Silver badge
            Coat

            Re: Hidden TrueCrypt volumes

            "For the benefit of the majority of El Reg, the UK is a small island nation to the right of you on a map just past the big bit of water."

            Here's a map, from the time of Ronald Reagan - don't think much has changed.

            http://kelsocartography.com/blog/?p=2986

            1. Nick Ryan Silver badge

              Re: Hidden TrueCrypt volumes

              Love the map :) Haven't seen that particular one before.

        2. OzBob

          Re: Hidden TrueCrypt volumes

          Gordon bennett, the UKIP membership is strong in this one!

        3. CoolKoon

          Re: Hidden TrueCrypt volumes

          Occam's razor, KISS principle: it's the British Wal-Mart ;)

      2. Madge
        Happy

        Re: Hidden TrueCrypt volumes

        The county was Norfolk...

    2. James 51 Silver badge

      Re: Hidden TrueCrypt volumes

      It's all theatre designed to keep you in your place. There are a number of inherently stupid features of airport security. The absolutely rammed spaced just before security in particular. I would go further in my critique but it would probably be accidental mis-interpreted as something more sinister and my typing privileges would be revoked for some time.

  4. Anonymous Coward
    Anonymous Coward

    The Law on encryption passwords in the US is well established.

    Unlike files in a safe, the contents of an encrypted drive are entirely visible, just not understandable. A seized hard drive can have its contents examined right down the 1’s and 0’s of each bit, regardless of encryption.

    Thus, turning over the password does not hand them new information, like papers out of safe. Instead, it interprets the data they already have, but do not understand.

    It is precisely testifying against one’s self. It is the act of taking data the prosecution already has but does not understand and interpreting it for them so that they may use it against you.

    A better analogy would be a diary written in code. The government, which already HAS the diary, can see its contents clearly, but without your cooperation, cannot understand it.

    They are free to try and crack the diary code on their own [as they are free to try and brute-force your encryption] but to compel you to interpret it for them - to supply the meaning - is precisely the act of testifying against yourself.

    In the US, the Courts have long held that you can't be compelled to recite the combination of a combination lock as that would violate your 4th Amendment rights, and the Courts have extended that to encryption passwords.

    1. Charles 9 Silver badge

      Re: The Law on encryption passwords in the US is well established.

      "In the US, the Courts have long held that you can't be compelled to recite the combination of a combination lock as that would violate your 4th Amendment rights, and the Courts have extended that to encryption passwords."

      I thought the amendment in question was the 5th. The 4th allows them to seize the safe or drive or whatever, but being compelled to state the means to unlock or decrypt the data can result in an "I plea the 5th."

      PS. I looked up In re Boucher and learned the point became moot because he'd already been caught with his hand in the cookie jar, so to speak. He couldn't plea the fifth because he'd already incriminated himself prior to being compelled further.

    2. Nick Ryan Silver badge

      Re: The Law on encryption passwords in the US is well established.

      That actually seems like a sensible way to interpret things like data encryption. How the hell did this happen?

    3. Beachrider

      Remember, you haven't been admitted to the USA yet...

      The trick at "border checks" is that you really don't have all the rights of being in the USA, yet.

      They may or may not imprison you, but declining their questions can result in your deportation. This can happen even if you present a USA Passport.

      Getting fresh at the border is a LOT trickier than getting fresh with police within the USA...

    4. JeffyPoooh Silver badge
      Pint

      Re: The Law on encryption passwords in the US is well established.

      How did this "don't reveal the key" process work out for Mary Queen of Scots?

  5. Anonymous Coward
    Anonymous Coward

    Okay, so they ask to see my laptop.

    As it happens, it might be my netbook which runs Gentoo Linux (cannot run Windows), and is mainly used as a means of downloading photos off SD cards onto the internal hard disk. It features no GUI as I only need to use command line tools like cp/mv, or access an email client (mutt) over ssh.

