Back

Australian Border Force searched phones of 10k travellers in past two years

75 points3 hourstheguardian.com
zensavona1 hour ago

I'll just add a couple of details here since I have had this happen to me multiple times...

I'm an Australian citizen and this applies just as much to me as a foreigner (for whom although I disagree about, I could make a reasonable argument for this being valid). Police require a warrant and/or reasonable suspicion of having committed a specific crime to search any part of you or your belongings. Border Force do not require this.

When they ask for the code, they will either:

- just open your device and rifle through your photos and messages in front of you, asking questions like "got a lot of photos of x, what's that about?" or "who is y?", ask you questions like "what are you doing in Australia? Who are you seeing? What's your relationship to them?" et cetera (even to me, a citizen who spends majority of my time abroad).

- Take it into another room for 20mins or so and presumably take a dump of the whole thing for further analysis. I once asked "what is done with this data and how long is it stored" and they refused to answer the question.

One time after refusing to hand over the code (politely) I was treated pretty aggressively, had my whole body searched (not strip searched, groped well all over), all my luggage taken apart etc. I received a letter in the mail that I could go and collect my phone at the airport after around 3 weeks. It seems unlikely they have some tech which allows exfiltration of data from a locked iPhone(?) so I'm not sure what that's about. They claimed to me that they do indeed have this capability.

Since refusing to open the phone and letting them keep it I seem to be on some kind of list and have had a Border Force officer meet me at the baggage carousel a couple of times with the "please come with me sir" to my own private search area where a few of them are ready to search my luggage inside out. This seems to happen less recently since I have just given them the code. They have successfully made it inconvenient enough for me to comply.

One time years ago they did the same thing with my laptop. Since that incident they have only asked about my phone.

ThrowawayTestr53 minutes ago

What would you say to people claiming that Australia is falling into authoritarianism?

Rinzler891 hour ago

Ah shit, comments like these and the videos from Boy Boy and Friendly Jordies makes me want to avoid traveling to Australia when I see how easily law enforcement there just violates people's rights using some legal loophole.

bloomingeek54 minutes ago

I couldn't agree more! Hypothetical: I wonder how they would react, on looking at my cell, if before leaving home I removed all my pictures and contacts, erased my internet history and removed all files? Would they think I'm hiding something or just being careful with my private data?

Instead of, "Don't leave home without it!", leave home without data on phone. :)

grecy58 minutes ago

Have you tried not bringing a phone?

I'd be really interested in their response when you tell them you don't have one on you.

gruez57 minutes ago

Or their response if you gave them your phone and pin but it's a wiped/reset phone.

cletus2 hours ago

Story time: when I worked at Google we had a specific policy for traveling to and from China. IIRC it went something like this:

1. You absolutely aren't allowed to take your regular phone and laptop;

2. You will be given loaner devices to take into China;

3. If you're asked to open such devices on entry, comply and then, when you can, inform IT;

4. Once you got back, I'm not sure what happened to those devices. I believe they were in the very least wiped. They may even have been destroyed in certain circumstances (eg if a border official examined the open device). But that's speculation.

I never travelled to China so never used this. A colleague who regularly traveled to China told me some stories about this.

But yes it does seem prudent to wipe your device and restore when you land. Then again, border officials can also deny you entry with very little justification so who knows?

bbarnett57 minutes ago

If I ever have a company phone out of a employee's sight like this, eg border searches, from China to Canada, it's thrown in the garbage after.

There's no way wiping should be considered enough.

codetrotter1 hour ago

> it does seem prudent to wipe your device and restore when you land. Then again, border officials can also deny you entry with very little justification so who knows?

For example, if they instruct you to turn on the device, and they see the setup screen or even just that it has no photos, no messages, nothing, might raise suspicion I would imagine.

Good luck trying to argue with them that absence of data should be considered normal and not a reason for them to harass you :(

Kim_Bruning1 hour ago

They might try to claim that you're smuggling a new phone or some such. But you could often just state that it's corporate policy?

Now you can both take the same side complaining about stupid bureaucratic rules making everyone's life harder.

Garvi1 hour ago

That's exactly like the travel advisories to the US for EU firms. If it bothers you this much, why this Don Quixote act, why not do something about it where you actually can? Otherwise it's just bashing the Chinese for internet happy points. Just like reddit.

cletus1 hour ago

Unauthorized access by Chinese state actors is not a hypothetical [1].

[1]: https://www.computerworld.com/article/1600064/hackers-used-i...

estebank1 hour ago

As someone who's more affected by the US behavior than the Chinese behavior, and very critical of it, what you're doing is whataboutism.

peutetre2 hours ago

> The department data reveals that close to 94% of the time people freely revealed their phone passcode to officers, despite there being no legal requirement to do so.

There really needs to be better education in civics. It's so important to know your rights, especially when someone in a position of authority tries to abuse that authority.

LimeLimestone2 hours ago

Does it apply to non-citizens?

As far as I know, in the US you can politely decline a phone search if you are a US citizen. If you're a foreign tourist your only choice is either to allow the search or be denied entry to the Land of Freedom™

How does it work in Australia?

jkaplowitz1 hour ago

At the US international border, no, even US citizens can’t prevent the phone search regardless of whether or not they consent. They can however usually decline to give a PIN, passcode, or password or to assist in unlocking the phone by entering such a credential, and they can’t be refused entry to the US. However, CBP can then temporarily seize the phone to perform a more comprehensive attempt at searching it. Getting the phone back later may be a hassle.

Additionally, pissing off CBP may lead to extended delays, luggage searching, and questioning to see if they can find another legally valid reason to punish you for annoying them. And maybe they might revoke trusted traveler program membership due to no longer seeing you as a low-risk traveler. But indeed, they will not finally refuse entry to a citizen.

There are rarer cases where the US government can insist on your cooperation in getting past a PIN, passcode, or password, such as if you show them that an incriminating document exists on your phone and then lock the phone before they can collect the evidence.

And while the exact boundary of the constitutional protections regarding face or fingerprint unlock is not authoritatively settled nationwide in the courts, it’s very likely weaker than for information you hold in your mind like a password.

I strongly suspect CBP can constitutionally require a US citizen entering at an international port of entry to assist with fingerprint or face unlock, though I admit I don’t know how physically they can force the matter if the person refuses. It wouldn’t surprise me if that would be grounds for arrest under at least some circumstances (maybe not all).

karaterobot2 hours ago

As the article states, they can take your phone and try to hack it, but they can't otherwise punish you for refusing to give them your password.

coldtea1 hour ago

>they can't otherwise punish you for refusing to give them your password.

Except of course by denying you entry, marking you in some "no fly" blacklist, and other ways that are not oficially "punishments", but are very much so in practice...

alexey-salmin1 hour ago

They can refuse entry at any time, and legally speaking it's not punishment

grecy55 minutes ago

No country can refuse entry to it's own citizen.

They must admit a citizen, but they can then arrest them immediately.

sofixa2 hours ago

> far as I know, in the US you can politely decline a phone search if you are a US citizen

Same with being filmed at the airport. Last time I passed through US airports there were signs that you're monitored and it goes to blah blah database, and that if you're a US citizen, you can request to be removed. If you're not, go fuck yourself and pray all your biometric data isn't stored at the cheapest possible vendor and about to be leaked.

macksd2 hours ago

And would anyone be surprised if asking to be removed was also a way to get subjected to additional screening in future?

edward282 hours ago

While you are legally required to hand over the passcode, they can confiscate the device for two weeks or more, which is probably a large deterrent for most people.

McDyver2 hours ago

That's the point the article makes, you are _not_ legally required to hand over the password.

> Officers routinely ask travellers to provide their passcode or password to devices so they can be examined, but they do not have the power to compel passengers to hand over their passcodes,

Hizonner2 hours ago

Right, and grandparent has a typo. True you are not required to hand over the password, but they aren't required to give you back your phone if you don't.

