Slashdot Mirror

← Back to Stories (view on slashdot.org)

Canadian Fined For Not Providing Border Agents Smartphone Password (www.cbc.ca)

Posted by msmash on from the borderline-absurd dept.

Reader da_foz writes: A Canadian was reentering Canada when he was arrested and charged with hindering or obstructing border officials. At the time traces of cocaine were found on his bags and he was carrying $5,000 in cash. He provided his smartphone to border agents as requested, however refused to provide the password. Canada Border Services Agency officials asked for Philippon's smartphone and its password. From a report: "He handed over his BlackBerry but refused to disclose the code to access the phone. Philippon was arrested and charged under the federal Customs Act, accused of hindering or obstructing border officials." It is unclear if he provided the password while agreeing to the fine.

8 of 276 comments (clear)

  1. Agents? by I4ko · · Score: 1, Interesting

    Are those agents that tie you down to a board with leather straps and proceed to repetitively submerge you into a vat of cold water?

  2. Boarder by Anonymous Coward · · Score: 0, Interesting

    Like a water boarder??

  3. What happens when wetware bcomes a thing? by mark-t · · Score: 3, Interesting

    And a person's password can be at least in part defined by what they are thinking about while they provide the password? Even if laws existed to force you to comply with law enforcement when they ask for access to your device, if a computer can read your state of mind, it could potentially be configured to disregard entry attempts if your attempt to access was not sincere (that is, you were doing so only under duress, or compulsion by another party), and I am pretty sure that no law could ever be created that requires you to *think* in a certain way.

    --
    File under 'M' for 'Manic ranting'
  4. Fake "Panic" keys by DatbeDank · · Score: 5, Interesting

    Sounds like a good feature for Alfresco would be a fake PIN or password that sends you to a dummy account with minimum if anything available. Android already supports multiple user profiles, maybe treat the lock screen as a log in as well.

  5. Good! by Murdoch5 · · Score: 3, Interesting

    Don't provide any password to a border agent, or really anyone who doesn't need it.

    My company is currently in the process of designing a special TPM style product that makes it very near impossible to enter a devices without being the one intended for reception. Well solutions like this do exist, ours is going to be fairly open, cheap and allow it to interface to almost device to which someone can write a low level kernel based driver. With our device, it makes it impossible to access the contents of anything on the device under encryption due to how the data is stored and decrypted. Without access to the exact key which is paired to the device under encryption, you may as well wipe the device because except in exceptional cases, where multiple keys are warranted, there is no other way in the device under encryption.

    I'm bringing this up for this exact kind of situation, well traveling you can keep your data fully encrypted, have one of our keys at home, with the data it encrypted being unavailable physically until you arrive home, and you could carry a second key which can decrypt any data marked for use between the two keys or just the data encrypted well traveling, with the only way to view the date, to be in possession of a key physically, think very small USB thumb drive.

    If the border needs access, they can get access themselves. You're not stopping them by giving your phone, and you're not stopping them by refusing to give up a password or encryption key, you're simply protecting your right against possible self incrimination, and if the border patrol is actually qualified in the first place to do a job that would be require decryption information on a phone, they should be able to do it regardless of what you put on it. I know that's a ridiculous statement, but it works. You shouldn't have to provide access to your personal data, to anyone. If anyone wants access, they can get access themselves without you.

    I even once gave the border an entire database encrypted with our key solution, told them how it was encrypted and that the key for decryption was already sitting at an office in the US, so even if I wanted to get the data, I couldn't, they had no choice but to let me travel. You're not blacking anything by refused to decrypt data or let them into the system. In our case, we're going to the Nth degree and making it a physical problem, where it doesn't matter if you know the password, because it's point to point tied down.

    I support anyone who refused to give up access, it's the right thing to do, the access isn't theirs and if it is, they can enter it themselves.

  6. Re:Canadian Border Guards... by torkus · · Score: 3, Interesting

    I've gone into Canada a handfull of times over the last year and had similar.

    They customs agents going into Canada typically ask some pointed questions - nothing onerous but things that usually catch you off guard. It's enough to throw someone actualy doing things wrong for a loop and give them easy justification for a detailed search/etc.

    I'm going on vacation to visit a friend...i'm invarilably asked either who are they/name, where I know them from, where i'll be staying, or what we're planning to do.

    The one time I said I was on business they wanted to know who i worked for, who i was meeting, where, etc. which was amusing since I have a Canadian office for my own company I was going to and two dozen people to meet with. She didn't really care, but was testing to see if it was a basic story/lie of if there were some facts behind it.

    It's acutally proven psychology (though it requires *gasp* training) and probably 100x more effective than the rape-i-scan machines are for preventing Bad Things from happening.

    --
    You can get rich if you own a politician, but you have to be rich to buy one in the first place.
  7. Re:$5K is just fine by gordguide · · Score: 4, Interesting

    They might have confiscated the cash, but then would have had to prove in court that the money was proceeds of crime. Failing that, they would have to give the money back.

    You don't have to declare any amount of cash below $C10,000, so I'm not sure what grounds they would have to confiscate the money, but they might have wanted to harass this person, and in that case deprive him of the money for a few months until the courts ordered it returned.

    As for the cocaine residue, it's not illegal in Canada to have used drugs while visiting another country. The ion scanners they use can detect and identify extremely minuscule traces of many substances (not just drugs) but that does not mean the quantity would be enough to lay a charge. An ion scan, by itself, is not admissible evidence; you need a more definite test from a crime lab, which requires a larger quantity.

    Really, the fine is essentially the only form of official sanction they had at their disposal. The only interesting part is they used it.

    The OP wonders if he offered the password as well as received the fine. I seriously doubt it ... there are no misdemeanor charges they could have offered to plea down to, and they didn't drop the charge, so I'm pretty sure he kept the password to himself.

    If he hadn't, there would not be a story in the first place, I suspect the charge would have been stayed (dropped, but can be re-introduced within one year) or dropped entirely (cannot be charged again with the same offence for the same incident).

  8. Re:NEVER give out your passwords by Whorhay · · Score: 4, Interesting

    Wiping the device would be risky if you want to give the appearance of complying. Better would be an alternate password that gives them access to a dummy account that is good enough to look legit while not containing or giving access to content owned by the main profile.