Canadian Border Patrol Charge Traveler With 'Obstruction' For Refusing To Give Up His Phone Password

from the don't-travel-to-canada dept

I've traveled to many different countries in my life and the only time I've ever had any trouble at all at a border crossing was flying into Canada for a conference one time. I was pulled out of the line and sent to a special side room where I was quizzed about the real reasons I was coming to Canada. They couldn't believe I was speaking at a conference, because I didn't have a paper invite, and had to dig through my emails to show them it in email (thankfully, I stored my emails locally and didn't need internet access). When I tell that story it shocks some people, as Canada has always had a reputation as a fairly easy border to cross -- especially for Americans.

But apparently the Canadians are stepping up their crazy antagonism at the border. The latest story involve Alain Philippon, a Canadian citizen who was returning from a trip to the Dominican Republic. Upon landing in Halifax he was ordered to cough up the password to his smartphone, and upon refusing, was charged with obstructing border officials:
A Quebec man charged with obstructing border officials by refusing to give up his smartphone password says he will fight the charge.

[....]

Philippon had arrived in Halifax on a flight from Puerto Plata in the Dominican Republic. He's been charged under section 153.1 (b) of the Customs Act for hindering or preventing border officers from performing their role under the act.

According to the CBSA, the minimum fine for the offence is $1,000, with a maximum fine of $25,000 and the possibility of a year in jail.
In the US, there have been a number of cases concerning searches of computers and electronic devices at the border, with an unfortunately large number saying that you really don't have privacy rights at the border. Of course, it's not universal, as at least one important court has ruled otherwise. Up in Canada, however, there apparently hasn't been much caselaw on this issue, so assuming Philippon fights this, it could make for a very interesting case.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 6 Mar 2015 @ 6:25am

    In US you can be compelled to give up your fingerprint, password or other "mental exercise" needs a warrant.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 6:26am

    Monkey see, monkey do, eh?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 6:32am

    Good for him. People should be more willing to stand up for their rights, lest they be taken away.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 6:43am

    I've heard of plenty of horror stories at the Canadian border at my company. One of my co-workers was even flat out told by a Canadian border agent that if it wasn't for NAFTA they wouldn't have even let him in.

    Another of my co-workers was an idiot when they started to question him, asking him "could a Canadian do the job you're here to do". The co-worker basically said "well yeah I guess I'm just taking a job away from a good hard working Canadian", and was denied entry to Canada.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Mar 2015 @ 6:41am

      Re:

      Lots of Canadians are angry with the US and they retaliate by making it personal.

      It's routine for Canadian citizens driving to Florida for winter vacation to be stopped and shaken down by the police. Since the US Gov't now allows for money and property to be confiscated a lot of Canadian citizens are suddenly finding themselves with no car or cash on the side of the highway. We hear of and read these stories almost daily in the Canadian press-of course there's going to be retaliation by the Canadian version of TSA/Homeland Security. And, it will get worse, if Trudeau becomes PM expect the next POTUS and his entourage to get the "treatment" when he comes to Canada on official business.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 6:44am

    Stories like these are infuriating, because from this you can tell where their trying to take us, its british imperialism/nazizism all over again, were on the cusp of history repeating itself

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 7:04am

    at least still alive

    didn't tase you to death and lie about it

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 7:30am

    I wonder what kind of stealth methods/software, like steganography or hidden partitions, are available to hide things on tablets/phones like you can easily do on computers?

    Glenn Greenwald's husband's refusal to reveal his password resulted in the US/UK government [apparently] cracking it open almost instantly, suggesting that either he was a fool who used a very weak password (or maybe relying the Windows XP password?) -- or governments have some extremely powerful computers at their disposal. .... More likely the latter.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Mar 2015 @ 7:47am

      Re:

      why would you even try to hide things on your person? there's this great new-gee-whiz thing called the intarwebz that allow you to transfer your data after you've crossed the border.

      reply to this | link to this | view in chronology ]

      • icon
        Roger Strong (profile), 6 Mar 2015 @ 9:12am

        Re: Re:

        If they can demand your phone password, it's not a big leap to them demanding the password to the cloud service or social media account set up on your phone.

