FWIW, i think all of this has been true, well before Trump took office, and made these changes to the current travel policies... /S > On Apr 3, 2017, at 8:26 AM, Rich Kulawiec <rsk@xxxxxxx> wrote: > > On Fri, Mar 31, 2017 at 11:59:49AM -0500, Paul Wouters wrote: >> I don't know when I will be refused entry for not handing out >> passwords or pins. > > This is worth noting on an equal basis with the question of > whether travelers will be refused entry or only permitted entry > after considerable delays, interrogation, and abuse. There is > at this moment no articulated, consistent, and uniform policy > in place specifying: > > - who will be asked for passwords > - why they'll be asked > - who will do the asking > - under what circumstances they'll be asked > - what the ramifications of refusal are > - what the ramifications of not remembering them are > - what the ramifications of agreement are > - what use will be made of them > - what use will be made of any data they provide access to > - if they'll be retained > - if the data they provide access to will be retained > - if they'll be shared with other US agencies > - if they'll be shared with other non-US agencies > - if computing devices will be confiscated > - if computing devices will be searched > - if computing devices will be returned > - if the contents of computing devices will be copied > - who will have access to that data > - what use will be made of that data > - if that data will be retained > - if that data will be shared with US agencies > - if that data will be shared with non-US agencies > - what auditing controls (if any) exist to prevent mis-use > - when any retained passwords/data will be destroyed (if ever) > - etc. > > Moreover, the ad hoc policies that are in place are used very > inconsistently -- at the personal whims of those enforcing them -- > and are subject to change not only without advance notice, > but without any notice of any kind. > > Because of this, asking anyone to come to the US at this time is > equivalent to asking them to incur unknown but possibly very large > privacy and security risks, as well the financial risk of losing > any/all computing devices they bring with them. > > ---rsk