Canadian Fined For Not Providing Border Agents Smartphone Password (www.cbc.ca) 276
Reader da_foz writes: A Canadian was reentering Canada when he was arrested and charged with hindering or obstructing border officials. At the time traces of cocaine were found on his bags and he was carrying $5,000 in cash. He provided his smartphone to border agents as requested, however refused to provide the password. Canada Border Services Agency officials asked for Philippon's smartphone and its password. From a report: "He handed over his BlackBerry but refused to disclose the code to access the phone. Philippon was arrested and charged under the federal Customs Act, accused of hindering or obstructing border officials." It is unclear if he provided the password while agreeing to the fine.
Boarder Agents (Score:5, Funny)
Re:Boarder Agents (Score:5, Funny)
Nah, they were waterboarding agents, but with the drought and all.
Re:Boarder Agents (Score:5, Funny)
Re: (Score:3)
Unusually for XKCD, it's a multi-comic arc. Go back a couple.
Re:Boarder Agents (Score:4, Insightful)
Re: (Score:2)
Re: (Score:2)
Re: Boarder Agents (Score:5, Funny)
I think Bordeaux agents are the guys you wine about...
Re: (Score:2)
There is just a simple keystroke typo. It should have read broader .
The broader agents work for the broader agency , a very broad agency. See details here:
https://link.springer.com/arti... [springer.com]
Other ones (Score:3)
I figured he must have been sitting in a boat being towed in.
Or else the agents were all women and the submitter badly misspelled "broad".
$5K is just fine (Score:2)
Re: (Score:2)
That was my question too. Can Canadian cops steal cash from people without filing charges the way our cops can, or do people have rights up there? Or did they resort to the idea of "Fine - $5000?"
Re:$5K is just fine (Score:5, Interesting)
You don't have to declare any amount of cash below $C10,000, so I'm not sure what grounds they would have to confiscate the money, but they might have wanted to harass this person, and in that case deprive him of the money for a few months until the courts ordered it returned.
As for the cocaine residue, it's not illegal in Canada to have used drugs while visiting another country. The ion scanners they use can detect and identify extremely minuscule traces of many substances (not just drugs) but that does not mean the quantity would be enough to lay a charge. An ion scan, by itself, is not admissible evidence; you need a more definite test from a crime lab, which requires a larger quantity.
Really, the fine is essentially the only form of official sanction they had at their disposal. The only interesting part is they used it.
The OP wonders if he offered the password as well as received the fine. I seriously doubt it
If he hadn't, there would not be a story in the first place, I suspect the charge would have been stayed (dropped, but can be re-introduced within one year) or dropped entirely (cannot be charged again with the same offence for the same incident).
Agents? (Score:2, Interesting)
Re: (Score:2)
you wish
Re: (Score:3)
No, no, it's Canada. They just keep repeating questions and commands, but without "please" or "sorry".
What happens when wetware bcomes a thing? (Score:4, Interesting)
room 101 (Score:2)
you go to room 101 the last guy cracked in 5 days.,
Re: (Score:2)
Re: (Score:3)
it could potentially be configured to disregard entry attempts if your attempt to access was not sincere
That problem is already solved.
My old Android LG G2 for instance allows me to login under a different profile based on the particular pattern/password I am using. This is handy if you have multiple girlfriends (not that I even have one yet, but I am speaking hypothetically, so let's say I do get one girlfriend, and then a second one). If they see your password/pattern, they're under the illusion that it is your main password, so they can snoop all they want using that same password, and the system doesn't g
Re: (Score:2)
if your attempt to access was not sincere (that is, you were doing so only under duress, or compulsion by another party
Let's get employers on this right now. Sorry, boss! I can't do that work for you, because I don't want to.
Meet the $5 wrench (Score:2)
Why are duress passwords not a standard feature at this point?
Because they are useless once the party causing the duress becomes aware that such a thing exists.
Agent: "Give me your password" ...
You: "Here you go"
Agent: Clubs you with a wrench. "Give me your REAL password, smartass"
You:
Re: (Score:2, Insightful)
Why are duress passwords not a standard feature at this point?
Because they are useless once the party causing the duress becomes aware that such a thing exists.
Agent: "Give me your password" ...
You: "Here you go"
Agent: Clubs you with a wrench. "Give me your REAL password, smartass"
You:
Well, the concept behind a duress password is that they have to actually try the one you give them to verify it, and once they enter a duress password further attempts to get a real one are useless. (note, there's no reason you can't have arbitrarily many duress passwords, so they'll never be sure that the Xth unique password you divulge is the real one.)
