Latest news with #digitalprivacy
Forbes
3 days ago
- Business
- Forbes
Who's Really In Charge—You Or Your AI Assistant?
You glance at your phone to check a message, but before you can tap anything, your AI assistant proactively opens a financial app, recommending an investment you never requested. You vaguely recall consenting to a 'screen-reading' feature weeks ago without thoroughly reading the agreement. What seemed like convenience now feels like something far darker: control. Welcome to the age of screen-reading AI, where digital tools transition from passive helpers into proactive decision-makers, increasingly taking the wheel of our digital lives—often without our clear understanding or consent. Seductive Simplicity The appeal of smart assistants like Google Assistant, Siri, China's YOYO, and Zhipu's AutoGLM is clear: seamless multitasking. Saying 'order my usual coffee' and watching your AI effortlessly navigate apps, apply discounts, and complete payments is undeniably impressive. But this magic relies entirely on the AI's ability to read your screen. Originally designed as accessibility tools for users with disabilities, these APIs grant deep access, allowing AI to view and interact with any visible content. From Meta's Ray-Ban smart glasses using live facial recognition to workplace monitoring software, AI has evolved beyond mere assistance into proactive—and intrusive—decision-making. Global Alarm Bells: Exploiting Accessibility The technical gateway for this intrusion is the Accessibility API. Initially created for users with vision or motor impairments, it's now routinely exploited by AI, granting apps extensive screen access and allowing them to simulate user interactions. This isn't just a China issue—it's a worldwide phenomenon. Meta's Pixel tracking code is embedded on 5.8 million websites globally, bypassing Android's privacy protections. Similarly, Russia's Yandex deploys its Metrica trackers on approximately 3 million sites, breaking through security sandboxes to monitor users comprehensively. In South Korea, the chatbot "Lee Luda," created by Scatter Lab, drew public outrage after it was revealed to have used personal conversations from its dating app "Science of Love" for AI training, despite users supposedly consenting through vague privacy terms. The South Korean Personal Information Protection Commission ruled that such blanket consent could be unlawful. More troubling yet is Spain's deepfake platform, ClothOff, already shut down, with the disturbing slogan: 'Remove anyone's clothing, remove girls' clothing for free.' Users upload fully-clothed photos and receive realistic nude images, often without explicit consent from the subject. Though its terms of service claim users must be over 18 or have parental consent and assert that the platform stores no data, at least 11 local teens were recently identified sharing these generated nude photos via social platforms, devastating the lives of their young victims. All these cases reveal a common structural vulnerability: screen-reading AI overrides user intentions, seizing control under the facade of assistance, and hiding behind ambiguous user agreements to evade accountability. Decision-Making by Proxy The real danger isn't simply AI observing what we do; it's AI inferring and acting on our behalf. Previously, data collection was straightforward—surveillance you could control by deciding what to share. Now, through screen-reading coupled with AI-driven decision-making, users no longer merely share data—they delegate decisions irreversibly. Consider Doubao, a widely popular AI assistant developed by ByteDance, renowned in China for its emotional responsiveness, especially among minors. Recently, Doubao's PC version integrated a screen-reading feature. A user, forgetting to close a chat application displaying private information, asked Doubao to edit an elementary-school essay. Shockingly, the AI included the user's detailed home address in the edited text. The assistant hadn't breached security—it simply read what was openly displayed on his screen. Such capabilities allow AI to recommend content or services with hidden motivations. For example, if your AI assistant suggests one food delivery app over another, it's not just a convenience—it could be monetized preference placement, subtly steering user decisions for profit. AI no longer needs your explicit personal data to influence you—it just needs your behavioral patterns, preferences, and impulses. You become the product. The End of 'Nothing to Hide' For decades, people dismissed privacy concerns with the adage, "I have nothing to hide." This viewpoint is now dangerously outdated. Today's AI infers moods, habits, and vulnerabilities from mere screen activity. It doesn't need explicit data; it only needs enough insight to gently steer decisions, feeling helpful rather than intrusive. Users rarely resist