Ryan Lackey, chief security officer of a bitcoin insurance company and security researcher from Seattle, has taken the following safety measures when visiting nations like China or Russia. Instead of his typical equipment, he brings an iPhone that is configured to sync with a different, nonsensitive Apple account and a locked-down Chromebook.
Before each journey, he cleans both and loads only the information he will need. Lackey has even gone so far as to maintain separate travel sets for each country to forensically examine the devices upon his return home and look for indications of manipulation.
According to Lackey, the United States may also warrant a paranoid approach to travel. This applies not only to Americans like him but also to anyone with a foreign passport who might be subject to the increasingly harsh and unpredictable scrutiny of the United States Customs and Border Protection (CBP).
“All of this applies to America more than it has in the past. If I thought I were likely to be a targeted person, I would go through this same level of protection,” Lackey stated.
The number of foreign visitors to the United States who are denied entrance and sent back to their original destinations or detained appears to have increased since the beginning of the second Trump administration. When trying to enter the United States, citizens from Germany, the United Kingdom, and France have all reported being delayed, sometimes for weeks, or denied admission.
Several of these individuals claim to be legal residents with Green Cards. According to the country’s education minister, a French scientist was refused admission after immigration officers looked through his phone and discovered chats in which “he expressed a personal opinion on the Donald Trump administration’s research policy.”
Officials in Germany and Britain have revised their travel advice in response to the more stringent enforcement of visa and travel permit laws; Britain has warned that the rules are applied “strictly.”
If the Trump administration moves forward with its plan to implement a new “travel ban” on over 40 countries, that de facto border crackdown is expected to become much more explicit. The ban would reportedly completely bar entry from at least 10 countries and subject visitors from another five to additional scrutiny and automatic interviews at the border. The policy’s implementation would determine the status of another 26 nations, placing them in a third group.
Given all these developments, it appears that US borders will soon become less welcoming to visitors and even to Americans returning from outside. Additionally, there will undoubtedly be aggressive attempts to monitor travellers’ electronic devices in conjunction with these new border enforcement procedures. This poses a threat to digital privacy and free expression for foreigners and US citizens.
And warning signs are already emerging. In May 2025, workers building an apartment complex near the Florida State University campus were detained by agents from the US Homeland Security, the US Marshals Service, and the Florida Highway Patrol. After entering a construction site in Tallahassee, federal and state officials asked workers for identification and separated them into two categories. After that, some were allowed to go, while others were handcuffed and led onto white buses with metal-covered windows to be transported away from the worksite, escorted by the Highway Patrol.
The Trump supporters were not spared either. In Nashville, the restaurant named “Kid Rock’s,” owned by the conservative restaurateur Steve Smith, where undocumented kitchen staff were asked to go home to avoid rumoured immigration raids. The restaurant, licensed by the right-wing musician Kid Rock, who has also become one of the US president’s highest-profile backers, reportedly found itself struggling to serve post-concert crowds on one Saturday night after the order from managers instructing employees without legal status to leave.
“Around 9.30 pm on Saturday, our manager came back and told anyone without legal status to go home. Events at the Ryman, Ascend, and the Savannah Bananas’ baseball game all let out, and it was crazy busy. But there was no one in the kitchen to cook the food,” an anonymous employee narrated the ordeal to the Nashville Scene.
An aggressive immigration sweep began on 3rd May, when state troopers and unmarked ICE vehicles significantly increased traffic stops throughout South Nashville. The operation has resulted in at least 196 arrests, including 101 individuals with no criminal history, according to a Department of Homeland Security (DHS) press release. While Trump and the DHS secretary, Kristi Noem, have publicly celebrated “accelerated deportations” nationwide, these actions have created panic among legal residents as well.
Nathan Wessler, deputy director of the American Civil Liberties Union’s Speech, Privacy, and Technology Project, said, “We’re witnessing incredibly unsettling instances of retaliatory action based on people’s speech and political opinions. People of all political persuasions—as well as those with various citizenship and immigration statuses—should be especially concerned when that is coupled with extremely broad authority to search through the contents of our phones and laptops, looking at what we have written and what others have sent us.”
Customs and Border Protection (CBP) has long regarded US borders and airports as a Fourth Amendment loophole, granting them broad authority to detain and inspect travellers’ devices. With little official justification or supervision, the agency has long taken advantage of that chance to detain border-crossers based on the smallest suspicion and seek access to their phones and computers.
Citizens are not immune at all. Agents have confiscated the gadgets of CBP detainees, including journalists, filmmakers, and security experts.
The following tips from legal and security professionals have been compiled to assist in protecting your digital privacy when travelling across US borders, as those incursions become more frequent and forceful under the second Trump administration.
Call home
If you suspect you may be stopped or interrogated at the border, notify a lawyer or a loved one who can be contacted before crossing customs.
Then, get in touch with them again after you exit. You may not have access to your devices or other means of communication while in custody. Additionally, you’ll want legal counsel and an advocate for your release in the worst-case event of a protracted imprisonment.
Lock down devices
Don’t make it simple for customs officers to steal your electronics. Select a secure passcode and encrypt your hard drive using programmes like Apple’s FileVault, BitLocker, or VeraCrypt. Create a secure PIN on your phone.
The most effective way to secure your phone is to use a hard-to-crack alphanumeric code instead of biometrics or a four-digit PIN. Turn off “Allow Siri When Locked” from the Siri menu in Settings on an iPhone to prevent Siri from appearing on the lock screen.
