How do you approach travel (international or domestic)?

I’m wondering about the community’s views on travel + privacy and any tips/tricks for domestic or international travel.

Do you:

avoid travel completely?
alter routes in any way?
avoid airports, ports, ships, highways, city centers, other?
avoid hotels, motels and stay in a vehicle or campground?
avoid cameras?
cover license plates?
cover your face?
wear IR blocking glasses?
alter your payment strategies?
use plausible deniability storage schemes?
make reservations under aliases when able?
disable biometric phone unlock at international entry?
shut off your phone completely at entry?
ship some items to your destination such as a laptop or phone?
or say, to hell with it, I’m not going to worry about it?


associated info:

Numerous countries are collecting fingerprint or face scans on entry (US entry facial biometrics, J-BIS system in Japan, more).

Automatic number-plate recognition is present in many countries as well. In the US, the DEA is tracking vehicle movements.

Cameras are present in many cities. Top 10 most surveilled cities in the world include London, Seoul. Atlanta has most cameras per resident in the US. London has facial recognition surveillance.

Here are some easy to apply tips for border crossing. Whether you need any of them really depends on your threat model and the country:

  • do travel information with proper legal name, but preferably temp mail address
  • print everything potentially needed for travel on paper
  • take encrypted cloud backup and reset phone, restore after out of airport
  • if asked, say you don’t have email, social media, anything really
  • don’t be suspicious

I personally don’t worry that much about biometric identification based on passport, the government will inevitably know i entered / exited the country either way. I just want to keep my data safe.

Other tips that you really should do in your own country too:

  • prefer cash in general
  • use unidentifiable paper tickets wherever available, like public transport
  • use aliases everywhere where real name is not legally required and accepts cash (mismatched name compared to card = red flag!)

Here’s a few things:

  • I sync the Bitwarden vault before leaving, to make sure I have the newest version available offline.
  • I use a pre-paid credit card that charges no transaction fees when used abroad. So I make sure to add some money to it.

You mean the car plates?

My threat model while traveling internationally isn’t different from what I do every day at home. So if I absolutely have to give an e-mail address, then I use my trash mail address that I use just to sign up to things. I have my own VPN, so my traffic is always routed through my home router that has a Pi-hole as DNS.

I do travel only to countries in the West, though. Whether I’m in France, Germany, the UK, Spain, it doesn’t make much of a difference.

Isn’t that a contradiction nowadays? :smiley: :wink:

1 Like

Ive just been recently subjected to a Visa application overseas.

Governments know. A lot of things.

There are things you just cant lie to and otherwise be detained for perjury. You name, your image your fingerprints, all the pertinent social data.

As a foreigner asking permission to enter another country, it seems reasonable that they do certain checks on you to confirm you are not a criminal/terrorist about to do the next big attack on their soil. You really cant say no to a lot and expect the govt to let yoy in just because I’m a privacy and security advocate.

Back then they ask for bank statements to prove you have money to actually do tourism/business. Now with the magic of Visa/Mastercard or just simply tax records, they know if you have the money to be a tourist.

You might be a privacy advocate but if your family/spouse/partner isnt as hardcore as us, you will be dragged into the surveillance by proxy. You might not post pictures, but will you be the weirdo that refuses group pics at work/school? Will you cry foul if others had taken a photo without your consent? Are even you going to taken them to court if they refuse to delete pictures of you in them? Will you even know if others have taken a picture if you in their Huawei Phone? Recording in public is permitted. Are you really not going out of your house?

I sort of wanted to be blocked by the foreign government. I want them to say “we dont know anything about you, therefore we cant vouch for you and let you in”. But I was granted a Visa. They know me and have me on a list that says its “probably low risk”.

Im sort of bummed by this: by the lack of effort of the people around me to take their privacy. But what if your significant other wants to go overseas to visit a relative? Are you really going to refuse to go with them? I dont think it matters if I come or not. If my partner goes to another country, I think I will still be investigated - I am still in a list of sorts.

3 Likes

These things are much more likely to make you stand out and invite scrutiny than they are to afford you meaningful privacy while traveling.