If the duress password summons the authorities or destroys the device than, asking for your password is pointless as they know that even if you do give the
Re: (Score:2)
Well, the concept behind a duress password is that they have to actually try the one you give them to verify it, and once they enter a duress password further attempts to get a real one are useless.
So they don't enter one until they've beaten you up for an arbitrarily long time. Long enough to have some confidence you aren't lying to them. How well do you think you will hold up under torture? I'm betting not so well.
(note, there's no reason you can't have arbitrarily many duress passwords, so they'll never be sure that the Xth unique password you divulge is the real one.)
There is also no reason they cannot make your life a (barely) living hell for an arbitrarily long time. Better be sure whatever you are protecting is worth your life or your freedom because that's what it might cost you.
The problem arises when the people breaking in ARE the authorities, as then they don't care if the phone calls the cops, and they will nail you with obstruction and destroying evidence if the device self destructs. In that case it's safer to try the "I forgot" or "I plead the 5th (or local equivalent)" gambit.
Ask the people imprisoned in Guantanamo Bay how well that worked f
Re:Meet the $5 wrench (Score:5, Insightful)
Better be sure whatever you are protecting is worth your life or your freedom because that's what it might cost you.
What you are trying to protect is your freedom. If you're going to lose it one way or another, it seems better to lose it by standing up for yourself.
Re: (Score:2)
What you are trying to protect is your freedom. If you're going to lose it
That statement and the singular pronoun implies you think "freedom" is an atomic concept. I.e., that any freedom lost is a loss of all freedom.
This is a particularly zealous definition, and that's not a judgement, just a fact. Many people, I think, would consider the loss of "freedom" in having a border agent look at their phone's contents and find nothing to be something significantly different than the loss of "freedom" involved in being incarcerated because they didn't allow them to look.
"If you are go
Re:Meet the $5 wrench (Score:5, Funny)
Agent: Clubs you with a wrench. "Give me your REAL password, smartass" ...
You:
That's why my password is "I'll never tell, you bastards!"
Re:Meet the $5 wrench (Score:5, Funny)
*smack* "Where's the comma!" *smack*
Re: (Score:2)
Why are duress passwords not a standard feature at this point?
Uh, probably for the same reason bulletproof vests aren't hanging on runway models in New York despite the gun violence in America; 0.0000001% of citizens have ever had a need for one.
Fake "Panic" keys (Score:5, Interesting)
Re: (Score:3)
That seems like a tedious way to go about it. Why not just delete the encryption key so it's over instantly?
Canadian Border Guards... (Score:3)
Re: (Score:2)
It must have looked a bit strange for me, a white guy, to be in the car with 3 Asians and 2 young children. My wife speaks English well but the Canadian accent threw her off. She was giving answers to questions that were not being asked.
I was convinced I was going to be detained for suspicion of human trafficking. Luckily after about 10 mi
Re: (Score:2)
She was giving answers to questions that were not being asked.
Don't do this. They'll suspect that you're trying to fluff your answers with distracting information. Roll down all windows when you enter the inspection area. Especially if you have passengers. Only answer questions that are directed to you. Most questions will be asked to the driver of the car. But when they ask the passenger directly for what citizenship they are or in what country they were born (not always the same answer) don't attempt to answer for them.
Re: (Score:2)
I rode my motorcycle around Lake Superior 20 years ago and didn't get any trouble crossing into Canada at the Grand Portage, MN crossing, other than some questions about whether I had any weapons.
But when I ran into the duty free pickup office, I saw some really unhappy looking college age kids.
They were in a parking lot with a Chevy Suburban completely opened up and what looked like an entire week's worth of camping equipment and supplies COMPLETELY spread out in the parking lot. They were sitting on the
Re: (Score:2)
I had the same experience some years back. We went to Canada with my brother-in-law and his family. One the way back the agent asked us some rudimentary questions and then asked "And which one of you was born outside the US?" We sat there stunned for a few minutes because none of us were born outside the US and we were all trying to think of what we might have said to lead to this belief. Finally, we tentatively answered "none of us" and were allowed to pass.
It was the weirdest experience. It was as if the
Re: (Score:2)
Re: (Score:2)
Not sure I'd make that specific trip again -- the Canadian side was awesome, but Northern Michigan was a snooze.
I'm kind of curious what the border patrol psychology is on motorcyclists.
On one hand, if you were a stereotypical "outlaw Harley" type I could see where you would be under great suspicion due to the association with outlaw bikers and drugs.
On the other hand, what kind of drug volume can you expect to hide on a motorcycle and where are you going to hide it? Besides personal use quantities, there'
Re: (Score:3)
I'm a Canadian who once went on a day trip to Buffalo, NY on a lark with two of my daughters.