because the interaction feels intuitive and beneficial. The AI-driven world makes surrendering control comfortable and effortless, leading to a deceptive illusion of free will. Reclaiming Control The central question is no longer, "Is AI spying on me?" It's become, "Is AI deciding for me?" And if AI is making decisions, who programmed those choices, who benefits, and who holds real accountability? Consent must be genuinely informed, not just buried in user agreements. Regulators must demand transparency about AI inference processes, not merely data collection. Accessibility APIs need stricter oversight to prevent exploitation. Users, too, must understand that clicking 'Agree' may now mean surrendering more than mere convenience—it could be delegating fundamental judgment. AI isn't the enemy. The challenge is preserving our agency within an AI-driven world. As AI increasingly nudges us towards choices we assume are freely made, we risk losing control entirely. This isn't an abstract threat—it's unfolding now. AI systems continue to advance in sophistication, amplifying their subtle influences. As this happens, vigilance must grow proportionately. If your assistant begins making choices for you—and you believe it was always your decision—the battle for control might already be lost. The solution isn't rejecting AI, but ensuring transparency, accountability, and genuine informed consent. Technology is most valuable when empowering rather than manipulating. The line between assistance and dominance must remain clearly drawn, or we risk a quiet surrender to invisible powers guiding our digital lives. Ultimately, the responsibility lies with all of us—tech creators, regulators, and everyday users—to ensure AI remains a tool we control, rather than allowing ourselves to become tools of AI. Because when technology subtly takes the wheel, convincing you that you're still driving, you've already lost control of the destination.
WIRED
27-05-2025
- Business
- WIRED
The Privacy-Friendly Tech to Replace Your US-Based Email, Browser, and Search
May 27, 2025 6:30 AM Thanks to drastic policy changes in the US and Big Tech's embrace of the second Trump administration, many people are moving their digital lives abroad. Here are a few options to get you started. Photo-Illustration:From your email to your web browsing, it's highly likely that your daily online life is dominated by a small number of tech giants—namely Google, Microsoft, and Apple. But since Big Tech has been cozying up to the second Trump administration, which has taken an aggressive stance on foreign policy, and Elon Musk's so-called Department of Government Efficiency (DOGE) has ravaged through the government, some attitudes towards using US-based digital services have been changing. While movements to shift from US digital services aren't new, they've intensified in recent months. Companies in Europe have started moving away from some US cloud giants in favor of services that handle data locally, and there have been efforts from officials in Europe to shift to homegrown tech that has fewer perceived risks. For example, the French and German governments have created their own Docs word processor to rival Google Docs. Meanwhile, one consumer poll released in March had 62 percent of people from nine European countries saying that large US tech companies were a threat to the continent's sovereignty. At the same time, lists of non-US tech alternatives and European-based tech options have seen a surge in visitors in recent months. For three of the most widely used tech services—email, web browsers, and search engines—we've been through some of the alternatives that are privacy-focused and picked some options you may want to consider. Other options are available, but these organizations and companies aim to minimize data they collect and often put privacy first. There are caveats, though. While many of the services on this list are based outside of the US, there's still the potential that some of them rely upon Big Tech services themselves—for instance, some search engines can use results or indexes provided by Big Tech, while companies may use software or services, such as cloud hosting, that are created by US tech firms. So trying to distance yourself entirely may not be as straightforward as it first looks. Web Browsers Based in Sweden, Mullvad is perhaps best known for its VPN, but in 2023 the organization teamed up with digital anonymity service Tor to create the Mullvad Browser. The open source browser, which is available only on desktop, says it collects no user data and is focused on privacy. The browser has been designed to stop people from tracking you via browser fingerprinting as you move around the web, plus it has a 'private mode' that isolates tracking cookies enabled by default. 