        If you're crossing a border, you might want to remove all cloud service apps and any signs that you use one.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 6 Mar 2015 @ 9:31am

          Re: Re: Re:

          But why should they even care? You're not likely to be "smuggling" things in on your phone. The only thing that could be on your phone is ethereal proprietary IP which can just as easily be emailed, or dropboxed or transmitted any number of ways. And if did have something, Customs wouldn't even know it if they saw it.

          The odds of randomly catching someone is so infinitesimal it's a waste of time.

          reply to this | link to this | view in chronology ]

          • icon
            Roger Strong (profile), 6 Mar 2015 @ 11:07am

            Re: Re: Re: Re:

            ...can just as easily be emailed, or dropboxed or transmitted any number of ways.

            Those email, DropBox and other cloud accounts are all accessed from my phone. That's the whole *point* of cloud services, letting me access them from anywhere.

            Even with separate passwords, it's not a big leap from demanding your phone password to demanding the passwords for services set up on your phone. For many people, the demanded password to get into their phone will provide access to their email, cloud and social media accounts with no further security checks needed.

            Many people - especially those who provide tech support - have other people's passwords and other personal information. Handing it all to border officials - who knows where it will go from there - is a big deal. The government doesn't have a great record for keeping data secret.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 6 Mar 2015 @ 11:41am

              Re: Re: Re: Re: Re:

              the price of freedom is eternal vigilance

              roll your own. don't depend on free cloud services

              flatten & reinstall before you leave.

              and one "app" to rule them all: the web browser. no bookmarks, never remember history/delete on exit; problem solved

              not that i have anything to hide, but its NONE OF THEIR BUSINESS what i do

              reply to this | link to this | view in chronology ]

              • icon
                Roger Strong (profile), 6 Mar 2015 @ 12:51pm

                Re: Re: Re: Re: Re: Re:

                > roll your own. don't depend on free cloud services

                Funny you should mention that. I have a static IP address with my own web server and mail/calendar/document server. (It has an excellent web interface.) I have a network drive - one of those "own your own cloud" devices - also accessible via an app across the internet.

                But my phone and table log into the mail/calendar/document server, protected only by both device's passwords. Once a border official has those passwords, they have access to a whole lot of information not actually on the devices.

                The official could also load the app for the drive, but I've told that to NOT store the password. Still, if the official can demand the password for the phone, he can demand passwords for apps on the phone.

                Your solution is what I've said above: If you're crossing a border, you might want to remove all email accounts, cloud service apps and any signs that you use one.

                A border official will find the lack of email accounts and other apps "suspicious."

                reply to this | link to this | view in chronology ]

                • identicon
                  Anonymous Coward, 7 Mar 2015 @ 1:15am

                  Re: Re: Re: Re: Re: Re: Re:

                  A border official will find the lack of email accounts and other apps "suspicious."

                  Create an email account with one of the free providers, and use it for those web services where you need an email account to create an account with them, like on-line stores.

                  reply to this | link to this | view in chronology ]

                  • icon
                    Roger Strong (profile), 7 Mar 2015 @ 11:57am

                    Re: Re: Re: Re: Re: Re: Re: Re:

                    Good idea. Create a "honeypot" to deflect unauthorized use by the, er, authorities.