These are reasonable and recommended.

As always the question is: what is your threat model? What information are you trying to conceal and from whom? Behaving like an international fugitive just for the heck of it isn’t really a good thing.

As mentioned by @Stiffly2505, that’s almost certainly a contradiction. In this time and age, at the minimum you might be treated as suspicious if you say that you don’t have an email address, phone number, social media etc., even if you are telling the truth. If you lie to a border agent, you could also be charged with a crime.

I guess it’s illegal almost everywhere that car plates exist. Making hotel reservations under anything other one’s real name might be illegal or impossible too, showing ID at hotels is mandatory in some countries. People might get away with these in some situations though.

Face covering attracts unwanted attention in some countries and are a crime in some others (some of the EU bans masks in public places). Face masks are frowned upon in anti-mask societies, and sunglasses, hats and hoodies are taboo in indoor areas in some others. At border crossings (and other security checkpoints, banks and some other locations), “excessive” face covering has a good chance of inviting scrutiny, sunglasses inside airports will probably get you unwanted attention (masks are accepted because of COVID), and at minimum you have to undress in front of facial recognition gates or border agents anyway. So, use face coverings that are appropriate to your mission and social, legal and surveillance landscape (the less data you leak the better), but be prepared to undress as needed.

If you take digital devices with you on international travel, you need to beware that that a border agent might search your devices, or take your device out of your sight and copy all the data from it. In some countries, you could be charged with a crime if you refuse to unlock your devices, decrypt data or hand over keys/passwords upon border agent request. If you choose to take digital devices:

  • Securely wipe all sensitive information from your devices, such that nothing sensitive is compromised even if you are coerced to unlock devices, decrypt data or provide keys/passwords.
  • If you need to carry a password vault with you for your journey, carry only the account information necessary for the journey and emergencies.
  • Despite the possibility of being coerced to unlock devices, use password lock instead of biometric lock.
  • Send information that you need at your destination via the internet.
  • Have paper copies of information that you need for your journeys and emergencies.
  • Think about the people you will travel with too.
  • Turn off your devices completely before arriving at each port.
  • Don’t lie to border agents unless you can definitely get away with it.
  • Don’t turn on devices until completely exiting each port.
  • Devices taken out of your sight might be compromised.

In principle, people should treat international border crossings as hostile and inhumane, and act accordingly. Border agents typically have more powers that other government authorities don’t have, for example warrantless search, and there might be enhanced police powers at ports of entry/exit. There’s a lot of pressure to comply: borders can threaten anyone with refused exit and refuse non-citizens with refused entry, and people fear missing their flight if they are stopped. It might help your legal stance to make it clear that you do not consent to being searched, but it is probably a crime to refuse or obstruct a search. Anything that looks suspicious to border agents, including some privacy and security measures suggested in this thread, might invite scrutiny. Like with natural disasters and other unfortunate situations, many people seem to believe “it will never happen to me”, but many people who internationally travel will be abused (by digital strip searches or other types of abuse) at some point in their lives at a border crossing, even complete normies.

1 Like

That doesnt seem to be a fair characterization of border crossing. The whole point of inspections and searches interrogation is to maintain integrity of a country by keep undesirable/bad people out.

If you go out of your way to appear suspicious/deviating from the expected average persona they might not welcome you in and thats fair game.

You can refuse inspection/searches/questioning at the risk of being sent and back home - and thats fair. They can be coersive and outright fascist when the border personel does their business and that isnt acceptable as well. Sadly power is one sided. Best thing you can do is to reply with prompt courtesy and kindness so that they will realize who is more uncultured.

You should have quoted the whole sentence. I meant “hostile” not as a characterization but as a recommendation of how to prepare for travel through border crossings: hope that everything will be fine, but prepare for the worst. Someone will be just fine most times they travel, but 1 in X times they will run into some trouble.

In any case, the process at border crossings and of travel is like cattle being herded and tracked around the world. Whether it is believed to be justified or otherwise, the “inhumane” characterization is not inaccurate.

