Travelling with electronic devices

Travelling with devices such as phones, tablets and laptops offers convenience and connectivity. However, these devices are also at risk of cyber threats, including data breaches and theft. Learn more about how to reduce risks.

On this page

• Protect your devices
• Protect your digital privacy
• Respect digital information laws and regulations outside Canada

Protect your devices

Before you go

Devices and accounts can be vulnerable without adequate protection.

Follow this advice to protect your devices from cyber risks:

• Install anti-virus and spyware protection, set up a firewall and configure the anti-virus software to check any storage devices you connect to, such as USB or external hard drives.
• Lock your device with a PIN or password and enable multifactor authentication—but understand that this alone doesn’t fully protect the data stored on it. You also need extra security like encryption to keep your files safe even if someone gets past the lock. Keep in mind that multifactor authentication may not work when roaming or if you are using an in-country SIM card.
• Encrypt your devices and use strong passwords or biometrics to protect your data and enhance security features. Consider using a password manager tool that can generate safer passwords.
• Enable options that remotely erase data or lock your device in case it’s lost or stolen.
• Back up your data to a secure location (e.g. cloud storage).

While you are away

Travelling can put you at risk for things like having your belongings stolen, someone breaking into your property, having your identity or credit card information taken or getting hacked by harmful software.

Protect yourself from fraud or cybercrime:

• Do not share your social media details and travel plans with strangers and consider making accounts private. The available information could enable malicious individuals to exploit potential risks or weaknesses.
• Wait to post photos or details online until after you’ve left a location.
• Be aware of your surroundings and prevent others from seeing your screen or keyboard.
• Turn off Wi-Fi and mobile data when not in use and use a VPN if available and legal at your destination.
• Do not charge your devices using public computers or docking stations.
• Use encrypted messaging apps instead of regular SMS or non-secure messages.
• Do not use unknown devices and storage media such as CDs, DVDs or USB drives as they may carry malware.

Public Wi-Fi

Public Wi-Fi networks are not secure and can be easily hacked. Attackers can set up fake networks with names similar to the trusted ones to steal personal information. Public Wi-Fi can be found in hotels, shopping centres, airports and private companies’ guest Wi-Fi.

Follow this advice when using public Wi-Fi:

• Always confirm the name of any Wi-Fi network before connecting.
• Do not log into sensitive accounts (such as for banking) or send sensitive information while connected to a public Wi-Fi network.
• If you have to use public Wi-Fi, use your business or personal VPN.

Keyloggers

Keyloggers are malicious software or devices that capture information typed into a device, compromising personal data.

Take the following precautions to protect your information:

• Be skeptical of unfamiliar networks or devices.
• Do not use the “remember me” feature when logging into accounts on shared or public computers.
• Always log out of accounts when you are finished using public or shared computers.

Bluetooth

Bluetooth allows for easy pairing and data exchange between devices but can expose your device to unauthorized access if not managed properly. Pairing devices with public or rental vehicles can store your personal information on their systems.

Keep in mind the following advice when using Bluetooth:

• Be cautious when pairing devices with cars, especially rental cars. If you do, remove your device from any pairing system, especially rental cars, to delete data it may have stored.
• Disable Bluetooth when not in use.
• Remove lost or stolen devices from your Bluetooth paired devices list.
• Check your device’s Bluetooth settings for automatic connection features and then disable them.

Near field communication functionality

Near field communication (NFC) lets devices exchange information wirelessly when they’re very close—such as when you tap your phone to make a payment or use a transit pass.

Take the following precautions to protect yourself:

• Turn off NFC when you are not using it. Be aware that most phones have NFC switched on by default. If you are not using it (for example, for mobile payments or transit passes), turn it off. This will stop any background activity while your device is in your pocket or bag and help prevent unwanted data transfers.
• Only allow NFC when your screen is unlocked.
• Do not use NFC in crowded or high-risk places to prevent your data from being stolen.

SIM cards and mobile networks

In some countries, purchasing local SIM cards from unverified vendors or using untrusted mobile networks can expose your device to surveillance or malware.

