How to keep your data safe when travelling
Getting on a plane? Turn on 2FA and consider picking up a Chromebook
You wouldn't get on a plane without your smartphone and laptop but that's increasingly worrisome for data protection.
Increased restrictions at US borders has seen authorities asking for access to social media and apps, while the so-called "laptop ban" means travellers coming from or via specific countries to the US or UK are being forced to check larger devices rather than bring them in the cabin.
To be fair to the current American administration searches of electronic devices at the border were climbing well before the 2017 inauguration. According to campaign group the Electronic Frontier Foundation (EFF), searches lept from 4,764 in 2015 to 23,877 in 2016, and we can safely predict that number will climb further this year.
That's a problem because while the US does limit the ability of the government to demand access to your devices, the EFF notes that the rules are weaker at the border. "As a matter of practice, border agents may take a broad view of what they are permitted to do," the EFF's report into border privacy says. That can include looking at the data stored on your phone or laptop, or using them to access information saved in the cloud or to read your emails, access your social media, or see what you've bought online.
Of course, the US isn't the only country that may attempt to hoover up your data or fiddle with your hardware and you need to worry about hackers as well as border controls. The protections outlined here are key to anyone travelling with sensitive information be that business or personal and to anyone flying to and from countries with in-cabin laptop bans.
Start with the basics: don't leave home without a password on each device and your data backed up, and hold separate a copy of your emergency contacts, as well as how to access your corporate VPN or get fresh login credentials, in case your laptop goes missing or is damaged in the hold.
What you need to do beyond that depends on your individual threat model so take the time to consider what data you need to protect, who might target you, and how they might do it. And start this work before you travel, adding "data privacy" to your packing list.
Lock it down
You should already have a long password on your device, and if you normally use a fingerprint to open your phone, flip to PIN instead. Before going through border control, turn your phone off, advises Mozilla spokesperson Daniel Kessler, in a blog post. "If you turn off your device, you'll be required to enter a password to open the device when you turn it back on assuming you set one up," he notes. "This is true even if you turned on the fingerprint functionality."
Also consider encryption. If someone gets their grubby hands on your hard drive, they can still access your data; plus, the EFF notes that American authorities have "staff with training and access" to tools to "easily bypass" passwords to access encrypted hard drive content.
"Fortunately, modern phone, tablet, and computer systems usually come with comparatively easy-to-use 'full-disk' storage encryption features that can encrypt the full contents of the device with a password that will be required when the device is first powered on," the EFF report notes. "Using these tools is the most fundamental security precaution for travelers who have sensitive information on their devices and are concerned about losing control of them not just at a border crossing, but at any point during a trip."