I’m not opposed to security screenings for security purposes at airports, considering its importance for aviation safety, notwithstanding criticisms of it being security theatre. However, I don’t believe border integrity is the whole point of inspections, searches, seizures, interrogations and other measures. There are abuses at borders that are driven by politics, profit or whatever else, whether by individual border agents or their governments.

Border agents have no right to judge whether or not people (strangers to them) are good or bad, they simply enforce a border according to instruction from their government, who also has no right to judge people.

I agree that people who don’t conform to the norm around them invite scrutiny, for better or worse. However, I disagree with the “fair game” arguments. Border agents have no right to wrongly punish people (interrogate, deport or worse). They ought to act proportionately to reasonable suspicion or evidence of wrongdoing or threat. But unfortunately life is not fair.

Again, is it really fair? I accept that inspections and mild questioning are routine, but you said coercive and fascist actions are unacceptable, so I guess you would agree that being denied passage on the basis of refusing unjustified search or other abuse is not fair.

It can be a good legal tactic to refuse inspection, search, questioning, etc that are unlawful, but, like you said, refusing anything probably invites trouble. It’s up to the person to weigh up comply vs refuse. If someone refuses something that border agents can lawfully do, being denied passage might not be the worst thing that will happen to them. Depending on jurisdiction and what they refuse, they could also face fines, imprisonment or worse.

I don’t have mission critical enterprise or business data to protect but would feel violated, I suppose, if my family photos, communications, text files were obtained and stored with government personnel having access.

I’d definitely like to minimize my biometric data being obtained and stored anywhere, anytime and travel is the activity most likely to lead to biometric data collection as far as my world goes. I think that issue leads to the most stress for me.

If my device was taken away for inspection or copying, I’d like to be able to remain calm and not draw attention to myself by getting emotionally triggered (which could easily happen because of my beliefs RE privacy for the masses).

I think I will start traveling more with a burner phone - ie, take my 4a with minimal installed apps and data and leave the 6a home. I tried it a couple times and it went well.

2 Likes

I agree, but I would go further. Messages, photos, contact details, etc about other people stored on one’s devices shouldn’t be assumed to be insensitive, just because it’s not “mission critical” data or commercial data.

Device search by a border agent that leaks client data would trigger an obligation to notify clients of the data breach, but I’d be just as violated if someone in my family for example exposed my photos, messages, etc because they had their devices searched or seized by a border agent. Allowing that to happen by inadequate security is arguably negligent and irresponsible. Just like not caring about privacy is anti-social.

Sounds like a good way to protect data that might be stored on your 6a. Just make sure you age the 4a a bit, and store some insensitive data and travel related data on it. A device that looks too “fresh” could be a red flag to border agents.

If a device ever gets extensively searched or taken out of one’s sight, if possible, take the device to a civil society digital forensics expert to see if the border agents tampered with data, software or hardware in any way. This kind of data would be valuable for knowing the level of risk at borders and potentially to make cases for prohibition of border agents’ warrantless device searches.

I just travel like turn the phone off / get on the plane / fly / get off the plane / turn the phone back on :sweat_smile:

I think you’re point “if your family/spouse/partner isn’t as hardcore…” really hits the nail on the head. This is a major point of privacy exhaustion for me.

So I went through the border crossing of the foreign country. No issues. No one searched my laptop or phone. Maybe they have an idea of my actual online activities in the various forums I participate in. In retrospect maybe I should have brought my actual phone and not have issues with the private communication platforms.

I actually brought my old iPhone and did not log into it. It sits pretty much unused because I still have not logged into the AppStore. I should probably make a new account but since the cell number attached to it is still the same that I put it in a long time ago, there shouldn’t be any benefit.

I had a different issue during my travel: My country’s immigration office is asking to fill in personal details in a form. I thought its going to be in paper but it’s in a shady web site that of course, that I cannot refuse unless I want to forfeit my ticket and my visa. It even asked me to login into my email to confirm it, which is a bummer because I am in a CCTV monitored facility. I may have to alter my master password in my password manager when I get home and maybe have a hardware token associated with it as well.