+2
karaterobot2 hours ago
DowagerDave2 hours ago

but they can take your device - then what do you do?

coldtea1 hour ago

It's also important to not get boged down in the airport or denied entry out of spite though...

jmyeet2 hours ago

This one is tricky. You just don't have the same rights when trying to enter a country as you do if you're stopped by the police. Border officials have the power to deny you entry and generally there's very little recourse if they do. This makes you way more vulnerable and likely to cooperate than you would, say, during a routine traffic stop.

zensavona1 hour ago

This applies to citizens returning home also. If I am an Australian citizen I do have a right to enter the country, yet I am still subject to this.

sva_2 hours ago

'freely revealed' probably means 'we\'ll have to keep this until we managed to unlock it.'

aaron6952 hours ago

[dead]

jl62 hours ago

10,000 phone searches in the last two years.

3.3m visitors in March 2024 alone.

So something like 0.01% of travellers get their phones searched. How are those 0.01% selected?

> The agency does not provide information on the success rate for searches, but has said a phone would only be seized where officers suspected it had “special forfeited goods” such as “illegal pornography, terrorism-related material and media that has been, or would be, refused classification”.

One wonders how such a suspicion is formed.

zensavona1 hour ago

Also consider Australians who travel and return home. I have personally had my phone searched 3 times. I know many people who also have the same experience. One time I refused and let them keep the phone, just bought a new iPhone and restored it. Since then I was searched almost every time I went through the airport.

After refusing to hand over the code (Politely... I explained that no, there is no terrorism material or similar on my phone, I just object to this practice, which they could not comprehend) I was treated pretty aggressively, had my whole body searched (not strip searched, but groped very well all over), all my luggage taken apart etc.

bbarnett50 minutes ago

The trickster side of me, makes me think you should have made very ... sensual sounds as they groped you.

Yes bad idea, but funny idea too.

qingcharles1 hour ago

At Heathrow airport I was offered the option of switching my laptop on to show them it worked, plus a full body x-ray, or "the other option" (man waves a pair of gloves insinuating a full body cavity search).

So, you can see what (mostly) everyone would choose there.

The only bonus was that security man managed to walk me around the 2-hour long security line.

gruez59 minutes ago

>switching my laptop on to show them it worked

That seems... fine? They're not asking you unlock your laptop, just to turn it on, presumably to prove it's actually a laptop and not a bomb in a laptop's case.

Kim_Bruning1 hour ago

People still wonder why I'm so careful with phones.

At this moment, phones in many jurisdictions are still fair game. Anyone can grab whatever they want from them. That's why you can't really trust them. We need new rules that declare the 'confidentiality of phone contents,' especially information at rest, as inviolable, similar to the secrecy of correspondence.

geocrasher2 hours ago

Easy solution: Travel with a burner phone.

nucleardog2 hours ago

Any time I travel out of country, a week or two beforehand, I pull an old phone out of a drawer, factory reset it, and move my SIM card over. I don’t sign it in to any cloud services. I’ll install a few apps (browser, news reader, YouTube, maps, stuff like that) but nothing of any real substance.

For the couple weeks until I travel I carry both phones, collecting a bit of data, the odd text message from my mom, snap a few photos, receive an assortment of spam calls, get a few destinations in the maps history, etc. Anything important still happens on my main device (can always tether through the old phone).

By the time I hit the border there’s enough data to not be an immediate red flag, but nothing that really matters. If anyone compromises the phone while I’m away, it’s at least reasonably limited to only collecting data on me until I get back and throw the thing back in a drawer.

It’s not foolproof, but it’s a reasonable balance for me between risk/effort/expense travelling to places like China.

alisonatwork1 hour ago

The stupid thing about this whole security charade is that this is exactly what any serious actor would do if they actually had sinister motives for entering the country, so the policy is only punishing ordinary people who were no threat in the first place or occasionally by accident catching a dumb criminal who probably would've been caught eventually anyway.

williamdclt2 hours ago

That's a very loose definition of "easy"

geocrasher2 hours ago

Use whatever word you like better. Straightforward, Simple, uncomplicated not difficult.