I myself look like a goddamn hippie with blond hair in a pony tail. I expected to get grilled like fuck for being a single man with two cute little girls in the back seat.
US Customs guy just pointed out that I hadn't actually signed my passport, that I should probably do that, and to enjoy my visit.
Guess what? You don't hear about the millions of people who don't get hassled at the border. You hear about the one
Re:Canadian Border Guards... (Score:4)
Well, when the BP/INS/TSA/customs/whatever goons do their jobs correctly and respectfully and don't falsely accuse you, either explicitly or implicitly, of wrongdoing or otherwise abuse their "au-thor-i-tah"; it *shouldn't* be a noteworthy occasion to be reported on. That's the way it should occur every... single... goddamn... time!
When they harass, wrongly accuse, or in any other way abuse their position; they bloody well should be taken to task and not just be publicly vilified, but professionally punished as well.
Re: (Score:2)
Re:Canadian Border Guards... (Score:4, Funny)
I flew to Canada once and I look like a perfectly normal face of white privilege. What I wasn't prepared for was ... questions. Like actual probing questions. Actually to be fair I wasn't really prepared for Canada at all because the exchange went like this:
Guard: What are you here for? ....
Me: Holiday.
G: What are you doing on holiday?
M: (thinking wtf?) Skiing with a friend.
G: Which mountain?
M: (WTF?) I don't know you have a lot of them.
G: You're going skiing but you don't know where?
M: My friend lives here I assume he knows.
G: Where's your friend live?
M: I don't know, somewhere near Vancouver.
G: Do you know the address?
M: No.
G: What's his name and phone number?
M: *says name* and I don't know his phone number.
G: You don't know know what you're doing here, your friend's address, or his phone number? Just how are you going to meet him?
M: Well I'm hoping he's just through that door *pointing towards the customs exit*.
G: If he's not?
M: I'm going to get my laptop out, find some internet access, open up gmail and write the nastiest email with the worst possible language I can think of hit send.
G:
M: Then I'll have lunch and figure out the rest from there.
G: *Starts laughing, hands me my passport and points towards the customs exit* Enjoy your holiday.
That disorganised chaotic start really set the tone for my entire make it up as you go holiday.
Re:Canadian Border Guards... (Score:4, Interesting)
I've gone into Canada a handfull of times over the last year and had similar.
They customs agents going into Canada typically ask some pointed questions - nothing onerous but things that usually catch you off guard. It's enough to throw someone actualy doing things wrong for a loop and give them easy justification for a detailed search/etc.
I'm going on vacation to visit a friend...i'm invarilably asked either who are they/name, where I know them from, where i'll be staying, or what we're planning to do.
The one time I said I was on business they wanted to know who i worked for, who i was meeting, where, etc. which was amusing since I have a Canadian office for my own company I was going to and two dozen people to meet with. She didn't really care, but was testing to see if it was a basic story/lie of if there were some facts behind it.
It's acutally proven psychology (though it requires *gasp* training) and probably 100x more effective than the rape-i-scan machines are for preventing Bad Things from happening.
Re: (Score:3)
After a couple years I got tired of the game and answered, but shortly. Like: - What are you doing in Canada? - I live here. - Where do you live? - Waterloo. - What do you
Re: (Score:2)
Re: (Score:3)
Well, there should be a corollary to the axion that "power corrupts"; along the lines of "positions with power attract the corrupt who wish to abuse it.". I find both to be equally true.
Comment removed (Score:3)
Re: (Score:3)
Is that settled case law in Canada where not revealing a password is filed under the right to remain silent? Here in the states there have been multiple cases, under different circumstances, that go both ways regarding key disclosure laws.
Re: (Score:2)
Re: (Score:2)
He pled guilty BTW
.
Re: (Score:2)
"He pled guilty BTW"
He pled guilty to some bullshit charge about obstructing an officer's ability to search his person. Don't make it sound like he pled guilty to drug possession or that his money was in any way illegally obtained.
Now I'm speculating: he was probably led to believe that if he pled guilty he could peacefully go on his way. He did so. Then they slammed him with the fine. Cops lie.
Re: (Score:2)
The US technically has the same but if you're within something like 100 miles of the border (which includes the coastline) you are in a "speical" area where your rights are flimsy. https://www.aclu.org/constitut... [aclu.org]
Re: (Score:2)
NEVER give out your passwords (Score:5, Insightful)
- It's ridiculously easy to plant evidence on a cellphone or PC;
- Your password can be used later for industrial espionage;
- There is no guarantee that the law officer would really be a law enforcement officer or that he is honest and therefore not going to use your passwords for dishonest activities;
Re:NEVER give out your passwords (Score:4, Insightful)
This just follows the old saying never volunteer anything. There are procedures and policies in place both to protect your rights and to ensure the validity of any investigation. Make sure that they are followed to the letter.