'The underlying policy of Mullvad is that we never store any activity logs of any kind,' its privacy policy says. The browser is designed to work with Mullvad's VPN but is also compatible with any VPN that you might use. WIRED's Scott Gilbertson swears by Vivaldi and has called it the web's best browser. Available on desktop and mobile, the Norwegian-headquartered browser says it doesn't profile your behavior. 'The sites you visit, what you type in the browser, your downloads, we have no access to that data,' the company says. 'It either stays on your local machine or gets encrypted.' It also blocks trackers and hosts data in Iceland, which has strong data protection laws. Its privacy policy says it anonymizes IP addresses and doesn't share browsing data. Search Engines Qwant French search engine Qwant has built its own search index, crawling more than 20 billion pages to create its own records of the web. Creating a search index is a hugely costly, laborious process, and as a result, many alternative search engines will not create an extensive index and instead use search results from Google or Microsoft's Bing—enhancing them with their own data and algorithms. Qwant says it uses Bing to 'supplement' search results that it hasn't indexed. Beyond this, Qwant says it does not use targeted advertising, or store people's search history. 'Your data remains confidential, and the processing of your data remains the same,' the company says in its privacy policy. Mojeek, based out of the United Kingdom, has built its own web crawler and index, saying that its search results are '100% independent.' The search engine does not track you, it says in its privacy policy, and only keeps some specific logs of information. 'Mojeek removes any possibility of tracking or identifying any particular user,' its privacy policy says. It uses its own algorithms to rank search results, not using click or personalization data to create ranks, and says that this can mean two people searching for the same thing while in different countries can receive the same search results. Based in the Netherlands, Startpage says that when you make a search request, the first thing that happens is it removes your IP address and personal data—it doesn't use any tracking cookies, it says. The company uses Google and Bing to provide its search results but says it acts as an 'intermediary' between you and the providers. 'Startpage submits your query to Google and Bing anonymously on your behalf, then returns the results to you, privately,' it says on its website. 'Google and Microsoft do not know who made the search request—instead, they only see Startpage.' Nonprofit search engine Ecosia uses the money it makes to help plant trees. The company also offers various privacy promises when you search with it, too. Based in Germany, the company says it doesn't collect excessive data and doesn't use search data to personalize ads. Like other search alternatives, Ecosia uses Google's and Bing's search results (you can pick which one in the settings). 'We only collect and process data that is necessary to provide you with the best search results (which includes your IP address, search terms and session behavioral data),' the company says on its website. The information it collects is gathered to provide search results from its Big Tech partners and detect fraud, it says. (At the end of 2024, Ecosia partnered with Qwant to build more search engine infrastructure in Europe). Email Providers Based in Switzerland, Proton started with a privacy-focused email service and has built out a series of apps, including cloud storage, docs, and a VPN to rival Google. The company says it cannot read any messages in people's inboxes, and it offers end-to-end encryption for emails sent to other Proton Mail addresses, as well as a way to send password protected emails to non Proton accounts. It blocks trackers in emails and has multiple account options, including both free and paid choices. Its privacy policy describes what information the company has access to, which includes sender and recipient email addresses, plus IP addresses where messages arrive from, message subject lines, and when emails are sent. (Despite Switzerland's strong privacy laws, the government has recently announced it may require encrypted services to keep user's data, something that Proton has pushed back on). Tuta, which used to be called Tutanota and is based in Germany, says it encrypts email content, subject lines, calendars, address books, and other data in your inbox. 'The only unencrypted data are mail addresses of users as well as senders and recipients of emails,' it says on its website, adding that users' encryption keys cannot be accessed by developers. Like Proton, emails sent between Tuta accounts are end-to-end encrypted, and you can send password protected emails when messaging an account from another email provider. The company also has an end-to-end encrypted calendar and offers both free and paid plans.