                    If governments can use hacker practices against us, we can respond with the defences previously used against hackers.

                    reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 7 Mar 2015 @ 1:41pm

            Re: Re: Re: Re:

            Never owned a smartphone. Is there an sftp client for one of 'em ? That's what I'd use.

            reply to this | link to this | view in chronology ]

      • identicon
        Captive Audience, 10 Mar 2015 @ 8:19pm

        Re: great new-gee-whiz thing called the intarwebz

        Some people need their device to do work while they travel. They could upload everything to the cloud and turn over the password to their brand spanking new, never used, clean OS install at the border in that case.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 11 Mar 2015 @ 6:41am

          Re: Re: great new-gee-whiz thing called the intarwebz

          That is something I didn't think about.
          With apple or Android you could just wipe out the phone before you get to the border.
          Show the agents a completely fresh install and then do a restore when you get somewhere with wifi.

          reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 6 Mar 2015 @ 7:51am

      Re:

      "I wonder what kind of stealth methods/software, like steganography or hidden partitions, are available to hide things on tablets/phones like you can easily do on computers?"

      A quick Google search shows numerous stenography apps on all major portable OSes. I'm not sure how good/effective they actually are, but they certainly seem to exist.

      "More likely the latter."

      Nope, he simply had the typical layman's approach to security:

      http://arstechnica.com/tech-policy/2013/08/partner-of-nsa-leaks-reporter-carried-paper-with -password-says-uk/

      As ever, the weak link was the human factor. I'm sure they have some capabilities, but brute force against good encryption is never the first option.

      http://xkcd.com/538/

      reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 6 Mar 2015 @ 8:03am

      Re:

      "I wonder what kind of stealth methods/software, like steganography or hidden partitions, are available to hide things on tablets/phones like you can easily do on computers?"

      All of them. Tablets/phones are computers, just with a phone system attached, and if the phone is Android then it's Linux -- and you can do all the same partitioning tricks, etc. that you can do on any other Linux computer.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 6 Mar 2015 @ 10:48am

        Re: Re:

        Android is Linux based and a stripped down version at that. iOS is too for that matter. You can't do ALL of the same things but there are plenty that you can do.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 6 Mar 2015 @ 11:49am

          Re: Re: Re:

          IOS is BSD derived, but has been bastardized by Apple.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 6 Mar 2015 @ 11:57am

            Re: Re: Re: Re:

            I misspoke there but the point is still the same. Yes iOS is BSD derived which is based on System V architecture which is different than Linux. However those differences are mostly organizational in nature rather than functionality as it relates to the topic at hand. The fact is that almost all UNIX derived systems that have not been stripped down for a specialized purpose contain those same features.

            reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 6 Mar 2015 @ 1:06pm

          Re: Re: Re:

          "You can't do ALL of the same things but there are plenty that you can do."

          There probably are some things you can't do, but I haven't found them yet. However, you can't do them with the stock ROM out of the box. You need to root the device, and from there you can replace the crippled versions of important Linux binaries with the real ones. I also have recompiled a number of desktop linux tools and run them on my phone without issue.

          In other words, if you treat your tablet/phone as if it were a general purpose computer, then it behaves like a general purpose computer.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 7:43am

    Nuttiness in NZ too:

    "Customs is seeking the automatic right to require people to disclose passwords to their electronic devices when entering New Zealand.

    Failing to do so without reasonable excuse should be an offence punishable by three months prison, Customs has suggested.

    It said the power would be useful in helping detect objectionable material and evidence of other offending, such as drugs offences, as well as to verify people's travel plans."

    more

    http://www.stuff.co.nz/technology/digital-living/66980041/customs-password-plan-slammed-b y-labour-greens

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 6 Mar 2015 @ 7:57am

      Re:

      Note to self: Add New Zealand to 'Never visit' list.

      A three month prison sentence for refusal to hand over your electronics and everything they are connected to to border agents simply because they feel like browsing? Nothing in NZ is worth that risk.

      reply to this | link to this | view in chronology ]

      • icon
        sorrykb (profile), 6 Mar 2015 @ 9:03am

        Re: Re:

        It is still just a proposal. A terrible proposal, but at least that's all it is. So far.
        The proposal is one of several canvassed in a discussion paper on a review of the Customs and Excise Act that was released by Customs yesterday, none of which are official government policy.