Seriously, set up a new phone, new number, new Gmail account, new IG/FB accounts, use them a week before you leave- tell your friends "Follow me here for my trip!" and have your phone number forwawrded. Put a few contacts in it. Done. Not a big deal at all for most technically competent people. That's us, right?

johnchristopher2 hours ago

I have been trying to create a facebook account recently, for work, I didn't use my real name (I just needed a facebook account to follow some pages). I got flagged and now have to provide additional proof of identity. Same for IG. I don't think it's as easy as before to create a temp. facebook account. After setting it up you need to feed it right.

dento59 minutes ago

And when I have to access a 2FA protected account, like my bank or email, I do what?

stronglikedan1 hour ago

Even easier: I keep my previous phone when I get a new phone, so it's just a matter of swapping a SIM card. Of course, my old phone was factory reset once I decided to keep the new phone, because I don't want it laying around with all my data even if it is just in my desk drawer.

DowagerDave1 hour ago

This is ridiculous. Put aside the idea of purchasing a new phone for a trip, you then suggest setting up all new accounts and then "telling your friends" - how exactly? contact everyone from your "real" accounts and say add my fake account? What about when you come back - tell them "ok delete my fake account and add my real one"? which is which now, oh and how do you access all your real contacts, credentials, payment, etc that you needed during your trip? And I do this everytime I travel?

You seem to focus on the technical aspects but really gloss over the entire "create a duplicate online life every time you travel"

geocrasher1 hour ago

Where did I say to do this every time you travel? I described the setup of such a phone. In fact if you had a second phone just for travel, who'd care? Not that big of a deal. Y'all are being pedantic.

helsinkiandrew1 hour ago

Or have a burner iCloud/Google account setup with just the apps you need for the flight and reinstall your phone when you get there?

ta12432 hours ago

Like a Galaxy Note?

bongobingo12 hours ago

Just make sure you use it for a few days before hand so it doesn't appear to be a burner phone, lest you be considered suspicious and remanded for additional interrogation.

op00to2 hours ago

My company requires us to use a "burner" phone and laptop when we travel internationally. I can helpfully print out the policy from the employee handbook and show it to the border guard. I'm not sure that's considered as suspicious as you think absent any other suspicious behaviors.

coldtea1 hour ago

>Just make sure you use it for a few days before hand so it doesn't appear to be a burner phone

Wouldn't they notice all your mail, call list, and other such accounts are from a few days?

GJim1 hour ago

> use it for a few days before hand so it doesn't appear to be a burner phone

No need to bother.

Most companies of any size, and us civil servants, have policies to travel with burner phones/laptops when crossing (even some benign) international boarders and/or entering certain countries.

Frankly, it is so commonplace, it is not remotely suspicious to travel with a burner.

KermitTheFrog2 hours ago

Samsung: Hold my beer, I have a nice phone to you.

curtis33892 hours ago

This comment section reveals that you live in a dystopia.

seydor1 hour ago

That's too much work - we should use AI to preemptively scan the phones for illegal thoughts

Hizonner2 hours ago

Before any international travel:

1. Wipe phone 2. Install goatse wallpaper

tgsovlerkhgsel2 hours ago

3. Get arrested for bringing "indecent material" or whatever they call that into the country.

Hizonner1 hour ago

Well, yeah, given that it's Australia.

Slaughterhouse waste wallpaper should be OK though.

verticalscaler2 hours ago

[flagged]

kube-system2 hours ago

Phone searches at borders have nothing to do with the COVID.

verticalscaler2 hours ago

Please ask an Australian citizen to regale you with their lived experience and get back to me.

BTW, I'm vaccinated in case the flaggers/downvoters are offended. Understand the point made at least. Some countries really really spiraled and still not back to normal.

kube-system2 hours ago

Phone searches at borders have been common, all around the world (and in Australia), way before COVID existed.

https://i.nextmedia.com.au/Assets/fa-220200502-document-rele...