WIRED
26-05-2025
- WIRED
A Starter Guide to Protecting Your Data From Hackers and Corporations
Matt Burgess Sophie Johal Michaela Neville May 26, 2025 6:30 AM Thinking about where to start when it comes to protecting your online privacy can be overwhelming. Here's a simple guide for you—and anyone who claims they have nothing to hide. Photo-illustration: Anjali Nair; Getty Images With President Donald Trump's return to the White House and the US government's digital surveillance machine more powerful than ever, digital privacy should be top of mind. But the digital security world can be confusing—and there's the larger question of why. You may think, if I'm just a regular person, why is my digital privacy important? Then there are the practical questions. What's the best password manager? How can you keep your digital life under wraps at the border? And what kind of VPN should you be using? Is AI scraping my data? WIRED senior writer and security expert Matt Burgess spoke with readers in a Reddit AMA this month about the basics of keeping your digital footprint locked down. Here's what to know and why it's important. What is your advice for a quick win in terms of improving digital security for the everyday person? Or for someone who isn't tech-savvy? I think the one big thing people can do to improve their security is make sure that multifactor authentication is turned on for as many online accounts as possible. That way if anyone gets access to your password or login details, they'll also need to have another way to authenticate the login attempt (such as the codes generated by an authentication app), and it's highly unlikely that hackers will have access to that. Other quick and relatively straightforward changes you can make are to use privacy-friendly browsers and search engines and to use a password manager (the one on your phone or browser is better than nothing at all) and create unique passwords for each service you use. There are so many privacy tips out there, and it all feels important, but trying to do everything at once can be overwhelming. What are the things people should prioritize when making changes to their online habits? Improving privacy is something that's ongoing, and if you try to do everything at once then it's too off-putting. Take it one small step at a time. If I was starting now, I'd go with: Switching to a more privacy-focused browser. I alternate between Brave, Firefox and Safari. Then using a privacy-focused search engine too (such as DuckDuckGo). Trying to use services that minimize data collection (for instance, messaging app Signal doesn't collect user data and is the gold standard of end-to-end encryption). What's a good non-US-based VPN? Our favorite VPN at WIRED is currently Proton VPN, which is based in Switzerland. Proton VPN also offers the best free VPN. Unlike most services, ProtonVPN's free version gives full access to all the regular plan's features. It is limited to a single device, and there are only three server locations (Japan, Netherlands, and the US), but everything else is the same. If your needs are limited and you want to keep costs down, this is a good option. See our full guide to VPNs here. How do I deal with having to have a new account for every service and website? Should I be using new email addresses? A new email address for every account is a big undertaking! I'd recommend having an email address for the accounts that are most important to you and then having one that you use to sign up for things that are less important. There are also services that will let you create 'burner' emails that you can use to sign-up with services, and if you use an Apple device there's a 'Hide My Email' setting. What tips would you offer to those looking to keep their digital privacy while crossing the US border (or otherwise entering or exiting the States)? It really depends on what levels of risk you as an individual could face. Some people traveling across the border are likely to face higher scrutiny than others—for instance nationality, citizenship, and profession could all make a difference. Even what you've said on social media or in messaging apps could potentially be used against you. Personally, the first thing I would do is think about what is on my phone: the kind of messages I have sent (and received), what I have posted publicly, and log out (or remove) what I consider to be the most sensitive apps from my phone (such as email). A burner phone might seem like a good idea, although this isn't the right idea for everyone and it could bring more suspicion on you. It's better to have a travel phone—one that you only use for travel that has nothing sensitive on it or connected to it. My colleague Andy Greenberg and I have put together a guide that covers a lot more than this: such as pre-travel steps you can take, locking down your devices, how to think about passwords, and minimizing the data you are carrying. It's here. Also, senior writer Lily Hay Newman and I have produced a (long) guide specifically about phone searches at the US border. Would you recommend against having a device like Alexa in your home? Or are there particular products or steps you can take to make a smart device more secure? Something that's always listening in your home—what could go wrong? It's definitely not great for overall surveillance culture. Recently Amazon also reduced some of the privacy options for Alexa devices. So if you're going to use a smart speaker, then I'd look into what each device's privacy settings are and then go from there. How do you see