    So I boot the machine up, and turn the machine over. They are confronted by this:

    This is zhouman.unknown_domain (Linux mips64 3.17.2-zhouman) 05:32:57

    zhouman login: stuartl

    Password:

    stuartl@zhouman $ _

    Okay mister border guard, what now?

    1. Graham Marsden
      Windows

      @Stuart Longland - Re: Okay, so they ask to see my laptop.

      You're clearly a dangerous subversive for not using a proper all-American operating system (well, Windows) and must therefore be locked up for the good of society!

      1. Anonymous Coward
        Anonymous Coward

        Re: @Stuart Longland - Okay, so they ask to see my laptop.

        You're clearly a dangerous subversive for not using a proper all-American operating system

        Probably even more suss for using a netbook with a Chinese CPU (Loongson 2F).

    2. DropBear Silver badge
      Big Brother

      Re: Okay, so they ask to see my laptop.

      Presumably you'll have to figure out how to prove that at the time you've been arrested for refusing to cooperate with the border guards and have been held for the maximum extent they could afford to keep lock you up for it you didn't actually have a GUI you could launch and thus no non-cooperation actually took place - if successful, you'll be warned against travelling with a laptop without a GUI ever again without any admission of any wrongdoing on the agent's part; if not successful, you'll also be charged with destruction of evidence seeing as how you obviously had a perfectly good GUI all along, you just got rid of it somehow along with the damning evidence - some fiendish self-destruct script, surely...

    3. Doctor Syntax Silver badge

      Re: Okay, so they ask to see my laptop.

      And, of course, it can have as many login IDs as you wish.

    4. Yet Another Anonymous coward Silver badge

      Re: Okay, so they ask to see my laptop.

      >Okay mister border guard, what now?

      I've been stopped at security like that.

      "Turn on your laptop"

      Boots to a command prompt.

      "No - turn it on."

      It is on ?

      "TURN ON THE COMPUTER"

      Eventually worked out what they wanted, "startx" and wiggle the cursor

      The world was once safe from terrorism and VMS.

      For extra bonus points it should start a command prompt in klingon

      1. Anonymous Coward
        Anonymous Coward

        Re: Okay, so they ask to see my laptop.

        "TURN ON THE COMPUTER"

        To which I'd reply: Look, see, power LED is on, screen is ON, text is on the screen, kindly define what YOU mean by ON.

        1. T. F. M. Reader Silver badge

          Re: Okay, so they ask to see my laptop.

          @Stuart Longland: "kindly define what YOU mean by ON"

          Eh, "kindly define what YOU ARE ON"?

    5. Florida1920

      Re: Okay, so they ask to see my laptop.

      Okay mister border guard, what now?

      You're going to seriously piss off the next caller from India, that's what.

      1. Anonymous Coward
        Anonymous Coward

        Re: Okay, so they ask to see my laptop.

        Or just confuse the hell out of the scammer:

        http://bin.longlandclan.yi.org/~stuartl/scammer.ogg

  6. The Axe

    Some countries have laws that fine you for taking a picture of a cop committing an illegal act, others fine you for not giving the cops your password. Aren't countries great!

    1. Sarah Balfour

      Back in the days when I used Fuckerberk's data snatcher, there was a meme doing the rounds which went:

      Empires were run by emperors

      Kingdoms by kings

      Countries are run by…

      Crude, but you get the point.

      1. Anonymous Coward
        Anonymous Coward

        David Cameron?

        1. present_arms

          Same thing

          1. Jamie Jones Silver badge

            Dracula?

  7. Doctor Syntax Silver badge

    This could run and run

    Providing he can afford it - and I suspect there'll be support from elsewhere if he can't - it seems unlikely that this will be settled at the first court as whoever wins the initial judgement it seems likely to be appealed on a point of law.

