24

I recently glanced over a TV show called "Border Patrol Canada". One Canadian citizen was searched for whatever reason when he tried to re-enter Canada. The authorities wanted to know his laptop password and he refused it. They unlocked it anyway after showing the paragraph in he law and he got really angry about that and almost got arrested even though there was nothing illegal on his laptop. I can fully understand this person, I would never give my password for the laptop or the PIN for my mobile phone to anyone. This is my privacy which I value very highly. Beside the SE network I even have no social media account.

So I was wondering, can this happen to anyone entering Canada? Or must there be some probable cause?

If this is the case I'll probably never visit Canada even though it was on my to do list for travels..

Improve this question
3
  • 2
    Related: travel.stackexchange.com/questions/7254/…
    – JonathanReez
    Commented Mar 13, 2017 at 9:15
  • 5
    Use TrueCrypt (VeraCrypt) with plausible deniability (hidden disk) and you'll do fine. The authorities will see a boring regular installation of Windows and won't have access to your private files.
    – JonathanReez
    Commented Mar 13, 2017 at 9:17
  • All countries can and will do this in the right circumstances. If you won't visit Canada because of this, you should not visit any other country because it's equally or more likely to happen elsewhere. Typically it will only happen if the official doesn't believe your story and wants to look for evidence to support or refute your story (e.g. he believes you want to work in Canada, and wants to see if your emails and texts have evidence that you will be taking employment). Things to hide? Don't have them on devices you take across borders, no matter where you go.
    – Jim MacKenzie
    Commented Oct 8, 2017 at 0:17

3 Answers 3

Reset to default
21

As a rule, you can be asked to disclose pretty much anything when entering any country, not just Canada. Most rules of normal legal due process (warrants before searches etc) don't apply at borders, even to citizens, although at least citizens generally can't be denied entry.

At the end of the day, visiting another country is a privilege, not a right, and you need to play by their rules or they won't let you in.

Of course, the fact that immigration officials and immigration bureaucracy are essentially unaccountable to their foreign citizen "customers", who can't even vote the bums out, doesn't help...

Improve this answer
7
  • 7
    I would also note that neither citizens nor foreigners can be required to disclose anything. You can always say no and go back home (in case you're a foreigner) or get a grumpy 'welcome home' (in case you're local). Due process still works in the sense that you cannot be sent to jail for refusing to comply.
    – JonathanReez
    Commented Mar 13, 2017 at 9:10
  • 10
    @JonathanReez You certainly can be detained though, and there's not a whole lot of difference between immigration detention and "real" jail.
    – lambshaanxy
    Commented Mar 13, 2017 at 9:49
  • 3
    You still cannot be held indefinitely, have the right to use a lawyer, etc.
    – JonathanReez
    Commented Mar 13, 2017 at 9:50
  • 1
    Thanks, I just never experienced anything like this and was rather shocked when they just search mobile phones and laptops. I've been to China and even there no one cared. So is it just bad luck if you are selected and then you just have two options: give password/PIN or don't enter the country?
    – Thomas
    Commented Mar 13, 2017 at 10:57
  • 5
    @Thomas Or a third option: don't bring in anything you don't want searched.
    – Nathan K
    Commented Mar 13, 2017 at 13:54
14

The BCCLA has obtained the CBSA guidelines regarding access to digital devices. Unfortunately the PDF appears to be a bitmap rather than text so I can't copy and paste from it without OCRing it. However, some relevant excerpts:

Although there is no defined threshold for grounds to examine such devices, CBSA's current policy is that such examinations should not be conducted as a matter of routine; they may only be conducted if there is a multiplicity of indicators that evidence of contraventions may be found on the digital device or media.

...

CBSA officers shall only examine what is stored within the device. Officers are not to read emails on digital devices and media unless the information is already downloaded and has been opened (usually marked as read).

...

In instances where access to digital devices and media are password protected, officers are to request the password to access the device and record it, as well as any alternate passwords provided, in their officer notebook.

...

Passwords are not to be sought to gain access to any type of account (including any social, professional, corporate, or user accounts), files or information that might potentially be stored remotely or online.

...

If a traveller refuses to provide a password to allow examination of the digital device, media or the documents contained therein, of if there are technical difficulties that prevent a CBSA officer from examining the digital device or media, the device or media may be detained by the CBSA officer under the authority of Section 101 of the Customs Act... for examination by a CBSA expert trained on digital forensic examinations...

...

Until further instructions are issued, CBSA officers shall not arrest a traveller for hindering or for obstruction solely for refusing to provide a password. Though such actions appear to be legally supported, a restrained approach will be adopted until the matter is settled in ongoing proceedings.

You would need a lawyer to give you legal advice, but from a cursory examination of the guidelines, it would appear that you should be unlikely to be requested to provide passwords without good reason, and that you may refuse to provide them and would not be arrested for doing so, however your devices may be confiscated, and you may also be refused entry.

Improve this answer
7
  • 3
    In instances where access to digital devices and media are password protected, officers are to request the password to access the device and record it, as well as any alternate passwords provided, in their officer notebook. => Oh... Asking for the password is one thing, but writing it down? Really? :(
    – Matthieu M.
    Commented Mar 13, 2017 at 15:48
  • Interesting points about cloud storage and only accessing emails that have been 'read'. These days everything is on cloud storage... maybe all you need to do is log out of your accounts / clear caches and then nothing is stored on your device?
    – Tim Malone
    Commented Mar 13, 2017 at 19:21
  • It doesn't matter if the information is on your device or not. If you have access to it (via the cloud), then they can ask you for it. (They'll ask you to login to gmail or whatever if they want to.) And if you have the access information but decline to provide it, then you're entering in a potential world of hurt. See, eg goo.gl/FD0HE2 So either be prepared to provide the information or make it true that your really do not have access to the information.
    – Larry K
    Commented Mar 13, 2017 at 20:01
  • 2
    @MatthieuM. there's a difference between writing down a device password vs. an online account password. The latter fully compromises the account because it's usable by any hacker; the former is only useful to those in physical possession of the device. The CBSA guidelines specifically tell them not to collect online account passwords, probably for your reason. And since Device PINs are profoundly different in format than online passwords, sharing is not possible so not a vulnerability.
    – Harper - Reinstate Monica
    Commented Mar 14, 2017 at 0:57
  • 4
    @Harper your assertion that device pins are fundamentally different in format than passwords is outright incorrect. it's entirely possible to set a traditional password for a phone lock screen at least on android. Not common, but it is done. It's also much more secure than a pattern or pin.
    – Leliel
    Commented Mar 14, 2017 at 3:24
-4

Tell them the password is 1234. When it doesn't work, say "That's strange. I wonder if the boot sector is infected with a virus. I'll have to take it to the repair shop when I get home."

Improve this answer
2
  • Lying to customs and immigration officials is never a wise idea. If you don't want officials to access your data, there's an easy answer: keep your data on a remote system and not on your local device.
    – Jim MacKenzie
    Commented Oct 8, 2017 at 0:15
  • They won't be able to prove you lied. Keeping your data on a remote system is unwise because governments like to search remote systems.
    – Russell Hankins
    Commented Oct 8, 2017 at 11:07

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .