Connect with us

Technology

Is it safe to travel with your phone right now?

Published

on

Is it safe to travel with your phone right now?

In recent weeks, airport Customs and Border Protection (CBP) agents have drawn public outcry for denying travelers US entry based on searches of their phones. A doctor on an H-1B visa was deported to Lebanon after CBP found “sympathetic photos and videos” of Hezbollah leaders. A French scientist was turned away after a device search unearthed messages criticizing the Trump administration’s cuts to research programs, which officers said “conveyed hatred of Trump” and “could be qualified as terrorism.” As the administration ratchets up pressure to turn away even legal immigrants, its justifications are becoming thinner and thinner — but travelers can still benefit from knowing what are supposed to be their legal rights.

Your ability to decline a search depends on your immigration status — and, in some cases, on where and how you’re entering the country. Courts across the country have issued different rulings on device searches at ports of entry. But no matter your situation, there are precautions you can take to safeguard your digital privacy.

CBP device searches have historically been relatively rare. During the 2024 fiscal year, less than 0.01 percent of arriving international travelers had their phones, computers, or other electronic devices searched by CBP, according to the agency. That year, CBP officers conducted 47,047 device searches. But even before this recent wave of incidents, inspections were on the rise: eight years earlier, during the 2016 fiscal year, CBP searched only 19,051 devices.

The “border search” exception

The Supreme Court ruled in 2014 that warrantless searches of people’s cell phones violated the Fourth Amendment. But there’s one exception to that rule: searches that happen at the border. The courts have held that border searches “are reasonable simply because they occur at the border,” meaning in most cases, CBP and Border Patrol don’t need a warrant to look through travelers’ belongings — including their phones. That exception applies far beyond the US’s literal borders, since airports are considered border zones, too.

Advertisement

“Traditionally, the border search exception to the Fourth Amendment allowed customs officers to search things like luggage. The idea was whatever you’re taking with you is pertinent to your travel,” Saira Hussain, a senior staff attorney at the Electronic Frontier Foundation, told The Verge. The point was to look for people or things that were inadmissible into the country.

“It can show every facet of your life.”

These days, most travelers are carrying a lot more in their pockets — not only information stored on a phone’s hardware, but anything that’s accessible on it with a data connection. “When you look at devices, the data that you carry with you isn’t just pertinent to your travel. This data can precede your travel by over a decade because of how much information is stored on the cloud,” Hussain said. “It can show every facet of your life. It can show your financial history, your medical history, your communications with your doctor and your attorney. It can reveal so much information that is not analogous at all to the notion of a customs officer looking through your luggage.” Privacy advocates have warned of this issue for years, but in an environment where officers are seeking any pretext to turn someone away, it’s an even bigger problem.

If you’re a US citizen, “you have the right to say no” to a search, “and they are not allowed to bar you from the country,” Hussain said. But if you refuse, CBP can still take your phone, laptop, or other devices and hold onto them.

Permanent residents can similarly refuse a search, but with complicating factors. If someone with a green card leaves the US for more than 180 days, they’re screened for “inadmissibility” — reasons they may be barred from entry — upon returning to the country. Green card holders who have certain offenses on their record may also be deemed inadmissible. That appears to have been the case with Fabian Schmidt, a permanent resident whose family said he was “violently interrogated” by CBP agents at Boston Logan Airport after returning from a trip to Europe. Because of these factors, permanent residents may not feel comfortable refusing a search, even if doing so wouldn’t bar them from entering the country.

Advertisement

Visa holders have fewer rights at ports of entry, and refusing a search could lead to them being denied entry to the country.

There are two types of device searches CBP officers can conduct: basic and forensic, or advanced. “There’s a distinction that the government draws between searching your phone and just looking at whatever is on it, versus connecting your phone to external equipment to search it using advanced algorithms or to copy the contents of your phone,” Hussain said.

The government maintains that it doesn’t need a warrant to conduct “basic” searches of the contents of a person’s phone. During these searches, Hussain explained, agents are supposed to put your phone on airplane mode and can only look at what is accessible offline — but that can still be a lot of information, including any cloud data that’s currently synced.

“While forensic inspections are powerful, a lot of mischief can happen through the physical, ‘thumbing-through’ inspections that law enforcement can engage in,” Tom McBrien, counsel at the Electronic Privacy Information Center, also told The Verge.

“A lot of mischief can happen through the physical, ‘thumbing-through’ inspections that law enforcement can engage in”

Advertisement

For the most part, courts have avoided the question of whether CBP can conduct warrantless basic searches of a person’s phone or laptop, effectively allowing the agency to do so. But there’s one geographic exception to this rule. Last year, a federal judge in New York’s Eastern District ruled that CBP can’t conduct any warrantless searches of travelers’ devices. That ruling doesn’t apply anywhere else in the country, but the district includes John F. Kennedy Airport in Queens — the sixth-busiest airport in the US. That ruling applies to both basic and forensic inspections.

Elsewhere in the country, judges have imposed some limitations on advanced searches. Warrantless forensic searches are allowed in some places and prohibited in others, depending on how different federal circuit courts rule. The Supreme Court could clear this up with a ruling that applies nationwide, but it’s avoided the question for years.

“Your rights will be different depending on whether you’re on a flight landing in Boston Logan in the First Circuit or Reagan/Dulles in the Fourth Circuit,” McBrien said. “Similarly, your rights would be different if you’re crossing the border in Arizona (Ninth Circuit) or New Mexico (Tenth Circuit). This does not make a lot of sense, but the Supreme Court has consistently declined to address these disparities by consistently denying petitions for certiorari in cases that have teed the question up.”

Some courts have been more permissive than others. The Ninth Circuit — which includes Alaska, Arizona, California, Hawaii, Idaho, Montana, Nevada, Oregon, and Washington — prohibits warrantless forensic searches unless officers are looking for “digital contraband,” such as child sexual abuse material. The Fourth Circuit — covering Maryland, North Carolina, South Carolina, Virginia, and West Virginia — prohibits warrantless forensic searches unless officers are looking for information related to ongoing border violations, such as human smuggling or drug trafficking.

In 2023, a federal judge in the Southern District of New York ruled that the border search exception doesn’t extend to forensic searches, for which warrants are needed. (Oddly, the case in question involved a phone search at Newark Liberty Airport in New Jersey, a state that is in a different federal circuit from New York.) These searches, judge Jed Rakoff wrote, “extend the Government’s reach far beyond the person and luggage of the border-crosser — as if the fact of a border crossing somehow entitled the Government to search that traveler’s home, car, and office.”

Advertisement

Malik’s phone was taken even though he’s enrolled in Global Entry

Not all judges agree. In 2021, Adam Malik, an immigration lawyer, sued CBP after agents at Dallas Fort Worth International Airport seized his phone and searched the contents without a warrant. According to the lawsuit, Malik’s phone was taken even though he’s enrolled in Global Entry, CBP’s trusted traveler program. Because the agents couldn’t bypass Malik’s password, they sent the phone to a forensics lab, which extracted all the phone’s data.

A federal court ruled in favor of DHS, saying the warrantless search hadn’t violated Malik’s rights. When Malik appealed to the Fifth Circuit — which covers Louisiana, Mississippi, and Texas — the judges held that the search didn’t require a warrant. But the court also expressed “no view on how the border-search exemption may develop or be clarified in future cases.”

In other words, the constitutionality of these searches is still an open question — and CBP won’t stop conducting them until and unless it’s expressly forbidden from doing so.

These distinctions matter because they determine a person’s basis for challenging device inspections in court. But given the Trump administration’s recent track record of ignoring the law and flouting judicial orders, limiting what can be found on your phone is a safer bet than suing the government over an unlawful search after the fact.

Advertisement

Instead of trying to game out what rights you have depending on your immigration status and what airport you’re flying into (or what land border you’re crossing), the best way to keep your devices safe from CBP is to limit what’s on them.

“We always encourage data minimization when crossing the border; you want to travel with the least amount of data possible,” Hussain said.

Before traveling, you should encrypt your devices and make sure you’re using secure passwords. Travelers should disable biometric logins like Face ID, since some courts have ruled that police can’t compel you to tell them your password but they can use biometrics to unlock your phone.

Travelers should disable biometric logins like Face ID

The EFF recommends that travelers limit what can be found during basic phone or laptop searches by uploading their data onto the cloud and deleting it off their device — and ensuring that it’s fully been removed, since agents can also look through your phone’s “recently deleted” files during basic searches. Customs agents are supposed to keep your phone on airplane mode while they conduct a basic search, but that still lets them see any cached emails, text messages, and other communications. The best way to safeguard this information is to back it up onto the cloud and then wipe your phone or laptop entirely.

Advertisement

Backing up sensitive or personal data doesn’t just prevent others from accessing your device; it also ensures you don’t lose that data if CBP seizes your phone or computer. McBrien also suggests that people turn their phones off when they’re crossing the border or at the airport. “Turning the phone off means that when you turn it back on, it requires a passcode whether or not you use FaceID or other biometric measures,” McBrien said.