  8. fortran

    Beaver pelts

    If weasel, bison and bear are of interest, are moose and wolverine as well? Can we just send the live animals? You skin them. Send us back a movie of you trying to skin a live moose or wolverine.

    How about different root (wheel, other) logins? Different logins set different locales. Login with a Klingon locale?

    1. Mephistro Silver badge
      Thumb Up

      Re: Beaver pelts

      Nice idea. I could also suggest a little bit of meddling with the graphics driver so as to change refresh rates-for a single user- in such a way that the graphics card seems to be borked. I did something similar in a PC 20 years ago, as an April 1st joke.

      1. Swarthy Silver badge
        IT Angle

        Re: Beaver pelts(..borked graphics)

        I did something similar about 20 years ago.. not a prank, just really screwed up my X install....

        1. Mephistro Silver badge
          Happy

          Re: Beaver pelts(..borked graphics)

          Where do you think I got the idea from?

          Chowd.

  9. Simon Brady
    Big Brother

    Not just Canada

    Here in NZ they want a blanket right to demand passwords even without reasonable cause:

    http://www.stuff.co.nz/technology/digital-living/67021305/kiwis-unhappy-about-customs-computer-search-plan

    But it's okay, they promise not to disclose any lawful content and we all know government agencies never abuse their powers.

    1. Yet Another Anonymous coward Silver badge

      Re: Not just Canada

      You have computers in NZ ?

      Actually - you have government in NZ?

      1. 2much2young

        Re: Not just Canada

        > Actually - you have government in NZ?

        It's more a sort of answering service. When the blue phone rings they pick it and say "Hello Washington?, .... , yes .... yes ... yes ... oh yes that will be fine, we'll get that passed through the house next week".

  10. Anonymous Coward
    Anonymous Coward

    What if you genuinely forgot the password?!

    I'm always locking myself out of stuff.

    1. Mephistro Silver badge
      Devil

      "I'm always locking myself out of stuff."

      That ability will probably be really useful for you soon, citizen!.

      Postdata: MWAHAHAHAHAAAA!!!

    2. IanTP
      Big Brother

      In the UK you will be jailed under RIPA

      Why is it not Friday yet :)

      1. Sarah Balfour

        It Friday now…

      2. Anonymous Coward
        Coat

        Friday

        It is now

    3. Anonymous Coward
      Anonymous Coward

      "What if you genuinely forget your password?"

      Really, you don't already have a "guest" account with a blank password and no permissions or software for other people to use? Bad for security but so is physical access! Even Win7 keeps other users out of casually looking at the other accounts' files, even with administrator access.

  11. Sebastian A

    NZ Customs have just requested exactly these rights.

    The shitstorm has already commenced. The "If you've got nothing to hide you've got nothing to fear" crowd against the "Privacy is a basic human right" crowd.

    But since NZ is a member of the 5 peepers, I'm sure whatever the US Govt decides is reasonable for us, we'll rush to implement.

  12. FuzzyTheBear
    Black Helicopters

    Easy solutions for enhanced privacy.

    A) Don't take your phone abroad. Life can and does go on without one. Specially when going on vacation.

    B) Use dumb 1990's style cell phone that makes phone calls period when you travel by plane a.Flip phone will do nicely.

    C) Get a local throw away , use it , send your data home , ditch phone when done and recup data once you're home.

    For the rest there's pen ,paper envelopes and mail . They are more secure than your telephone.

    1. Anonymous Coward
      Unhappy

      Re: Easy solutions for enhanced privacy.

      They probably still have those offices with a steamer (kettle) to open your paper comms

  13. Sgt_Oddball Silver badge
    Paris Hilton

    Hummmmmmmmm

    Has no-one ever though of creating some sort of RAID like system with an intentionally removable member that causes it to break the partition until both parts are joined again?

    By which I mean say a USB pen, that goes into a certain USB port and won't function correctly without it? Or if in the incorrect port will allow access but will cause items in a partition to no longer function correctly or just not decrypt the information?