people's willingness to hand over information about their lives to AI playing into surveillance? The amount of data that AI companies have—and continue to—hoover up really bothers me. There's no doubt that AI tools can be useful in some settings and to some people (personally, I seldom use generative AI). But I would generally say people don't have enough awareness about how much they're sharing with chatbots and the companies that own them. Tech companies have scraped vast swathes of the web to gather the data they claim is needed to create generative AI—often with little regard for content creators, copyright laws, or privacy. On top of this, increasingly, firms with reams of people's posts are looking to get in on the AI gold rush by selling or licensing that information. For the everyday person, I'd warn them not to enter personal details or sensitive business information! We also have a more thorough guide here. Are personal data removal services worthwhile, or are they just another vector for data thieves? Whether data removal services are worthwhile or not probably depends on where you are based in the world: I'm in Europe where there's GDPR and stricter privacy laws, and when I have used a data removal service, it hasn't turned up too much. But in the US, there's no comprehensive federal privacy law—that really should change—and they may be more useful. Much of what can be done by data removal services, you can also do yourself. Consumer Reports recently did a good evaluation of data removal services. What is your preferred response for people who claim they have nothing to hide? I think in a lot of cases when people claim they have nothing to hide, they often jump to thinking about illegal or malicious things. When in fact, privacy, for me, isn't about 'hiding' things at all. You should be able to have the space—both in the physical and digital world—to not be surveilled or have your actions tracked. People should be able to act without intrusion from others—that doesn't mean you're hiding anything, but you just don't want to share everything you do with everyone (or anyone). And really that's why privacy is considered a fundamental human right. I actually like a lot of the answers that people sent in to Amnesty International about how they respond to the point of 'not having anything to hide.' With files from Scott Gilbertson.
Yahoo
17-05-2025
- Yahoo
Best VPN for Android 2025: NordVPN Voted Best of VPNs for Android
NordVPN Outpaces Competition with Superior Android Features, Blazing Speeds, and Ironclad Privacy – Voted #1 VPN for Android in 2025 Washington DC, May 17, 2025 (GLOBE NEWSWIRE) -- In a move that has reaffirmed NordVPN's dominance in the digital privacy and anonymity sector, NordVPN has officially been voted the Best VPN for Android in 2025. Since 2016, when it first launched its Android application, NordVPN has been working to offer the most trusted and feature-rich VPN services. CLICK HERE TO GET THE BEST VPN FOR ANDROID: NORDVPN "Being named the Best VPN for Android in 2025 is not just a milestone; it is a validation of the years we have spent engineering a mobile experience that puts privacy, speed, and simplicity in every user's pocket. This recognition drives us to keep raising the standard for what mobile security should look like." As most users have noted, NordVPN has a user interface that has reached new heights of usability in 2025. This is evident from its streamlined experience that balances functionality with visual elegance and opens up to a clean, map-based home screen that lets users connect to the best available server with a single tap. As for the users who prefer more control, the platform offers a quick-access list of specialty servers, making maneuvering around easier. CLICK HERE TO GET THE BEST VPN FOR ANDROID: NORDVPN New users have also not been left behind, as they noted that the registration process is quite straightforward. Below are the steps to follow: Click here to visit the official NordVPN website. Choose a subscription plan. Create your account. Select a payment method to complete your purchase. Sign in to NordVPN to access your virtual private network. "Our Android app was redesigned with simplicity and control in mind. Whether you are a seasoned user or just starting your privacy journey, the experience is built to make advanced protection accessible in just a tap." In an era when mobile streaming, gaming, and remote work surge, Android users now require VPNs that can keep pace without lagging. On this, NordVPN has been hailed by users and industry experts for its unmatched speed on Android devices, which can keep up. The speed is attributed to the proprietary NordLynx protocol, an advanced adaptation of WireGuard, which delivers lightning-fast connectivity while maintaining encryption standards. As per the speed tests conducted earlier in the year, NordVPN consistently placed at the top of the charts, outperforming its closest rivals by significant margins, making it win the votes for the top VPN for Android in 2025. According to industry reports, NordVPN has an extensive global server network with over 7,000 servers in over 100 countries. With such an international presence, NordVPN provides Android users with seamless access to the internet regardless of geographic location. Also, with such a wide coverage, the platform ensures its users experience low latency and minimal congestion, even during peak hours. With such provisions, Android users take pride in their empowerment with reliable access to streaming services, online platforms, and