I back my device up everyday. I'd really like an app that would allow me to volunteer a 'password' that would institute a full device wipe should it be invoked, that way I could 'comply' with the demand while not compromising my data at all.
Re: (Score:2)
You can set most smartphones to wipe after N incorrect password entries; if you use auto backup it should be no big deal if you set it to something low like 2 or 3...
Re: (Score:3)
I'd like to give the appearance of cooperation. Whether right or wrong, I prefer not to spend the day in custody, and even if they are out of line, Customs and Border patrol are one of the last places where even if you are right, you will still lose fighting them in the short term for sure. I live in AZ and going to and from Mexico frequently has taught me that lesson the hard way. Four hours at the border getting vetted and undergoing repeated questioning, only to be released in the end is still a huge pai
Re:NEVER give out your passwords (Score:5, Interesting)
Wiping the device would be risky if you want to give the appearance of complying. Better would be an alternate password that gives them access to a dummy account that is good enough to look legit while not containing or giving access to content owned by the main profile.
Re: (Score:3)
Failure to allow US Customs access to your electronic devices is grounds for them to seize the device. Just a warning.
Re: (Score:2)
Re: (Score:3)
Or just don't store suspicious things on your phone. There's plenty of cloud storage services out there, not to mention you can just setup a file host yourself in whatever country you feel like.
I mean if you have a legitimate worry about them trying to plant evidence on your or something then sure, just giving them access to a clean phone could still be problematic.. but 99.99999% of people aren't important enough to warrant that level of paranoia.
Most of those border guards see thousands of people per day
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Slightly harder to set up but possibly easier in the long run...
Have a burner iCloud (assuming iPhone) account set up with appropriate dummy gmail accounts subscribed to some innocuous mailing lists. Have that available as a "backup" for your phone.
When you need to cross the border, backup your phone, restore from the burner iCloud account. If you need to hand out your password don't worry about it. Nothing there to look at.
After the border just restore from your actual iCloud.
Re: (Score:2)
"... I'd dearly love to see Border Services brought up on charges ... "
So, under your rule of law, border agents can not look at anything because it may have "Protected Health Information"?
Re: (Score:2)
- It's ridiculously easy to plant evidence on a cellphone or PC;
If this is your concern then you've lost the game before you've even started playing.
Re: (Score:2)
Re: (Score:2)
Never, ever give out your passwords to any "law enforcement" (the reason for the quotes will be clear)
Very easy to say, but when you're risking your family's holiday over it, or your job, or your Christmas, or one time per year that you get to spend time with your parents. Principles are great and all, but if you're visiting a foreign country you have no rights, and the cost for you to piss them off is ridiculously large where the border official has no risk at all. The system needs new rules, and we take pressure off when we say "oh just don't give out your password, it's easy".
Re: (Score:2)
"but if you're visiting a foreign country you have no rights"
And as a society we accept this?
Why?
Traces of cocaine? (Score:5, Insightful)
Re:Traces of cocaine? (Score:4, Insightful)
Considering there is research indicating that almost all US currency has traces of cocaine on it then it wouldn't be very hard for them to claim that.
Good! (Score:4, Interesting)
My company is currently in the process of designing a special TPM style product that makes it very near impossible to enter a devices without being the one intended for reception. Well solutions like this do exist, ours is going to be fairly open, cheap and allow it to interface to almost device to which someone can write a low level kernel based driver. With our device, it makes it impossible to access the contents of anything on the device under encryption due to how the data is stored and decrypted. Without access to the exact key which is paired to the device under encryption, you may as well wipe the device because except in exceptional cases, where multiple keys are warranted, there is no other way in the device under encryption.
I'm bringing this up for this exact kind of situation, well traveling you can keep your data fully encrypted, have one of our keys at home, with the data it encrypted being unavailable physically until you arrive home, and you could carry a second key which can decrypt any data marked for use between the two keys or just the data encrypted well traveling, with the only way to view the date, to be in possession of a key physically, think very small USB thumb drive.
If the border needs access, they can get access themselves. You're not stopping them by giving your phone, and you're not stopping them by refusing to give up a password or encryption key, you're simply protecting your right against possible self incrimination, and if the border patrol is actually qualified in the first place to do a job that would be require decryption information on a phone, they should be able to do it regardless of what you put on it. I know that's a ridiculous statement, but it works. You shouldn't have to provide access to your personal data, to anyone. If anyone wants access, they can get access themselves without you.