    Just a thought.

    And yes I'll get my coat (the one in bright orange)

    1. Ole Juul

      Re: Hummmmmmmmm

      I'd be more interested in not leaving any potentially suspicious setup on my device. If I wanted privacy I'd keep my stuff elsewhere and accessible via VPN on the net. Access or download after I get across the boarder if needed.

      That said, I really don't think means and methods are relevant to this story. This is about an important principle.

      1. Charles 9 Silver badge

        Re: Hummmmmmmmm

        "I'd be more interested in not leaving any potentially suspicious setup on my device. If I wanted privacy I'd keep my stuff elsewhere and accessible via VPN on the net. Access or download after I get across the boarder if needed."

        And if where you're going has a tight data cap?

    2. Kernel Silver badge

      Re: Hummmmmmmmm

      It's already halfway there in Android - on my Galaxy Note I can move part of an application to a micro-SD card. Remove the card and the app won't start, reporting as not being installed.

      Unfortunately they then let the side down in that the app can be reinstalled onto the device and it picks up the existing data - so you need to hide your porn stash using an app that can keep the data on the SD card also.

  14. Jan 0

    Canada?

    So you tell us about a Canadian, being stopped on entry to Canada, by Canadian Border Agency personnel. Why then is the bulk of the article about USA law? I know the poor Kanadyjczycy have to put up with living next to the USA, but they still have their own laws don't they?

    1. Anonymous Coward
      Anonymous Coward

      Re: Canada?

      So you tell us about a Canadian, being stopped on entry to Canada, by Canadian Border Agency personnel. Why then is the bulk of the article about USA law?

      Absolutely agree, especially when you consider that Canadian Law has far more in common with UK law than USA law. It would have made more sense to compare it with what happens in the UK or other commonwealth jurisdictions rather than with the USA.

  15. Herby Silver badge

    Canada?? US?? UK??

    Well we all know that the good old USA (or at least some of the people therein) think that Canada is a wholly owned subsidiary of the USA. Look we have this long "unguarded" border, we both use $$ as currency (which sometimes trades at parity), and we speak (almost) the same language.

    The problem is that somehow the American Constitution doesn't seem to work in the "great white (hockey) north". Canada can enact lots of "tell me or jail" laws and they have to live with it. Then again, we have a big cheese who doesn't like it either, but that is a discussion for another (more political) web site.

    As for the UK, it is a wonderful country Queen and all. After all they gave us Top Gear!

    Long live countries that speak (some form of) English.

    All of this reminds me of:

    "If any member of your IMF gets caught or killed the secretary will disavow any knowledge of your actions" and "This recording will self destruct in 10 seconds". Now where is that thermite mixture?

    1. Anonymous Coward
      Anonymous Coward

      Re: Canada?? US?? UK??

      Canada is effectively a wholly owned subsidiary of the USA.

      The USA is by far Canada's #1 customer when it comes to exports (about 70%) and those exports are largely natural resources shipped raw or with little upgrading by American owned companies to American owned companies. Energy is Canada's largest export and the largest player in the Canadian energy system is the USA and companies owned by American or answering to American investors. Even the "Canadian" oil sands is not Canadian with American's owning more than 60%, even "Canadian" companies like Suncor are not Canadian owned and answer to American investors.

  16. Sarah Balfour

    Oh no, you ain't getting away with that!

    Betty, and her inbred, xenophobic, homophobic, paedophilic, parasitic blobs can fuck off! If you want 'em, you're welcome to 'em (but there's not much love for 'em in Canadia, either, let me tell ya!).

    Vive La Révolution! Vive La République!

    1. stu_ekins

      Re: Oh no, you ain't getting away with that!

      "Paedophilic"

      Really?

    2. Anonymous Coward
      Anonymous Coward

      Re: Oh no, you ain't getting away with that!

      Vive La Révolution! Vive La République!