Don’t forget to switch off your electronics before going through customs. Hard-drive encryption solutions only provide complete safety when a machine is completely shut down. An iPhone is the safest when it’s off because Face ID requires a PIN instead of a face scan when it initially boots up, eliminating any doubt about whether border officials may force you to unlock the device using your biometrics.
You can now keep sensitive apps separate from other apps on your phone by putting them in a different folder and adding an extra degree of verification. Apple and Google have made this feature possible in recent years. Private spaces on Android may be enabled through the security and privacy settings menu, and on iOS, you can choose to hide an app by long-tapping on it.
Lastly, Wessler advises visitors to make sure they update the operating systems on their phones and laptops before entering the country. This is because, in certain situations, CBP might utilise programmes like Cellebrite or GrayKey to take advantage of unpatched flaws in certain devices, gaining access to them without the user having to unlock them.
Wessler said, “Your device may be vulnerable if your operating system is six months out of date.”
Don’t divulge passwords
Wessler of the ACLU claims that Americans cannot be deported for refusing to disclose the passwords to their encrypted devices or social media accounts.
Accordingly, you may be arrested and have your devices seized, even taken to a forensic facility, if you refuse to give up your passwords or PINs, but you will ultimately escape with your privacy much more intact than if you reveal secrets.
“They can seize your device, even for months, while they try to break into it. But you’re going to get home,” Wessler added.
This protection also extends to green card holders, Wessler notes, notwithstanding the Trump administration’s startling treatment of foreign permanent residents in certain situations.
However, be advised that refusing entry to customs officers may result in hours of uncertain incarceration in a desolate, windowless CBP office, at the absolute least. Court rulings have limited the powers of CBP officials at some US airports and states, but these restrictions may not be enforced if border agents have your computer or phone unsupervised.
The CBP distinguishes between two kinds of device searches. Basic, in which the content of a device is examined “manually” by an officer, and advanced, in which a device is linked to other devices and its contents can be examined or copied.
According to CBP, the latter search necessitates a “reasonable suspicion” of criminal activity. The agency’s official advice avoids specifically stating that individuals must turn over passwords by stating that devices should be submitted “in a condition that allows for the examination.”
According to the agency’s website, “If the electronic device is protected by a passcode, encryption, or other security mechanism and cannot be inspected, that device may be subject to exclusion, detention, or other appropriate action or disposition.”
Wessler cautions that non-Americans entering the US with a visa or from a nation that waives visas face a much more difficult situation: you risk being refused entrance if you refuse to provide a passcode or PIN.
According to him, “People have to make a very practical assessment about what’s most important to them: entry into the country at the risk of being turned around at the border, either by sacrificing or by protecting your privacy.”
Reduce the amount of data you keep
The best approach to keep customs away from your data is to just not bring it on your trip. This is the obvious option for the most susceptible tourists. Set up travel devices that store the least amount of sensitive data possible, much like Lackey did.
Avoid connecting those “dirty” devices to your personal accounts. If you must, make new accounts with distinct identities and passwords, such as an Apple ID for iOS devices.
“If they ask for access and you can’t refuse, you want to be able to give it to them without losing any sensitive information,” Lackey explains.
Admittedly, social media accounts are difficult to delete. While keeping a more important account secret, some security experts advise developing backup personas that can be presented to customs agents. However, you may face extended detention and, in the case of noncitizens, even refusal of entry if CBP officers connect your name to an account you attempted to conceal.
To prevent border agents from accessing documents or data you store remotely, the Electronic Frontier Foundation also advises shutting down apps and cloud services like Google Drive and Microsoft OneDrive if you are unable to set up a separate travel device. Backing up files or images to cloud services before your trip might facilitate data removal from the phone.
According to Wessler of the American Civil Liberties Union, “The only sure way to protect yourself is to not carry information with you or to carry as little as possible. As long as you have a device and there’s stuff on it, that’s potentially vulnerable to search.”
In light of the current political climate and the increasingly unpredictable nature of US Customs and Border Protection (CBP) scrutiny, travellers are advised to take proactive steps to protect their digital privacy. While the methods outlined above offer some degree of protection, it is crucial to remember that there is no foolproof way to guarantee privacy at the US border.
The erratic and often undocumented practices of CBP mean that any traveller could be subject to scrutiny, and their electronic devices could be searched without warning. Therefore, it is essential to weigh the risks and benefits of each privacy protection method and choose the ones that best suit your individual needs and circumstances.
For US citizens, the risk of deportation for refusing to divulge passwords is low. However, non-citizens may face more severe consequences, including denial of entry. Therefore, non-citizens must carefully consider the potential repercussions of refusing to cooperate with CBP officials.
Regardless of citizenship status, all travellers should be aware of the potential for lengthy detentions and intrusive searches. By taking steps to minimise the amount of sensitive data they carry and by being prepared for the possibility of a device search, travellers can help to protect their privacy and avoid unnecessary complications at the border.
Ultimately, the responsibility for protecting digital privacy at the US border rests with the individual traveller. By being informed and prepared, travellers can navigate the complexities of border security while minimising the risk to their personal information. While the future of digital privacy at the US border remains uncertain, travellers can take comfort in knowing that they have options to protect themselves and their data.
Remember, the border is a zone of heightened security, and CBP officials have broad authority to search and detain travellers. By understanding your rights and taking proactive steps to protect your privacy, you can ensure a smoother and less stressful border crossing experience. Stay informed, stay prepared, and safeguard your digital privacy.