I even once gave the border an entire database encrypted with our key solution, told them how it was encrypted and that the key for decryption was already sitting at an office in the US, so even if I wanted to get the data, I couldn't, they had no choice but to let me travel. You're not blacking anything by refused to decrypt data or let them into the system. In our case, we're going to the Nth degree and making it a physical problem, where it doesn't matter if you know the password, because it's point to point tied down.
I support anyone who refused to give up access, it's the right thing to do, the access isn't theirs and if it is, they can enter it themselves.
Re: (Score:2)
Someone should introduce you to a $5 wrench... :)
If they have physical access to the device, physical access to you, and you're not important enough to end up in the news, then they have all the power...
I'm not saying I agree with it, I'm telling you how the world works...
Re: (Score:2)
good luck with that. (Score:2)
Good luck trying this with U.S. ICE and/or CBP. There are no good outcomes.
* You could be interrogated for hours
* You could be arrested
* You could be refused entry
* Your device could be seized
"I don't know the password" will likely get your device seized.
Re: (Score:2)
Re: (Score:2)
IIRC you can't be refused entry if you are returning to your home country. You can be arrested and go straight to jail, but they can't turn you away.
You're right. So what? What if you aren't returning home? International travel is a core part of life for many people, jobs and family span countries. When you're visiting your partner's parents for Christmas, or doing a crucial deal with a client, that all easily happens in a country that isn't your own.
Re: (Score:2)
Don't do this (Score:2)
The entire rights situation is very murky at the border because technically you're not yet on U.S. soil until you pass Customs and Immigration. The SCotUS has ruled multiple times that U.S. Constitutional protections do not a
Re: (Score:2)
they had no choice but to let me travel
How did you get to that conclusion? If someone is forcing you to divulge something against your will and your rights then what's preventing them from stopping you from travelling?
They are breaking the law but they must let me go because they legally need to? That is a game that can't be won.
Re: (Score:2)
Re: (Score:3)
A company I used to work for had a system such as that. Whenever anyone travelled, they were issued a temporary laptop, with two partitions on the HD. The first was unencrypted and contained the OS, some basic applications (but critically, NOT email), and a VPN client. The second was encrypted and contained the important applications and any company data. We'd bought a solution such that the user never had the key to decrypt the other partition. Rather, he'd VPN in, and the key would be provided over t
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
take some classes manishs (Score:2)
I'm tired of this "manishs" person not having a better grasp of English, but also authoring 90% of the /. links I follow here from Twitter. The embarrassments are mounting for whoever it is -- if they CAN be embarrassed. I dunno. Some of the articles posted seem possessed of a political slant suggesting a personality of really odd affect.
Shyaw! (Score:2)
It was a Blackberry... (Score:2)
It was a Blackberry, don't they already have the password? That's what everyone is led to believe by the phone fetish trolls.
If you're worried... (Score:2)
1. Backup phone
2. Wipe Phone
3. Travel
4. Restore phone from backup.
Repeat on the return trip.
A much better summary (Score:2)
http://www.cbc.ca/news/alain-philippon-phone-password-case-powers-of-border-agents-and-police-differ-1.2983841
Apologies for the poor formatting of the link, but for some reason
Re: (Score:2)
Re: (Score:2)
There is nothing wrong with travelling with $5k in cash.
What? To be a good citizen we must pay 3rd parties to transfer money for us?
Re: (Score:3)
5K really isn't that much money either in terms of drug transactions or in general. The notion that it is, is why so many people end up victims of forfeiture. Unwitting dupes continue perpetrating the myth that cash equals drug dealer.
Re: (Score:3)
I agree. There seems to be a "war on cash". Unsurprising considering the banking industry benefits from every single transaction.
Re: (Score:2)
With Trump as the Republican nominee, I don't think we need to worry about that for another four years.
Re: (Score:2)
Dunno, but it is a bit tiresome when a typo results in having to scroll over halfway down the page before you get to a comment that deals with the actual substance of the story.
Re: (Score:2)
Re: (Score:2)
No hablo Ingles.
Re: (Score:2)
Re: (Score:3)
I don't know why there isn't some sort of a feature like a bogus password I could give to someone that would appear to show a plain vanilla OS installation - just my contacts and some fake innocuous texts. No email access or apps beyond a standard load of fake ones.
A password that wipes the device would be helpful, but one that betrays nothing while still giving the illusion of compliance would be more helpful.