In a better legal environment, these precautions wouldn’t be the only meaningful shield between you and a border search. “Without strong constitutional and statutory protections, personal choices about how to configure one’s device and apps can only mitigate — not eliminate — the dangers that border device searches pose to their privacy and speech rights,” McBrien said. For now, if CBP really wants to look through your phone, they’ll likely find a way. But you can still protect yourself as much as possible.

Technology

Lucid’s bankruptcy rumor is a bad sign for the EV future

Published

on

Lucid’s bankruptcy rumor is a bad sign for the EV future

Lucid Motors found itself in a tough bind this week, fending off bankruptcy rumors and watching its stock price plunge as a result. The company quickly denied the report, calling it “completely false” and pointing to its available free cash flow as evidence that it has enough runway to operate into next year.

But despite the swift response, the damage was widespread. The panic immediately bled into competing automakers, pulling down shares of Rivian and Polestar as investors speculated about the long-term survival of EV-only companies in the face of slowing consumer demand and whiplash policy shifts. And it cast a harsh light on the precarity of all three companies and the future of electric vehicles.

The trouble started on Tuesday, when EV trade publication EV reported that restructuring firm AlixPartners had advised Lucid’s board to consider Chapter 11 bankruptcy or a take-private deal. The report also said AlixPartners had encouraged the board to further restructure in the US and Europe and to focus on the Gravity SUV. But while the rest of the media has since reported on Lucid’s denial, no other publication has confirmed EV’s scoop. (For what its worth, EV’s URL is “eletric-vehicle.com,” enshrining the incorrect spelling in its address.)

Lucid confirmed that it had hired AlixPartners, but denied that the firm had made any such recommendations to its board. Instead, AlixPartners would provide advice on “improving execution, strengthening operations and positioning Lucid to realize the full potential of its technology, products and innovation,” Lucid chief communications officer Nick Twork said.

Lucid went a step further, filing a cease and desist order against EV

Advertisement

Lucid went a step further, filing a cease and desist order against EV, claiming that the site’s report directly led to the stock crash. “In short, your actions caused serious injury to a number of investors,” Lucid’s chief legal officer and general counsel, Brian Tomkiel, said in the letter. “And they injured, and continue to injure, Lucid directly.”

Still, the timing was terrible. Lucid is genuinely not in good shape, having lost over $1 billion in the first quarter of the year. The company has also gone through two rounds of layoffs in 2026, having cut 12 percent of staff in February and then 18 percent in June. The company also reduced production at its factory in Arizona in a bid to counteract its high inventory and save money. And there’s been leadership turmoil, with COO Marc Winterhoff departing the company and his position being eliminated entirely in an effort to flatten the structure.

The report sent the stock into freefall, plummeting as much as 50 percent in one of the worst single-day drops in Lucid’s history. And with Polestar and Rivian also catching strays, it’s generally been a glum time for companies not named Tesla trying make a go of exclusively building electric vehicles. Wall Street is panicking because the rumors are aligning with the bad news coming out of these companies’ earnings reports. EV sales are stabilizing, but recovery is still a distant promise. The all-electric future seems further away than ever.

Whether or not Lucid is actually weighing Chapter 11, it’s a sure sign of more turbulent waters ahead. Polestar getting strong-armed out of the US over its Chinese ties has left a lot of EV owners and dealers scratching their heads. Rivian is in an increasingly precarious position thanks to its huge, expensive bet on becoming a mass-market car company with the production of the R2.

All of these companies are increasingly reliant on big stakeholders — Lucid with Saudi Arabia’s Public Investment Fund, Polestar with Geely, and Rivian with Volkswagen — for their future survival. If any of these big backers get cold feet, the future could get really dark really fast.

Advertisement
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Continue Reading

Technology

Insurance breach exposes 7M driver’s licenses

Published

on

Insurance breach exposes 7M driver’s licenses

NEWYou can now listen to Fox News articles!

AssuranceAmerica, an auto insurance provider that works through a network of independent agents, has disclosed a data breach affecting nearly 7 million people. The exposed information includes driver’s license numbers and other personal details tied to auto insurance customers.

The company said it detected suspicious activity on March 17, 2026, after malicious activity targeted one of its employees one day earlier. Investigators later found that an unauthorized third party accessed parts of AssuranceAmerica’s IT environment and copied certain data files.

According to an Indiana Attorney General breach listing, the incident affected 6,998,886 people. A California Attorney General notice also says AssuranceAmerica began notifying affected individuals after completing its file review on June 15, 2026.

