Search-proof your devices when traveling

Fri, Feb 24, 2017 3-minute read

Over-eager airport security has recently taken to making travelers unlock their phones and tablets for examination. This is both unforgivably invasive and trivially easy to defeat. Here's how to protect your data1 on your iPhone or iPad2 when traveling.

Simplest: disable Touch ID

Now you have at least the physical ability to refuse to unlock your device. Be prepared for mental or legal pressure to supply your password, though. File this under "better than nothing".

If you want to keep your current device

You're traveling with a device, but one as bare as the day you originally bought it. Be prepared to explain why you're carrying an empty device.

Keep your device, but less suspicious

  • Turn on iCloud backup.
  • When it's finished backing up, reset your device.
  • Start using it. Add a few contacts. Set up a (disposable) email account. Add some songs.

Now you have a plausibly used device. When you get to your destination, reset your device again. Restore it from backup. This is more work than the previous instructions, but also less suspicious.

If you'd rather travel bare-handed

  • Turn on iCloud backup. Let it finish.
  • Leave this device at home.
  • When you get where you're going, buy a replacement device. Restore it from the backup you made earlier. Now you have an exact clone of the original.

This is the most expensive option, but you can't unlock what you don't have.

Conclusion

Searching travelers' devices at airports is security theater. It's a massive and inconvenient violation of privacy, and only the world's least prepared criminals would ever get caught this way. I guarantee I'm not the first person to think of backing up a phone and restoring it at my destination. Since it's ineffective and almost certainly unconstitutional, cooler heads would recommend ending these pointless searches. Don't wait for that to happen. Protect your data.


  1. This isn't meant as advice for criminals. Lots of people travel with information they're legally obligated to safeguard, like company plans, legal documents, and other confidential information. ↩︎

  2. Similar ideas apply for Android and other devices, but I don't have one of those to experiment with. ↩︎