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 6 Mar 2015 @ 9:53am

          Re: Re: Re:

          'Yet' is the key there though, it's not official government policy yet, and given how insane the government over their seems to be at times, it wouldn't be worth the risk for people to test it.

          reply to this | link to this | view in chronology ]

      • icon
        art guerrilla (profile), 6 Mar 2015 @ 11:30am

        Re: Re:

        note to self: add US to 'never visit' list...
        oh crap, i live here...

        ain't no such thing as 'unreasonable search/seizure' any more...

        reply to this | link to this | view in chronology ]

      • icon
        nasch (profile), 6 Mar 2015 @ 3:07pm

        Re: Re:

        Note to self: Add New Zealand to 'Never visit' list.

        Maybe just leave the electronics at home (would the phone even work there?) or factory reset before landing.

        reply to this | link to this | view in chronology ]

        • identicon
          Captive Audience, 10 Mar 2015 @ 8:24pm

          Re: No need to leave electronics at home

          Just bring your data-free electronics and access the cloud after crossing the border. Make sure it's totally clean with no connection to the cloud account with your REAL data. A BS account with all of your most boring family vacations and cat pictures is OK.

          reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 7 Mar 2015 @ 1:45pm

        Re: Re:

        Yeah, the place seems beautiful and the kiwis I know online are all very friendly. But that changes my views about visiting the country, ever, and I don't even have a smartphone (that is activated).

        reply to this | link to this | view in chronology ]

  • icon
    mattshow (profile), 6 Mar 2015 @ 9:04am

    I dug around for some Canadian caselaw on this last year and all I came up with was a single Quebec Court of Appeal case: R. c. Boudreau-Fontaine.

    There, at least, the judge was firmly of the opinion that compelling an individual to divulge their password was unacceptable.


    [39] I note that it orders the respondent to disclose his password#s# [translation] "in order to establish that the computer was connected to the Internet by Mr. Boudreau-Fontaine, thus breaching the conditions of his probation." In other words, the justice of the peace was commanding the appellant to give essential information with the specific intent of having him incriminate himself. I cannot see how the criminal law can allow such an order. It should be noted that the respondent complied with the order but that he certainly would not have done so without it, proof being that he refused to speak with the police officers about the events of September 19 when he was arrested. As the respondent wrote in his written argument, this order raises the issues of the right to silence, the right to be presumed innocent, the right not to be conscripted against oneself, and the protection against self-incrimination. Commanded to participate in the police investigation and to give crucial information, contrary to his constitutional rights, the respondent made a statement #identification of his password# that is inadmissible and that renders the subsequent seizure of the data unreasonable. In short, even had the seizure been preceded by judicial authorization, the law will not allow an order to be joined compelling the respondent to self-incriminate.

    [40] In R. v. Hebert, 1990 CanLII 118 #SCC#, [1990] 2 S.C.R. 151 at para. 47, McLachlin J. writes:

    ... the right to silence may be postulated to reside in the notion that a person whose liberty is placed in jeopardy by the criminal process cannot be required to give evidence against himself or herself, but rather has the right to choose whether to speak or to remain silent.

    [41] Without necessarily being detained, the respondent was compelled to participate in his self-incrimination and was given no choice in the matter: he had to help the police officers convict him. This approach is unacceptable.



    But of course, things are different at the border.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 9:26am

    What if you did not know your password at the border? Say you changed it before leaving, securely transmitted it to a trusted third party, and then deleted it from your records?

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 6 Mar 2015 @ 9:40am

      Re:

      It's awfully hard to prove that you don't know something.

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 6 Mar 2015 @ 9:46am

        Re: Re:

        More 'utterly impossible', given they wouldn't take 'no' or 'I don't know it' for an answer.

        Odds are they'd just toss you in a cell for a few hours to 'refresh your memory'.

        reply to this | link to this | view in chronology ]

      • identicon
        Anon, 6 Mar 2015 @ 10:22am

        Re: Re:

        >It's awfully hard to prove that you don't know something.