regional content with no restrictions. As has been the case since it was founded in 2012, privacy has always been the cornerstone of NordVPN's philosophy. And, as leading experts have observed, this has only improved with time. For instance, NordVPN recently implemented a strict no-logs policy, which dictates that no user data should be tracked, collected, or stored. This includes but is not limited to browser data, IP addresses, online behavior, bandwidth usage, and session information. By doing so, Android users have highlighted that NordVPN qualifies as the best VPN for Android, as they are assured of their privacy. Another feature that has been hailed for contributing to NordVPN's top ranking as the top VPN for Android is its multi-layered security architecture. In light of this feature, the app is seen to include Threat Protection Lite, a built-in feature that actively blocks malicious websites, intrusive ads, and online trackers in real time. This tool, specifically optimized for Android devices, offers an additional layer of security, ensuring that users are safe from any malware-infected APKs and phishing attacks they may be susceptible to. NordVPN also understands that mobile security should never come at the cost of battery life. That being the case, users have noted that the platform has optimized its app to consume significantly less power and background resources while still offering security and privacy. Still, user feedback indicates that most users can stay connected to the VPN all day without worrying about draining their devices. Customer support is another realm where NordVPN excels, according to its users. Currently, the platform offers several channels through which its users can get help from its customer support team. These channels include a 24/7 live chat provision and email support. With these in place, users get direct access to the knowledgeable team of customer service agents, who, according to the reviews, offer assistance in the best of ways. Additionally, NordVPN's onboarding process includes helpful tips, in-app tutorials, and a built-in diagnostics tool to quickly resolve connection issues. With all these in place, NordVPN has received a fair share of praise as its users never feel unsupported. Testimonials further cement that affordability has remained a core part of NordVPN's appeal to Android users. Looking at its pricing plans, NordVPN has continued to offer competitive prices, which also come with discounts and money-back guarantees. Also, since the payments support various payment methods, users are assured of smooth transactions. This goes a long way in making the platform accessible to a wide user base, depending on the mode of payment that they find convenient. With this exceptional array of features, NordVPN earned its place at the top of the Android VPN rankings in 2025. From robust encryption and lightning-fast speeds to advanced usability and an unwavering commitment to user privacy, NordVPN exemplifies what a modern VPN should be. Follow NordVPN's verified social media profiles to keep pace with its latest updates, feature rollouts, and cybersecurity insights. Join the conversation and stay informed through its official pages across major platforms. NordVPN Support: support@ Legal Disclaimer & Affiliate Disclosure This content is for informational purposes only and does not constitute an endorsement, offer, or solicitation to buy or sell any products or services mentioned. While every effort has been made to ensure the accuracy and timeliness of the information presented, no guarantees are made regarding completeness, accuracy, or reliability. Any errors, omissions, or outdated information that may exist within this article are unintentional, and the authors and distributors of this release assume no responsibility for such inaccuracies. The views and opinions expressed are those of the independent authors and may not reflect the official policy or position of any company or organization referenced. All product names, logos, and brands are property of their respective owners. This article may contain affiliate links, meaning a commission could be earned if a purchase is made through such links, at no additional cost to the reader. The inclusion of affiliate links does not influence editorial integrity or the independent evaluation of any product or service mentioned. The publisher and all syndication partners disclaim any and all liability, loss, or risk incurred directly or indirectly as a result of the use and application of any content, product, or service described herein. Readers are encouraged to conduct their own research and consult with qualified professionals before making any purchasing decisions. This content is distributed as part of a commercial campaign and should not be construed as professional advice or a substitute for independent analysis. CONTACT: NordVPN Support: support@ in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Telegraph
16-05-2025
- Telegraph
US border patrol can legally search your phone: Our expert explains your rights
