The border is a legally anomalous place. Constitutional protections that apply firmly in domestic settings — the Fourth Amendment's warrant requirement, for instance — have long been interpreted by courts to apply differently, or not at all, at ports of entry. The rationale goes back to the founding: a government's authority to control what and who crosses its border is treated as a sovereignty interest that supersedes normal procedural protections for searches.
In practice, this means that a border agent can demand to inspect your phone's contents, compel you to unlock it in many jurisdictions, and copy its contents — without any individualized suspicion that you've done anything wrong. For most travelers this never happens. For specific populations — journalists, activists, researchers, people with certain national origins or travel histories — it happens more often than is widely appreciated.
The US: Broad Authority, Limited Judicial Check
US Customs and Border Protection (CBP) operates under a legal framework that treats border searches as categorically exempt from the Fourth Amendment's warrant requirement. The Supreme Court has repeatedly upheld this "border search exception" — including before the digital era — and has not definitively extended the 2014 Riley v. California ruling (which required warrants for phone searches during arrest) to border contexts.
CBP policy distinguishes between "basic" and "advanced" device searches:
- Basic search: manual review of the device's accessible content without connecting it to external equipment. No suspicion required. Any traveler may be subject to this.
- Advanced search: using external equipment (forensic tools like Cellebrite) to extract, copy, or analyze device contents. Requires "reasonable suspicion" or a "national security concern" — a much lower bar than probable cause.
What happens if you refuse? For US citizens and permanent residents, CBP cannot legally deny you entry — you have the right to enter your own country. They can, however, detain you, seize your device (sometimes for weeks), and flag you for enhanced screening on future travel. For visa holders and foreign nationals, the stakes are higher: refusal to comply can result in denial of entry.
Multiple federal circuit courts have reached different conclusions on whether advanced searches require a warrant. The Ninth Circuit (2022) held that forensic device searches require at least reasonable suspicion; the Eleventh Circuit had previously held no suspicion is needed. As of mid-2026, the Supreme Court has not resolved the circuit split. Know which circuit your port of entry is in.
The UK: Schedule 7 Powers
The UK's Terrorism Act 2000, Schedule 7, grants border officers the power to stop, question, and search any person at a port of entry for up to 6 hours without needing any suspicion of terrorism. This power has been used to examine the phones of journalists, activists, and political figures — including the 2013 detention of David Miranda, partner of The Guardian's Glenn Greenwald, who was held for 9 hours under Schedule 7 and had his electronics seized.
The European Court of Human Rights subsequently found that the Miranda detention violated Article 8 (privacy) and Article 10 (freedom of expression), but Schedule 7 itself remains in force. UK residents should be aware that courts have generally upheld the powers as lawful, even if their application in specific cases has been found disproportionate.
Canada: Evolving Judicial Oversight
Canadian law on border device searches has been in flux. The Canada Border Services Agency (CBSA) historically claimed authority to search digital devices without a warrant. A 2020 Ontario Superior Court decision found that warrantless forensic phone searches at the border violate Section 8 of the Canadian Charter (unreasonable search and seizure) without individualized suspicion. CBSA has contested this and the law continues to evolve — as of mid-2026, there is no binding Supreme Court of Canada precedent specifically addressing this question, and practice on the ground remains inconsistent.
What the Jurisdiction Comparison Looks Like
| Jurisdiction | Manual Search | Forensic Search | Compelled Unlock | Denial of Entry for Refusal |
|---|---|---|---|---|
| US (Citizens) | No suspicion needed | "Reasonable suspicion" (CBP policy; court law unsettled) | Yes (legally contested) | No — cannot deny citizens entry |
| US (Foreign nationals) | No suspicion needed | "Reasonable suspicion" | Yes | Yes — refusal can mean denial |
| UK (Schedule 7) | No suspicion needed | No suspicion needed under S7 | Yes — criminal penalty for refusal | Possible |
| Canada | No suspicion needed (statutory) | Legally contested; practice inconsistent | Contested | For non-citizens, yes |
| EU (Schengen) | Varies by member state | Generally requires reasonable grounds | Varies | For non-EU nationals, possible |
Practical Preparation Before You Travel
The most effective strategy is to reduce what's on the device before crossing. Data that isn't on the device can't be searched, copied, or compelled out of you.
Use a travel device
The highest-protection approach: a separate device with only the accounts and data needed for the trip, wiped before departure and after return. This is operationally significant overhead, but appropriate for journalists traveling to cover sensitive stories, researchers, or anyone with a genuine elevated threat model. See also our guide on physical device security and cold boot attacks.
Minimize your primary device
If a travel device isn't feasible: log out of sensitive cloud services before crossing, delete apps you don't need for the trip, and move sensitive documents to cloud storage you've logged out of. After the crossing, re-authenticate and re-sync. The device's local storage should contain as little sensitive material as possible.
Passcode over biometrics
In the US, courts have generally held that you can be compelled to provide a fingerprint or Face ID (biometrics are not treated as "testimony" under the Fifth Amendment), but cannot be compelled to provide a passcode (which is testimonial). This distinction is not uniformly established, but it is the current majority position in US federal courts. Disable biometric unlock before reaching the inspection area — on iOS, pressing and holding the side button and a volume button puts the phone in lockdown mode; on Android, the method varies by device. In the UK under Schedule 7, refusal to unlock is a criminal offense regardless of method.
Encrypted communications don't protect local data
Using end-to-end encrypted messaging apps — Signal, Haven, or others — protects messages in transit. It does not protect local message history if the device is unlocked for a border agent. If local message history contains sensitive material, consider using disappearing messages set to a short retention window before crossing, so that old messages aren't accessible on the device.
If Your Device Is Searched
- Stay calm and cooperative in your demeanor — this is not the moment for confrontation, regardless of the legality of the search.
- Ask clearly whether you are free to go and whether the search is mandatory. Note the officer's name or badge number.
- If a device is seized, request a receipt for the property and a case number. Document everything you can after the fact while memory is fresh.
- Consult a lawyer if you believe your rights were violated — organizations like the EFF, ACLU, and the Reporters Committee for Freedom of the Press have resources for journalists and researchers specifically.
The border is one context where legal rights and practical leverage don't track each other closely. You may have rights that are legally defensible after the fact; in the moment, an agent's discretion has enormous practical force. Preparation before travel does more than asserting rights at the checkpoint.