[matt4077]

iPhones require the password(/code) when turned on and (IIRC) under certain other conditions.

But I believe this isn't enough considering recent developments. They write:

    It’s important to note that deniability refers to the
    ability to deny some plaintext, not the ability to deny 
    that you’re using a deniable algorithm.

It's now common for border agents in the US to demand login credentials for social media accounts, and search all electronic devises. I can't think of anything more invasive than someone going through my photos and messages. Yet many people are required to visit the US (or countries only reachable via the US). We need methods to separate data into two parts, one being highly private and completely hidden from someone given access to our devises.

And while I would welcome a technical solution, it's important not to discount the power of the law. Such invasions of privacy would be illegal in the EU, and contrary to the cynics, laws are generally respected in the developed world. The current news are making me hopeful that (parts of) the US population are also starting to be sympathetic to some rights of foreigners even when they're applying for the privilege of crossing the border.

[koonsolo]

I wish EU and other non-US countries would offer "US-border treatment" to all US citizens when they enter, and normal border control when they leave.

That way they could maybe get an idea on how unfriendly, impolite, invasive and denigrating it actually is. And then when leaving get the idea that border agents can be helpful and friendly too.

Edit: And oh yes, all communication and paperwork is done in the language of the destination country.

[matt4077]

i feel sympathy for the idea, but it kinda undermines the case against these practices. If we're saying "terrorism" isn't enough of a reason for wide-scale privacy invasion, how could "getting the US to change its policy" ever be enough? Additionally, it's an individual's rights being infringed, almost none of whom have influence on policy beyond voting, and the vast majority of whom, belonging to the subset of Americans traveling to Europe, didn't even vote for Trump.

[dmichulke]

> didn't even vote for Trump.

These practices mentioned by GP exist since well before 2017.

Following your logic, the question would be if they voted for Obama. And, if the vast majority didn't vote for Trump, they probably voted for Obama. So it actually would affect the "right" people.

(Not that I agree in any way with punishing citizens for what their government does)

[Spooky23]

It is a clear technical problem. Pre-smartphone, you weren't dragging your whole life around in your pocket.

There needs to be a better way to manage user data -- there's no middle ground right now and the UI is awful.

My friends went through an invasive, humiliating search at a Canadian border crossing that also damaged my friend's car, because they matched a description of cigarette smugglers in the 90s. The border/customs people were within their rights to do that.

The frequency of US searches is high now, but you NEVER had rights at any border crossing, and thinking carefully about what you drag across a border is a consideration that you need to think about.

[secfirstmd]

On that topic, we've included some guides on crossing borders / going through airports / attending protests and loads of other physical/digital security stuff in Umbrella App. (Learn more or download at https://www.secfirst.org). The specific piece is available on our Github (all our stuff is open source or Creative Commons, so feel free to re-use or please add more!).

https://github.com/securityfirst/Umbrella_content/blob/maste...

Hope it's useful!

[chrisbolt]

> It's now common for border agents in the US to demand login credentials for social media accounts, and search all electronic devises.

Can you define common?

[matt4077]

Requesting account names is already common practice: http://www.politico.com/story/2016/12/foreign-travelers-soci.... That does not include passwords, and it's "voluntary". But having filled out US immigration forms a few times (and watched others doing it), the process is quite intimidating and many will be pressured into providing that data. Why else would they? There is no upside to the US gov having that data for me.

With regards to passwords, I don't have numbers, but have seen a few dozen reports over the years without actively looking for them and knowing someone personally to whom it happened (he refused and was allowed entry after a few hours). And whatever is currently discussed would probably include it, considering the San Bernadino case they cite as justification involved information shared with strict privacy setting:

https://www.google.de/search?client=safari&rls=en&q=us+askin...

[microtherion]

The ESTA form asks for social media accounts (though not passwords, and ostensibly providing the accounts is "optional"): https://esta.cbp.dhs.gov/esta/

[TorKlingberg]

It does indeed. Here is a screen shot: http://imgur.com/a/jreOU

[Swizec]

Oh wow that wasn't there last time I ESTA'd. Good thing I got that business visa a few years ago.

Then again, I used my social media and general web presence as partial justification for the current O-1 visa so ... oh well.

At least they can't find anything by googling my legal name.

[StavrosK]

Fucking hell, that's the first time I see this too. I might have to reconsider my US trip...

[pc86]

What countries are only accessible via the US?

[FabHK]

None (it's not like Lesotho inside South Africa or San Marino inside Italy). I assume he meant destinations where most international flights go via the US, but not sure that's relevant - I'm pretty sure basically all South American countries have direct flights to Europe or Canada, say.

[matt4077]

It can be prohibitively expensive to find a flight from Europe to the Caribbean or Central America that doesn't involve a stopover in the US.