[miotintherain]

Hi Peter, thanks for the AMA!

I work for an American company and I am based in Europe. I visit the US for work every now and then. I heard a lot of horror stories regarding border entries. If I am ever in a situation where the border police asks for access to my personal phone and pin code, what are my options? Can I refuse and what happens then?

[stevenwoo]

Border Patrol can wait longer than you want to wait at the airport, you should not bring your personal phone if you don't want them going through all the contents, they can hold your device for an inconvenient amount of time if you are an American citizen. If you say no and are not an American citizen you can be denied entry at the airport and sent home.

[cmrdporcupine]

Being quickly denied and sent home is the best possibility in that scenario.

If you're on American soil they can just detain you. Or worse.

If you ever want nightmares, read the story of Maher Arar.

[fsckboy]

>you should not bring your personal phone if you don't want them going through all the contents

isn't the right move here: wipe your phone, travel to destination, then restore from cloud backup? in the middle, you can let them inspect your wiped phone.

[lrvick]

If you are of interest to the US government or any ally, assume your phone comes back from inspection with a compromised bootloader that will continuously re-infect your phone after you wipe/reinstall.

Wipe it, let them inspect it, sell it, and buy a new one.

[nerdsniper]

For non-citizens, there's not really any law against them installing malware on your phone which could persist through a factory reset. Though I've not heard of such malware for flagship phones.

[lrvick]

I have heard of malware like this, and engineers that found it at Google were instructed by higher ups to ignore it and never talk about it without explanation.

Good luck getting anyone close to this to go on the record about it though given such things normally come with corporate or government gag orders.

There are hundreds of privileged vendor binary blobs on most flagship devices not even Google gets source code to though so supply chain attacks should be assumed.

[monerozcash]

I think this is broadly not true.

Sure, the NSA can probably pull this off. Thing is, the NSA probably does not need to do this at immigration.

I seriously doubt that this is a realistic problem if your threat model is anything less than "The NSA is very interested in me". In that case I don't see how you could trust any phone, regardless of it having been in the hands of border officials or not.

[lrvick]

> I don't see how you could trust any phone

Correct, and I do not own one.

[mschild]

Probably more convinient to get a cheap, 2nd hand phone with the travel essentials and use that instead.

[lrvick]

Or just do not use a phone at all. I travel internationally without one a few times a year. Europe, mexico, canada, japan, no problems. Dirty looks, but no problems.

[eduction]

Is your name peter?

[proberts]

You are within your rights to say no but if you say no, almost certainly CBP will assume that you are hiding something and deny you admission.

[criddell]

Can they deny you admission when you are a US citizen?

[OptionOfT]

They can not. Neither US Citizens or Green Card Holders can be denied entry.

Sources: https://www.aclu.org/know-your-rights/what-do-when-encounter...

https://www.aclunc.org/our-work/know-your-rights/know-your-r...

[mrguyorama]

They are not legally entitled to deny you entry.

That doesn't mean they can't deny you entry. It means you might win a court case some day.

ICE cannot legally arrest people who are citizens for no reason, and yet they have done exactly that 30% of the time by their own admission.

"Knowing your rights" is meaningless if the public chooses to vote for people who don't care about those rights, and celebrate when you do not get your rights.

It doesn't matter what the paper says, it matters what CBP feels like doing, and what their management lets them get away with. The constitution is just a magic circle we all agree to play in, and isn't real if enough people disregard it.

If the border agent doesn't want you to come into the country, you are fucked. Nobody's job is to get between that agent and you and ensure the border agent follows the law on the paper, and the border agent will not go to jail or even lose their job for completely ignoring the law.

[SR2Z]

> If the border agent doesn't want you to come into the country, you are fucked.

You are seriously inconvenienced, but assuming your paperwork is in order, you will be allowed into the US. This isn't just against US law, it's a violation of international law to render a person stateless.

This ignores the real point, which is that while you cannot be refused entry to the United States, you can be arrested at the border. ICE these days has mastered the art of making people's detainment so uncomfortable that even those with a right to be in this country end up deciding to leave.

[globalnode]

yes sure you can come into america, straight into a holding cell until you hand over your pins/passwords or go back home.

[hn_throwaway_99]

> ICE cannot legally arrest people who are citizens for no reason, and yet they have done exactly that 30% of the time by their own admission.

