Stephanie Condon, writing for ZDNet has an interesting piece about smartphone data dumping by the US Customs and Border Protection service. According to Condon, the downloading, storing, and potential searches of American’s smartphones came to light by way of a letter sent to the agency by Sen. Ron Wyden (D-Oregon) about the practice.
According to Wyden, CBP agents get American travelers to unlock their devices and then proceed to download the data into a government-controlled database. He calls such searches “warrantless” and I completely agree. On his official Senate.gov website, Wyden is quoted as saying:
“Innocent Americans should not be tricked into unlocking their phones and laptops,” Wyden wrote. “CBP should not dump data obtained through thousands of warrantless phone searches into a central database, retain the data for fifteen years, and allow thousands of DHS employees to search through Americans’ personal data whenever they want.”
Senator Wyden’s full letter to Chris Magnus, Commission of the US Customs and Border Protection service is available online.
While I agree, all US citizens should comply with legally obtained and executed search warrants, I do not agree with the in discriminant downloading of American’s smartphones just because they are crossing the US border.
One way to protect yourself if to ensure that you have a strong passcode on your iPhone. A couple of words long passcode is a strong defense to unauthorized access to the contents of your iPhone. A 6-digit or longer PIN code in place of a passcode is a good option too.
Strong security and data privacy is a constant trade off with usability. Who want to keep entering a 18-characher passcode/PIN just to unlock their iPhone? Not me. Biometric security, such as Face ID or Touch ID are good tradeoffs for most people. They offer good security and ease of use.
When learning about reports such as the one Wyden is claiming of the CBP, I have to think twice about my personal information data privacy. As we learned with John Eastman, courts are willing to uphold requests to unlock smartphones using biometric systems. What courts aren’t willing to uphold, is the forced compliance with requests for passcodes and PINs.
A good strategy that iPhone owners can use is to hard lock their device by pressing and holding the Side Button (Power button) and either one of the Volume buttons for 3-seconds. This can easily be done while an iPhone is still in your pocket, purse, or bag. Once activated, Face ID, Touch ID, and Unlock with Apple Watch will no longer unlock your iPhone until the owner enters their passcode/PIN code.
Starting with iOS 16, the new Lockdown Mode security feature will help protect customer’s and their data from common security vulnerabilities by trading convenience for security. Most people will never need this feature, but for those who do, it will help protect their privacy. Sometimes, security is hard, but necessary.