Since Trump's inauguration in January, entering the US has become increasingly fraught. A French scientist was recently denied entry at the border after officials found messages on his phone critical of the President, while some journalists have been warned against storing sensitive material on their phone, and EU diplomats have been advised to travel with so-called 'burner' devices when visiting the country. Despite a decline in the number of tourists travelling to the US since the new administration took hold, a large number still arrive in the country every day. Whether you're travelling for business or pleasure, the US Customs and Border Protection (CBP) has the authority to search digital devices: for most travellers, there should be no issue, but it's good practice to be proactive about cybersecurity regardless. Here's everything you need to know. Can the US Customs and Border Protection search my phone? In a word: yes. The CBP can search phones as, generally, border zones fall outside of the Fourth Amendment protections (which usually require a warrant for a device to be searched). Officials can ask for your PIN or biometric information, like your thumbprint or face ID, to access the data. Mobile phones, computers, tablets and cameras can all be searched under the same powers. American citizens can refuse a device search without being denied entry (though doing so may lead to further questioning), while foreign visitors – even those arriving for a holiday – can face detention or deportation if they refuse a device search. Similar rules apply in various other places around the world, including in New Zealand and Australia – but the new administration in the US means the practice is under greater scrutiny and, according to some reports, becoming more widespread. What does a mobile phone search involve? This usually depends on your legal status and right to enter the US. Searches can take the form of a manual search (where a border guard looks through the contents of your phone) or include an advanced, forensic download of data. The latter will, of course, take considerably longer. 'Searches can be random,' says Sophia Cope, senior staff attorney at the Electronic Frontier Foundation. 'But we also know that travel history and prior law enforcement encounters can increase the likelihood of being pulled into secondary inspection.' Will travelling with an alternative phone help protect my data? You might try travelling with an alternative phone – either a totally new device, or an old one which has been wiped clean and repurposed. Importantly, it shouldn't be a completely blank device – that will seem unnecessarily suspicious. Instead, it should be a version of your 'real' phone, complete with messages, photos and apps. The difference, of course, is that the messages and photos won't include any details of your political views or years worth of travel information. So what should an alternative phone include? It's an idea to have a travel-only email address that you can access from this phone and that can hold all your holiday information. This can also be used to log into any apps you might need, whether that's for accessing accommodation or transportation. Downloading an encrypted communication app – like Signal or Whatsapp – means you'll still be able to message people at home (our eSims guide has information about saving money on data overseas). For true cybersecurity, it's probably best if this phone does not share your usual phone number. And if you typically use social media, having a travel account on, for example, Instagram, is a good idea – it's something you can show the CBP without giving away too much personal information. For most, this level of security will not be necessary (especially if you are just visiting for a holiday). It might, however, give some travellers peace of mind. If this seems like too much hassle, you can still travel with your primary phone. Experts recommend removing old messages and apps, especially those that might reveal something about your identity (such as LGBTQ+ dating apps, for example). 'Everyone should back up their data, because if the phone is confiscated or the data is corrupted somehow, that data will be lost,' says Cope. 'People should minimise or delete the sensitive data on their phone – what that means is unique to each person,' she adds. Without very precise cybersecurity measures, it can be hard to totally wipe all traceable elements from a phone. Cloud backups can reveal information previously thought to be deleted, and some apps can save files without it being immediately obvious to the user (but can be found using a forensic search). For most, a quick deletion exercise should be enough. But to be completely thorough, read more information on Amnesty's Security Lab website. What should I do before I travel? It's important that your phone's software is up to date, as this will mean encryption and security are at their strongest. If you plan to refuse a search, make sure you have biometric entry (like fingerprints or face ID) turned off, and instead use a numerical code – something that only you know. Some experts recommend an 'out of sight, out of mind' method. When approaching border controls, put your phone away and use only paper documentation. Having travel information available readily will allow you to keep the interaction device-free – and therefore avoid it becoming an item of interest. How you choose to protect your devices will likely be informed by how at risk you feel. Those with passport stamps from certain countries, or who have been previously profiled, will probably feel more at risk – and may want to take precautions. Molly Cyr from the Security Lab at Amnesty International says that travellers should consider their personal circumstances before taking any steps to remove data. 'We know there's a lot of worry about border crossings at the moment, but it's not everyone who is at risk of further searches,' she says. 'People should do a mini risk assessment and make sure that they take precautions before leaving.'