      Been there. Done that. Restored the Monarchy.

      1. lucki bstard

        Re: Oh no, you ain't getting away with that!

        Shame really, Richard Cromwell wasn't really up to the task... Oh well

  17. Anonymous Coward
    Anonymous Coward

    We live in such a cloudy world

    Acquire fake Hotmail and Gmail accounts, then wipe phone and set up with fake accounts, before crossing Canadian border. Say yes to the nice Border Agents and hope you're long gone by the time they realise the subject line of every email reads "These are not the droids you are looking for".

  18. d3vy Silver badge

    Surely anyone with anything serious to hide is going g to use the "one for them to find, o e to keep" rule and have all of their sensitive data on a micro sd card somewhere hidden in their luggage?

    Or you know in "the cloud" so it doesn't matter what happens to that laptop.

    Seems like this might be another rule that only catches fools or innocent people with privacy concerns.

    I know there's nothing illegal on my phone, but I certinally don't want anyone looking at the embarasing pictures I took to send the wife for a laugh. #ToiletSelfie

  19. simmondp

    Why not?

    If you suitcase is locked they will ask politely (demand) that you open it - What is the difference?

    Don't carry anything through a border that you don't want to be subject to search - saying "electronic" is different is muddying the waters.

    The more interesting case comes where if you are carrying a device that has encrypted material for which you do not hold the key (for example it's a corporate laptop used by multiple people one of which has received an encrypted file).

    1. Anonymous Coward
      Anonymous Coward

      Re: Why not?

      "Don't carry anything through a border that you don't want to be subject to search - saying "electronic" is different is muddying the waters."

      Electronic is different. For starters, you can leave all your content at home, and still get it when you arrive at your destination. Try doing that with the pair of smart shoes you forgot to take*. Anyone transporting data, that they wouldn't want a border agent to see, has a serious case of thinking impairment**.

      * Had a colleague turn up to a sales presentation in a smart suit and a pair of Nikes :-).

      ** The politically correct term for the very common condition known as Hard Of Thinking.

      1. Anonymous Coward
        Anonymous Coward

        Re: Why not?

        You cannot leave any data "at home" if you can access it while traveling. It isn't just phone passwords you must supply, border guards believe you must supply any and all passwords if requested.

        1. Anonymous Coward
          Anonymous Coward

          Re: Why not?

          "You cannot leave any data "at home" if you can access it while traveling. It isn't just phone passwords you must supply, border guards believe you must supply any and all passwords if requested."

          You can leave any data you want at home (or in the cloud). They're aren't psychic. What do you think they're going to ask for? "Oh, can you just give us the password to the account that isn't on this phone?"

          To ask you for a password for something, I'm pretty sure they need to know that something exists in the first place.

          1. Anonymous Coward
            Anonymous Coward

            Re: Why not?

            @anon No they do not need to know it exists to ask for it. That is a large part of the problem. They, in this case border personnel, claim unlimited fishing rights and governments, in this case American governments are not saying or making clear that there are limits.

            Should you find yourself in a sound proof holding cell and you decide to only give them passwords as they come up against them you could well find yourself charged with “hindering or preventing border officers from performing their role,” Even more so if they keep all your electronics and later find that hidden drive or file.

            Sure you can win in court but even if you do, you still lose. That's a key part of the story, what are the limits? In practice there are few if any limits other than the mercy of the agents.

            1. Anonymous Coward
              Anonymous Coward

              Re: Why not?

              "@anon No they do not need to know it exists to ask for it. That is a large part of the problem. They, in this case border personnel, claim unlimited fishing rights and governments, in this case American governments are not saying or making clear that there are limits."

              "sir, we'd like to take a look your phone."

              "Sure."

              "We see you have two accounts on here."

              "Of course. Oh, and because I'm such an utter fucking idiot, would you like me to divulge the account names and passwords of all my other accounts that aren't on the phone? You know, the ones you didn't know anything about, before I just told you? "

              1. Anonymous Coward
                Anonymous Coward

                Re: Why not?