Where are you getting that statistic (honest question)?

[mrguyorama]

I overstated, but it's murky.

https://www.dhs.gov/news/2025/12/05/despite-medias-claims-ic...

Why would ICE leave the number as low as "70%" if they could be higher? Every illegal alien is a criminal as far as the law is concerned. Every illegal alien arrested is "charged with a crime". Otherwise ICE is openly stating to its supporters that they arrest illegal aliens and then release them, something their supporters are vocally against, and the administration believes and claims to be a serious problem.

Meanwhile, the Cato Institute a libertarian think tank, claims they have been leaked far worse data https://www.cato.org/blog/5-ice-detainees-have-violent-convi...

A direct reading of ICE's claims (that seem to be contrary to information obtained through FOIA?) is that 70% of the people they arrest are criminals, which by their own definitions, would imply 30% of the people they arrest are not illegally here, but that's reading between the lines and it's hard to lend any credence to anything said by an administration that treats public statements as a fun gaslighting game.

But essentially, if ICE COULD claim everyone they arrest is an illegal alien (and literally a criminal they are legally allowed to arrest and deport), why wouldn't they?

Flag my claim if appropriate.

[mrguyorama]

>ICE cannot legally arrest people who are citizens for no reason, and yet they have done exactly that 30% of the time by their own admission.

I can no longer modify, retract, edit, etc my comment. This statement is almost certainly false, and I made it without due diligence to confirm I remembered the wording of a claim ICE made.

We know ICE has arrested some people who are American citizens, but we do not have anything near enough good data to make anything close to the claim I made.

This is a record of my error. Remember this if you see my comments again.

[testing22321]

A country can not deny entry to its own citizens.

They can immediately arrest you, however.

[echoangle]

But not for not giving them access to your phone.

[ineedasername]

What the will arrest you for vs can arrest you for are very different things. Really. This isn’t cynicism, is empirical knowledge. If they want to arrest you, you’re getting arrested. They can arrest you because they can arrest you. This is the strict literal sense of can.

[iancmceachern]

In America, Europe, etc.

[UncleOxidant]

So basically bring a burner phone.

[monerozcash]

I think this EFF document probably provides a more comprehensive answer than what can be provided in a HN comment https://www.eff.org/files/2017/03/10/digital-privacy-border-...

Peter might have good insights on whether the relevant case law has changed since 2017 though.

[lcc]

The only relevant part from that document is this line from page 33: "Foreign visitors have the fewest rights... if a foreign visitor refuses a border agent’s demand to unlock their digital device, provide the device password, or provide social media information, and the agent responds by denying entry, the foreign visitor may have little legal recourse."

[christkv]

I always traveled with a feature phone and a travel laptop with just work stuff on it when going to the us. Nothing personal like email or other stuff on me.

[ripplebob]

Why not just carry a burner phone or buy a blank one and restore it after customs from backup?

[trollbridge]

One of the latest tricks is that if you have social media accounts yet no social media apps or accounts are loaded on your phone, or your phone appears to be a burner phone, they'll ask you why you didn't bring your main, primary phone.

So your "burner phone" needs to be your primary phone, which is something that is hard to go back in time to fix.

[raddan]

This sounds like a rumor to me. Plenty of people (including me) have no social media presence (unless you count HN as social media). How do you know that the person on whatevergram with the same name is me?

[trollbridge]

Because the ad networks associated with social media are really good at ascertaining identity.

People with no social media presence at all have been denied entry.

[raddan]

Citation?

[hn_acc1]

I have a few social accounts, but no apps installed on my primary, 2.5+ year old S21. I prefer to visit via browser (firefox, mostly).

[smcin]

It's in general possible to only access social media via browser, not apps.

[trollbridge]

Which makes no difference since they’ll just ask you for your social media handles.

[smcin]

It makes a difference since if you're not logged in to them in browser they are less likely to know which ones you use.

[monerozcash]

The typical solutions deployed by some European bigcos are:

1) only bring burner devices

2) have your devices travel separately using some courier service

Yeah, they can still request your social media profiles and whatnot. You are not particularly likely to be denied entry because you don't have your normal devices with you, this is not very uncommon these days.

Of course it's better to be able to say that your employer requires you to do this, so it's probably good to ask your boss to write up such a policy. Otherwise "why?" could be a pretty uncomfortable question.