What is on the device in their hands, on US soil, is subject to their stupidities, whatever those stupidities may be on the day their grubby hands get hold of your phone.
What is located remotely, in a privacy conscious jurisdiction, say Switzerland, is outside of their remit. I know US courts like to think they have power over the world, but they don't. US courts and US law power stops at US borders.
The trick is to make sure nothing gets cached on your local device (including authentication credentials, obviously). A bit like the old Thin Client computing really.
If you want to go one step further, don't travel with working credentials. Rely on someone outside of US jurisdiction to provide you the last piece of the jigsaw in a secure manner once you are in a safe location.
Well, in theory, yes. In practice, there have been recorded instances where the US Government has asked people to disclose their social media [1] and in other ones (I failed to find the source) refused access to people who refused to log into their accounts.
Also, if you're a non-american traveler, all the constitutional rights you're afforded as an American don't apply. So they can pretty much ask whatever and refuse you access for any reason.
It's like the US is becoming more and more like China. But it's a worlwide trend, really, with old men screaming "We're gonna be in the dark !" ... It's thoroughly depressing.
Edit: As written down in the comments, the part about foreigners' rights is wrong. See comment for correction.
But can’t they just deny you entry? I mean you can have all the rights but if they can just let you in (especially if you live in the US), that’s still a pretty big lever.
I’ve always considered America’s uniform worship to make the 3rd irellevent, I guess it goes to show that ensuring rights via law is good even if you think it unnecceraary
I've been to the US and there's no passport control whatsoever when you leave. You don't ever see a border guard on your way out — you go through security at the airport and then straight to the gate.
The real problem is that they now require social media handles on the visa application.
US “law power” extends as far as the enforcers of that power are able and motivated to extend their reach, which very often extends far outside of US borders.
OTOH, there's places and contexts where that reach tends to encompass more casually and with less case-specific motivation.
It's interesting that you single out Switzerland as a jurisdiction that the US can't touch.
It used to be that Switzerland had iron-tight bank secrecy regulations that the US (and the rest of the world) really couldn't breach. Yet over the years the US has managed to force massive changes on Switzerland's financial institutions, and for decades now there's been much more transparency, and Switzerland's banks are not nearly as secret nor as effective at hiding assets as they used to be.
Apart from getting other countries to change their financial regulations to be more in line with what the US wants, the US has also been very successful in doing the same in regards to issues like drug enforcement, human trafficking, child molestation, and many other issues.
So, depending on your threat model and what data you're trying to keep private, I wouldn't count on any jurisdiction ultimately being and remaining safe for your data.
Something else to consider is that once your data is out of your hands, it's easy for whoever has it to make a copy to archive and work on at their leisure. Even if they don't share, sell, compromise, or trade away that data today, that doesn't mean they won't do so at some time in the future when laws, technical capabilities, or incentives change.
I think you're drastically overstating what happened regarding Swiss banking secrecy.
Switzerland agreed to FATCA, which only applies to people subject to US taxes and allows those people to refuse to have their information shared with the IRS, in which case the IRS has to specifically request it.
The "massive changes" you mention essentially consist of banks asking you if you're a US person and then, for the big banks, making you fill out a bunch of paperwork and for the small banks, refusing to open an account for you. If you're not subject to US taxes, there's no effect on you whatsoever.
I think the _much_ more interesting thing, which is unrelated to the US (as it's not a party to the agreement) is the AEOI [0].
Anyhow, Switzerland is still very much a sovereign nation and the fact that it has agreed to give limited financial information to the US, with consent of the account holder, does not change that.
A fun bit of proof: copyright infringement, one of the US's pet peeves, is still very much alive in Switzerland. It's your legal right to make as many copies of something as you want and give them to your friends and family [1].
And ultimately, the US' power over Switzerland is quite limited due to the referendum system. Any change they'd like the government to make has to have the consent of the people. The Swiss are quite protective of their privacy so I don't see the US having any success weakening that.
I don't know if you realize how absurd this is: imagine if you, as a US citizen, in the US, had to answer whether you are subject to Swiss taxes any time you wanted to open a US bank account.
Also, for stock accounts, you'd be required to fill out a form in German/Italian/French regarding Swiss taxation.
It wasn't the US alone. The pressure increased from pretty much all the important trade partners in the west and a lot of the bank secrecy breaking a bit had to do with the Swiss banks really really wanting to do business in those countries, preferably without following their laws. But in the end it was the big banks that gave up on the iron-tight secrecy themselves and pushed for deals before the Swiss government did.
I agree that you can't count on jurisdiction alone for your data remaining safe. Neither will a technical solution like encryption. The latter might keep your data safe, but not you and your loved ones if there are not some legal limits what people wanting to access it can do.
> Yet over the years the US has managed to force massive changes on Switzerland's financial institutions, and for decades now there's been much more transparency, and Switzerland's banks are not nearly as secret nor as effective at hiding assets as they used to be.
Eh not really unless you're a US citizen, which is a US problem not a Swiss problem. When I arrived, several years ago, and was opening an account I was asked multiple times If I was (or ever was) a US citizen and had to sign (again multiple times) that I wasn't a US citizen. Many small and even cantonal banks will outright refuse to open accounts for US citizens.
That’s not true. A US court can order you to go to another country, retrieve documents, and bring them back to the US, even if you doing so is in violation of that other country’s laws. This is more reasonable than you might think, because otherwise companies and individuals could hide all of their incriminating data in such ways and evade accountability under US law.
Further, being involved in any violation of or conspiracy to violate American law is a crime, even if you never actually step foot in the US. Companies can be sued in US courts for actions they took overseas. None of this is particular to American law, the same is true in any advanced legal system. American law just has particular significance because of American economic preeminence. Some of the most vexing legal issues, both theoretical and practical, surround this cross-border application of law. And I guarantee you wouldn’t like the result if countries took a strictly physical, territorial approach to their legal authority.
That's not really accurate. The US, due to its historical position as a super power, has extradition treaties for many countries around the world. If charged with a crime in the US, your physical location might not matter.
It very case/situation specific. The host country might block extradition for various reasons, but often, the US has global reach.
What is on the device in their hands, on US soil, is subject to their stupidities, whatever those stupidities may be on the day their grubby hands get hold of your phone.
What is located remotely, in a privacy conscious jurisdiction, say Switzerland, is outside of their remit. I know US courts like to think they have power over the world, but they don't. US courts and US law power stops at US borders.
The trick is to make sure nothing gets cached on your local device (including authentication credentials, obviously). A bit like the old Thin Client computing really.
If you want to go one step further, don't travel with working credentials. Rely on someone outside of US jurisdiction to provide you the last piece of the jigsaw in a secure manner once you are in a safe location.