                Much more likely is the little metal window opening to your holding cell and a border agent quietly telling you.

                "You failed to mention the hidden encrypted drive and the password you did supply was not for the email account we wanted. You will be charged, we will be keeping your electronics, and no you will not be entering today."

                But your rose coloured world is, I agree, much nicer to live in.

      2. Anonymous Coward
        Anonymous Coward

        Re: Why not?

        Whatever the outcome, or the principle, at the end of the day the border agents will always have the last word. They can ask you nicely, or threaten you, but if those don't work they can just stamp your passport "entry denied" and send you home. If it's really a problem for you, don't go in the first place.

        Of course, if you come from that country in the first place, as in this article, things get more complex but, hey, you can always leave if you don't like it there.

        1. JeffyPoooh Silver badge
          Pint

          Re: Why not?

          "...they can just stamp your passport 'entry denied' and send you home."

          In this case, the subject was arriving back to Canada, where he lives and is a citizen.

    2. Anthony 13

      Re: Why not?

      Electronic IS totally different. It's not a physical thing they are looking for that you might have in your briefcase, be it a weapon or drugs or whatever - it's all about data. I'd bet you be none to pleased if some jobsbody got your private diary out of your briefcase, brewed up a pot of coffee, pulled up a chair and started reading through your life for the next 12 hours. That sort of intrusion is the exact sort of thing you would expect would require a warrant.

      I admit my total ignorance in the law on this (where such a thing may exist), but I'd hoped we were at least living in a world where most people would consider this sort of action as just fundamentally wrong!

  20. Sirius Lee

    Why is this even an issue? Let them have at your phone. This is the digital age after all. If you have stuff you want to keep away from prying eyes, whether it salacious or intellectual property, keep it on-line at home and access it remotely using https when you get wherever you are going. If the problem is that you can't help adding salacious material to your phone or laptop for the length of a flight or train journey you have more problems than facing a border agent.

    1. Charles 9 Silver badge

      What if you're up against a tight data cap? And the data's too large to grab online?

  21. Anonymous Coward
    Anonymous Coward

    Canada is the USA, and the USA thinks your country should be the same.

    Canada has and is in the process of "integrating" their border services with the USA.

    This means the "Canadian" border services agent may not even be Canadian or administering Canadian made policies. Part of the agreement not only has USA law being enforced in Canada in many different ways, as well as having American enforcement agents and policies acting in Canada against Canadians it also includes giving American agents open access to Canadian databases, such as CPIC (police) and other government databases.

    American agencies are carefully tracking the international travel of all Canadians and have made that very clear to some Canadians who regularly leave Canada. With the new found data they are promising tighter controls of Canadian travelers and are changing visa requirements for Canadians visiting the USA.

    Which means the request for the search may not be Canadian in origin, and Canadians will not be able to find out either way. If Canadians asked they would be told it was random. As Snowden revealed there is effectively no Canadian border when it comes to American interests and actions, and the Canadian government has not hidden the "integration" of Canadian Border Services.

    And if you think these are only the concerns of a ex-British Colony too afraid to be independent, look at what the USA has said about enforcing it's laws in your country.

    When it comes to requests for passwords the border agents do not think their power stops at accessing your phone, as many seem to think. If they want and have the time they can search all your personal files and information, both in the phone or laptop you are traveling with and any information or accounts you have online, in the cloud or even at work. Of course they do not need you to be present for that.

    That is what makes such cases important. Border services, which for Canada includes a foreign power, believe they have almost unlimited ability to snoop and ask questions of any traveler, even demand they testify against themselves and others and anyone challenging that will find their travel plans and itinerary open to adjustments from border agents.

    If this case gets appealed to the top court the rulings, how and if they will be applied, will speak to the very idea of rights in a democracy.