        Unless you're prime minister Harper or his government. then it's self-evident.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 7 Mar 2015 @ 8:55am

        Re: Re:

        "It's awfully hard to prove that you don't know something."

        One word: waterboarding.

        Just waterboard the guy to within an inch of his life, and especially after months or years of that, and he'll be confessing everything he knows, as well as a lot of made-up things, but talk he will. When all his forcibly-extracted confessions lead to dead ends, then he's obviously lying --and therefore innocent-- and can be released to make room for the next waterboardee.

        ... and the next, and the next, and the next, until you finally find someone whose confessions of crime actually pan out -- proving that torture works!

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 11:12am

    Prior to crossing the border,

    turn your phone off & tell Apple/Google/... that it's been stolen.

    When Dudley Do-Right turns on your phone, bzzt & it's erased!

    Once you cross the border, tell Apple/Google that you've found it again prior to turning it on.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2015 @ 1:05pm

    Bruce Schneier's Border Crossing Tips

    Step One: Before you board your plane, add another key to your whole-disk encryption (it'll probably mean adding another "user") -- and make it random. By "random," I mean really random: Pound the keyboard for a while, like a monkey trying to write Shakespeare. Don't make it memorable. Don't even try to memorize it.

    Technically, this key doesn't directly encrypt your hard drive. Instead, it encrypts the key that is used to encrypt your hard drive -- that's how the software allows multiple users.

    So now there are two different users named with two different keys: the one you normally use, and some random one you just invented.

    Step Two: Send that new random key to someone you trust. Make sure the trusted recipient has it, and make sure it works. You won't be able to recover your hard drive without it.

    Step Three: Burn, shred, delete or otherwise destroy all copies of that new random key. Forget it. If it was sufficiently random and non-memorable, this should be easy.

    Step Four: Board your plane normally and use your computer for the whole flight.

    Step Five: Before you land, delete the key you normally use.

    At this point, you will not be able to boot your computer. The only key remaining is the one you forgot in Step Three. There's no need to lie to the customs official; you can even show him a copy of this article if he doesn't believe you.

    Step Six: When you're safely through customs, get that random key back from your confidant, boot your computer and re-add the key you normally use to access your hard drive.

    https://www.schneier.com/blog/archives/2009/07/laptop_security.html

    reply to this | link to this | view in chronology ]

  • identicon
    Kronomex, 6 Mar 2015 @ 3:17pm

    It almost makes me want to put two tin cans (with an old cassette dictaphone taped to each can to record any missed messages)and a couple of hundred metres of string into a bag and then visit New Zealand. Can you imagine the fun that would occur when they open said bag?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Mar 2015 @ 1:33pm

    This is all the work of that creep Stephen Harper. He's losing ground and will most likely be out and his "Conservative" party too, when you have Albertans questioning whether they will vote Conservative or not you know he's in deep shit.

    But yeah, a judge ruled not long ago that cops were not allowed to search your phone in the US, in Canada the opposite happened. We have something that should be even better than the Bill of Rights, the Canadian Charter of Freedom and Liberties which is attached to the Constitution...but Harper just ignores it, he somehow gets away with it, because his base are in a way even more repugnant than the Republican base. Be glad that creep can't be President of the US. His hubris knows no bounds, thankfully he spent most of his reign in a minority government being blocked at every oppurtunity. He'd be so pissed off to end up in minority again this October that he would probably start playing his cards more rashly and have Canadians hate him even more. Remember,the guy got in with a 38% vote with a majority government in 2011, he doesn't represent Canada or Canadian values at all, considering most who vote for him don't even know why. The first time he got in as minority it was only "for a change! we want change! 16 years of the Liberals is too much!". Well, I hope they see what a really evil sonofabitch they voted randomly in for the sake of change.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.