On Fri, Jun 07, 2019 at 12:42:17PM -0400, Paul Wouters wrote: > ps. at least for me, I will already know in my home city of Toronto, > whether or not I will be refused for not handing out my social media > or web browser history, since we clear immigration at the airport :P So, CBP asking to see your social media or mobile is not remotely a new thing, and was happening before 2016. The U.S. is not the only country to have done that sort of thing, either. But CBP is also naturally bandwidth limited as to how many visitors they can apply that treatment to... What's *new* here is that those who need a _visa_ to visit now can be subjected to this treatmeant with a higher natural bandwidth limit at the applicable U.S. consulate, so more such visitors can expect to be subjected to it. I imagine consular officials were always able to request additional data, such as social media identifiers, but now the State department will be requiring that information of all visa applicants. Now, not every visitor to the U.S. needs a visa. And other countries have applied this same treatment at the border. We can probably expect other countries to apply this same treatment at visa application time. Often this happens as a tit-for-tat; Argentina used to have a US$100 fee for American visitors. Some data would be nice: - How many active IETF participants will be affected? "However, you do not need a visa for your business meeting or for vacation if you are a citizen of the 38 countries participating in the Visa Waiver Program." https://www.usa.gov/enter-us https://www.dhs.gov/visa-waiver-program-requirements Canada is not included in that list, but then: "In most circumstances, Canadian citizens do not require visitor, business, transit or other visas to enter the United States, either from Canada or from other countries. There are, however, some exceptions to this situation. These exceptions (and the visa category they require) include: ..." https://ca.usembassy.gov/visas/do-i-need-a-visa/ IANAL, but the exceptions for Canadian visitors do not include visiting to attend a conference, so I think Canadian IETF participants will not be affected. - How many countries that host IETF meetings have implemented similar policies that we don't know about or are publicly considering it? (See above comment about tit-for-tat policies.) Also, I wouldn't expect that a new U.S. administration would handle this any differently. The CBP experience has gotten worse over time for some, and it's happened under a variety of U.S. administrations from both parties. When the Texas Alcoholic Beverage Commision (TABC) started spending its resources arresting people for public intoxication at hotel bars, eventually they had to back off when Texas started losing many conferences, including high-profile conferences. Of course, the scale here is larger, as there are probably fewer international conferences (as a proportion of total conferences) hosting meetings in the U.S., so I expect that refusing to host meetings in the U.S. will likely have no effect on the policy. Then again, I think this new policy is a bit useless. Finding a visa applicant's social media is relatively simple given their names and pictures (which the consulate already demands and long has, and besides, they have cameras). And it's not like consular officials can easily find pseudonymous social media if it lacks easily identifiable contents like pictures that can be matched by facial recognition. Yes, it would be a violation to fail to tell them about things they can't find, so the rule is still invasive, but from a practical point of view, those that State might exclude aren't going to be disclosing pseudonyms that State can't doxx on its own. I.e., this is just more mostly-ineffective security theater. Nico --