  22. Whit.I.Are

    Confidential information

    My employer would take a dim view of me giving the password of my work laptop to some random border official. I may even be in breach of my contract of employment...

    1. James 51 Silver badge

      Re: Confidential information

      There have been rumours for years about border agents taking electronic equipment from business men entering the US and later competitors have a mysterious edge.

      It's just a pity that from the media laws like this seem to be used as a crutch by lazy and incompetent fishermen and a power like this is ripe for abuse. If someone is guilty of a crime that would warrant examining their hardware like this you'd hope the police would be able to piece something together without it or have the expertise to get through without it. There is a difference between secret and private.

  23. JeffyPoooh Silver badge
    Pint

    How about this response?

    "Unlock your device please."

    Sorry - No Can Do. My device contains some correspondence between myself and my lawyer and that is protected by the highest level of constitutional protection. Those rights trump everything.

    1. Anonymous Coward
      Coat

      Re: How about this response?

      Or its a MOD device - shall we get authorisation?

    2. James 51 Silver badge

      Re: How about this response?

      These are the types of chumps that have opened diplomatic bags. I doubt informing they'd let this stop them.

  24. Anonymous Coward
    Anonymous Coward

    Next they'll ask for your PIN number and check your bank balance.

    1. werdsmith Silver badge

      "Next they'll ask for your PIN number and check your bank balance."

      They will. One of the first things that they are interested in is if you have sufficient funds for an airline ticket to pay for your own trip home after being refused entry.

      I recall from my two hour interrogation at Boston Logan in the 1990s. (because when I was filling in the old green visa waiver form on the flight I spilt a drink on my passport and they don't like wet passports)

    2. Jimmy2Cows Silver badge

      Dude stop giving them ideas

  25. Anonymous Coward
    Anonymous Coward

    Some games used to have a "boss mode", seems you need to have a "feds mode" on phones now.

    1. werdsmith Silver badge

      Boss Mode

      In Chrome --enable-dom-distiller

      Then read The Register all day long.

  26. Anonymous Coward
    Anonymous Coward

    factory reset to no password?

    What then would one be bringing in

  27. User McUser

    What's on a phone anyway?

    What could possibly be on a smart-phone that a border agent needs to see? What's the scenario for which the only protection is searching a person's phone?

    This is a serious question; I'm drawing a complete blank as to why a border agent would ever, under any circumstances, need to look at my phone's contents.

    1. Anonymous Coward
      Anonymous Coward

      Re: What's on a phone anyway?

      It would be best to have a border agent respond but I have heard some of the reasons and there are many.

      For example, a person is returning from a country where drug use is common or legal. The border personnel want to know if they had any association with people in that industry so will ask to look at the phone to check calls made, txt msgs, emails, and social media accounts.

      Similar checks are made to ensure no contact with known criminals or terrorists or people on watch lists. If they find such information further interrogation will follow.

      If the person is visiting the country they may want to know if they have the correct visa, say a work visa. If the search of their data finds copies of resumes or reference to work they can charge them or send them back home.

      And of course it can be a "completely" random search, though after Snowden we now know those are not as random as claimed.

      The problem is the apparently unlimited power being claimed and used. Where is the limit?

      1. User McUser

        Re: What's on a phone anyway?

        I don't think the government should be able to casually satisfy their curiosity about my acquaintances just because I took a trip and came home. If I am a known or suspected threat, drug dealer, or whatever, then they can detain me and get a warrant to search the phone. Besides, they can get the same information by subpoenaing my phone records (or in my case as an American the NSA already has them) and they don't need your phone to do that, only your phone number.

        A visitor to a country is different than a citizen returning (which was the case here) so different rules may apply, though I personally don't think their phones should be subject to warrantless searches either for pretty much the same reasons.

        1. Charles 9 Silver badge

          Re: What's on a phone anyway?