AssuranceAmerica sells auto, renters and commercial auto insurance through independent agents. So even if the company name does not sound familiar, your information could still be involved if your policy, quote, claim or driver details passed through its systems.

Advertisement

ADT DATA BREACH EXPOSES CUSTOMER INFORMATION

AssuranceAmerica says a March cyberattack exposed personal information tied to nearly 7 million people, including driver’s license numbers and insurance data. (Felix Zahn/Photothek via Getty Images)

Free live CyberGuy class: Sick of Spam? Join us July 22

Join us Wednesday, July 22, at 1 p.m. ET for a free CyberGuy Live class that will help you cut down on robocalls, spam texts, junk email and other unwanted messages. Kurt “CyberGuy” Knutsson will walk you step by step through simple ways to filter spam, clean up your inbox and recognize the messages that could put your personal information at risk. No technical experience is needed. You’ll also receive our spam-stopping checklist, and every registrant will get a link to the class recording afterward.

Reserve your free spot today at CyberGuyLive.com.

Advertisement

What happened in the AssuranceAmerica data breach

AssuranceAmerica said the breach started with malicious activity that targeted one employee. The company did not explain exactly how the employee was targeted. However, it said it later disabled compromised credentials and unauthorized sessions.

That detail should get your attention. Many breaches start with one stolen login, one convincing message or one infected device. Once attackers get inside, they can move quickly and look for files worth stealing.

In this case, AssuranceAmerica said an unauthorized third party copied certain data files from its IT environment. The company then reviewed those files to identify affected individuals.

What information was exposed in the AssuranceAmerica breach

AssuranceAmerica said the stolen files contained names plus one or more other types of personal information. That information may include contact details, auto insurance policy or account information, driver or vehicle information, claims-related information and driver’s license numbers. The California notice also says some files may have included Tax ID information and/or Social Security numbers.

That mix can create real risk. A scammer with your name, license number and insurance details may sound much more convincing. They could pretend to be from your insurer, a repair shop, a claims department or a state agency. This follows other identity-document breaches, including the Texas data breach that hit 3 million license customers. Once driver’s license numbers leak, the risk can last much longer than a stolen credit card number.

Advertisement

How AssuranceAmerica responded to the breach

AssuranceAmerica said it took affected server devices offline and hired external forensic specialists to investigate. The company also said it reset passwords, deployed enhanced monitoring and threat detection tools and gave employees more cybersecurity instruction. It also notified law enforcement.

AssuranceAmerica is offering 12 months of complimentary credit monitoring for affected individuals. That can help spot some suspicious activity. However, you still need to watch your insurance account, financial accounts and mail.

Why the AssuranceAmerica breach puts drivers at risk

A driver’s license number can help an imposter build a more believable scam. Insurance information can make that scam feel personal.

For example, a caller may mention your policy, your vehicle or a claim. Then they may ask you to “verify” more information. That is where the damage can grow.

Also, stolen breach data can be matched with public records and data broker profiles. That can give criminals a fuller picture of your life. We have seen the same pattern in scams tied to travel accounts, phone accounts and other breaches, including the Booking.com breach that exposed traveler data to scams.

Advertisement

BEFORE YOU CONNECT ANOTHER SMART TV, TABLET OR PHONE, LOCK IT DOWN

State officials say the breach involved Medicaid, Medicare Savings Program and rehabilitation services records spanning multiple years. (Photo by Silas Stein/picture alliance via Getty Images)

Ways to stay safe after the AssuranceAmerica data breach

If you receive a notice or think your information may be involved, take these steps now to make the stolen data harder to use.

1) Read the breach notice closely

If you receive a notice from AssuranceAmerica, read it carefully. Check what information the company says may have been exposed in your case. Do not assume every affected person had the same data stolen. Some people may have had driver’s license numbers exposed. Others may also have had Tax ID information or Social Security numbers involved.

2) Use the credit monitoring offer safely

AssuranceAmerica says it is offering 12 months of complimentary credit monitoring. Use the instructions in the official notice. Be careful with emails or texts that claim to offer enrollment links. Scammers often copy real breach language to trick you.

Advertisement

3) Freeze your credit

A credit freeze makes it harder for someone to open a new account in your name. You need to place a freeze separately with Equifax, Experian and TransUnion. It is free, and you can lift it when you need to apply for credit.

4) Add a fraud alert

A fraud alert tells lenders to take extra steps before opening credit in your name. You can place a fraud alert with one credit bureau, and that bureau should notify the others. This adds another layer of protection if your personal information was exposed.

5) Watch your insurance account

Log in to your insurance account and check for changes you do not recognize. Look for unfamiliar claims, new contact details or strange policy updates. If something looks wrong, call the company using a number from your policy documents.

6) Protect your devices from malware

Credential theft often starts with malware, a bad link or a fake download. Strong antivirus software can help block malicious files and phishing links before they cause damage. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

CARNIVAL BREACH MAY PUT YOUR TRAVEL DATA AT RISK

Advertisement

Strong passwords protect your accounts, but they do not stop data brokers from collecting public records and selling personal information to people-search sites. (Photographer: Chris Ratcliffe/Bloomberg via Getty Images)

7) Clean up your online personal data

Breached data becomes more useful when scammers can match it with your address, relatives, phone number or public records. A data removal service can help reduce what data brokers display about you. That will not undo a breach, but it can make you a harder target. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

8) Be suspicious of insurance-related calls

If someone calls about your policy, claim or payment, slow down. Do not share verification codes. Do not confirm sensitive details during an unexpected call. Instead, hang up and call the company back through an official number.

9) Check your DMV options

If your driver’s license number was exposed, review your state DMV’s fraud guidance. Some states may offer replacement options or identity theft guidance. The rules vary, so check directly with your state agency.

10) Use a password manager

Create strong, unique passwords for your insurance account, email and financial apps. A password manager can also help you spot fake login pages. If it will not autofill, you may be on a scam site. Check out the best expert-reviewed password managers of 2026 at CyberGuy.com.

Advertisement

11) Turn on two-factor authentication

Turn on two-factor authentication (2FA) for your insurance account, email and financial accounts when available. Use an authenticator app when you can. Text codes are better than nothing, but scammers often target them.

Kurt’s key takeaways

The AssuranceAmerica data breach is a reminder that your driver’s license number has become a high-value target. You may not be able to control how every company stores your information. However, you can make stolen data harder to use. Start with your credit. Then check your insurance account and watch for imposters who know just enough to sound convincing. Also, clean up the personal data already floating around online. The bigger issue is trust. Companies ask for sensitive information because they need it to do business. When that information leaks, you are the one left checking statements, freezing credit and worrying about what comes next.

What should a company owe you when it loses the ID number you use to prove who you are? Let us know by writing to us at CyberGuy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

Advertisement
  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Continue Reading

Technology

Google and Epic give up fighting — third-party Android app stores are coming next week

Published

on

Google and Epic give up fighting — third-party Android app stores are coming next week

Epic Games and Google have just jointly withdrawn their attempt to retroactively settle the lawsuit that’s changing how Android app stores work in the United States — and that means Google will be forced to carry rival app stores inside of its own. In fact, Google tells the court, it’s ready to begin carrying third-party app stores on Wednesday, July 22nd. Does that mean it’s time for Microsoft to launch an Xbox game store on Android?

But Judge James Donato was skeptical he should abandon his original permanent injunction in favor of Google’s proposed “Registered App Stores” that users would have to sideload — instead of simply downloading third-party stores directly through Google Play. On Thursday, July 16th, both parties were set to appear in court to argue it again, but that may no longer be necessary.

Here’s is Google’s full statement on withdrawing its proposed modifications to Judge Donato’s permanent injunction, via Google spokesperson Dan Jackson:

We’ve agreed with Epic to withdraw our motion to modify the US Court’s injunction rather than prolonging this process which creates uncertainty for the ecosystem. This allows us to focus on executing our recently announced global business model evolution to deliver greater app store choice, lower prices, and more opportunities for developers and users. We remain committed to maintaining Android’s industry-leading security and fostering a competitive ecosystem where every app store and developer has the freedom to compete. In parallel, we continue to comply with the US Court’s injunction.”

Google had previously announced that it would launch its sideloaded Registered App Store program in the rest of the world, beginning with the new version of Android later this year. That means there may be two different tracks for Android: stores-within-a-store in the United States, and Registered App Stores everywhere else.

It’s not yet clear if there will be a parallel “program” for third-party app stores inside of the Google Play Store, or if companies will simply submit them the way they’d submit any other app. Technically, the court’s permanent injunction states that Google “may not prohibit the distribution of third-party Android app distribution platforms or stores through the Google Play Store,” not that it has to proactively invite them in.

Advertisement

For access to the Google Play catalog of apps, Google will charge stores an annual fee of $5,000 for “security and policy reviews,” and it has many additional requirements, including: stores can’t distribute apps outside of the US, have to be open to all eligible third-party developers, have “clear, non-discriminatory” trust and safety policies, and no more than 1 percent of “install attempts” can be malware.

Continue Reading
Advertisement

Trending