          If you swapped in a local SIM, a common budget tactic, the US phone company will be clueless and the foreign one unreachable. Thus the only remaining possibility is the phone itself. Or if you just use WiFi-based tech while you're there, again the phone company's clueless.

          As for the breadth of power, remember they're in fear of "The One That Got Away" that then goes on to commit 9/11 Part Two.

  28. Anonymous Coward
    Anonymous Coward

    Well done

    On finally catching up with the UK in terms of legislation surrounding phones.

    We've always needed a warrant to examine data on a phone / laptop / camera unless:

    A- Consent is given

    B- I've applied for the data via Cycomms which is a rigorous and closely audited system which will provide me with all your data, texts, call logs, etc without even having to have your phone

    C- You've left it unlocked and turned your back on me

  29. IglooDude

    I always assumed it was because they were trying to make sure there were no bombs or drugs in the electronic device, neverminding that someone could rig a laptop to show a boot screen and even a generic Windows desktop with little trouble (as always, security is there to catch the stupid ones).

    But aside from the hidden truecrypt partitions etc, how about a login or PIN that while showing inocuous data also automatically/silently activates audio/video recording until owner-stopped or device powered off? It'd make me actually eager to turn it on and provide a login for the nice officer folk.

  30. Anonymous Coward
    Anonymous Coward

    Meanwhile in Israel

    When going in/out of the country, you can be rather intensively searched (down to the seams of your clothes) and psychologically probed.

    They will however a) be respectful and keep it civil all the time, and b) not go through any personal documents of yours (such as letters, notes, diaries, or nowadays phone/computer data).

    Surely if it's good enough for them...

    They will take your phone apart and it will never work again though. :-)

  31. Six_Degrees

    What's increasingly needed are encryption systems that include plausible deniability. TrueCrypt has/had this - you could set up a system with two passwords, one would unlock your actual data, the other would unlock an entirely different set of data that, presumably, would be innocuous or otherwise conceal your real data, while satisfying those forcing a password out of you that they had succeeded.

    1. Charles 9 Silver badge

      The trouble with plausible deniability is that the plods won't be satisfied until they're sure they got EVERY password out of you. Which means a system with more than one potential password will call for more than one session with the rubber hoses.

  32. big_D Silver badge

    Problematic

    Without a valid EU warrant or the written permission of everybody identifiable in the data on my PC, I cannot show the data to a third party outside the EU, so showing DHS officials the contents of my laptop when I arrive at the US border opens me up to prosecution, not showing them my device opens me up to prosecution...

  33. AndyFl

    Nobody posted *that* XKCD yet?

    Here we go:

    http://xkcd.com/538/

    1. Charles 9 Silver badge

      Re: Nobody posted *that* XKCD yet?

      Did they ever make one where it doesn't work because the man's a masochist who cries out for more?

  34. Michael Wojcik Silver badge

    Ah, you coastal types

    They can act within a 100-mile zone from any edge of the US, which encompasses just about every major city in America

    It's true this is a major problem, and a gross offense against civil rights and personal liberty. But "just about every major city in America" (even if we allow "America" as shorthand for "the USA") is a wild exaggeration.

    It's utter nonsense to claim that Atlanta isn't a "major city". Ditto Denver, Las Vegas, Phoenix, and Indianapolis. I think it's unreasonable to claim Cincinnati, Omaha, Oklahoma City, Louisville, Nashville, Memphis, Dallas / Ft Worth, Minneapolis / St Paul, Charlotte, Birmingham, and Albuquerque aren't "major cities". Cincinnati has roughly the same population as Newcastle or Nottingham, and in area is as large as the two combined, and it's the smallest in that list.

    There are also smaller cities not within the zone-of-offense that are important because they're state capitals or primary cities: Salt Lake City, Little Rock, Boisie, Jackson, Topeka, etc.

    Raising consciousness on issues like this isn't helped by telling a third of the US population that their homes aren't important.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019