Take the following steps to stay safe:

• Purchase SIM cards only from reputable providers or official outlets.
• Do not use phones that have been jailbroken or rooted. These devices have had their built-in security protection removed or altered, which makes them more vulnerable to harmful software like viruses or spyware that can steal your personal information or damage your phone.
• Use a trusted international roaming plan instead of a local SIM card in high-risk countries.

Using eSIM cards

Note that eSIM cards can be spoofed to install malware. Spoofing happens when someone tricks an eSIM card into installing harmful software on your phone.

To reduce these risks, consider the following precautions:

• Only activate an eSIM card using official carrier websites or apps.
• Do not scan QR codes posted in public places unless verified.
• In some countries, local regulations may block access to eSIM features. In those cases, purchasing a physical SIM card may be the only option.

Fake app downloads

App stores and download links may lead to counterfeit apps that contain malware.

Take the following precautions to reduce such risks:

• Download or update apps only from official app stores before you travel.
• Disable app installations from unknown sources on your devices.

Social manipulation and phishing

Tourists can be targeted by phishing scams via email, SMS (smishing) or messaging apps by scammers pretending to be hotel staff, airline agents or local service providers.

Keep in mind the following advice:

• Be extra cautious of unsolicited messages, especially those prompting you to click on links or enter your credentials.
• Do not assume that emails or texts are legitimate just because they reference your location or itinerary.

Smart assistants or voice-activated devices

Devices like smart speakers or voice assistants on smartphones may inadvertently share sensitive data if voice data is collected or commands are spoofed.

Take the following precautions when using voice-activated devices:

• Disable smart assistant features (e.g. Siri, Google Assistant) while travelling.
• Do not share sensitive information near connected devices.

Mobile payment apps and digital wallets

Mobile payment methods (Apple Pay, Google Pay) may be targeted by fraudulent point-of-sale systems outside Canada.

Take the following precautions to avoid fraud:

• Use mobile payments only at reputable, well-established businesses.
• Regularly check your bank and credit card transactions for suspicious charges.

Malicious QR codes

QR codes used for menus, check-ins or Wi-Fi access can be malicious and lead to phishing sites or malware. Manually type URLs when possible or confirm their authenticity with staff before scanning.

AirDrop and nearby sharing vulnerabilities

Features like Apple AirDrop or Android Nearby Share can be used to send unsolicited or harmful files. Set AirDrop or file-sharing settings to “Contacts Only” or turn them off entirely while travelling.

Credential stuffing from leaked travel booking data

Compromised travel booking services and reused passwords can lead to further account takeovers. Use unique, strong passwords and multifactor authentication for travel-related accounts and monitor accounts used for bookings (hotels, airlines) for suspicious activity.

Protect your digital privacy

When travelling outside Canada, be aware that in many countries, border agents are legally entitled to search and confiscate electronic devices from anyone entering or leaving their country, including your smartphones, tablets and laptops.

These searches can include viewing your:

• files
• photos
• emails
• browsing history

If you are concerned about privacy, consult a legal expert before travelling with sensitive data.

Before you go

Reduce the amount of data on your devices

Avoid travelling with devices that store sensitive personal or business information. Consider using a “travel only” phone or laptop that contains only essential, non-sensitive data.

Use cloud or external storage

Back up and remove private data (e.g. legal documents, business files, personal photos, financial records) from your devices and store them securely in the cloud or on an encrypted external drive kept at home.

Clear your devices of potentially sensitive content permanently

This includes information that could be misinterpreted in different legal or cultural contexts, such as references to legal substances in Canada that may be restricted elsewhere.

When at the border

Stay professional and cooperative

Border inspections may feel intrusive, but patience and a respectful attitude can help the process go smoothly.

Answer questions honestly and clearly

Inconsistencies between your stated travel purpose and the contents of your device (e.g. calendar entries, emails) may raise concerns.

Know your rights

If a device is taken for forensic inspection, you can ask for a receipt that details the item seized and how to retrieve it later. Remember: digital privacy and data protection responsibilities extend beyond Canada’s borders, so always travel with the expectation that your devices could be accessed or reviewed by foreign authorities.

Digital information laws and regulations outside Canada

When abroad, it’s important to understand that digital information laws differ significantly between countries. What is legal and common in Canada—such as accessing webmail or carrying downloaded media—may be restricted or even illegal elsewhere. Violating these laws can lead to serious consequences, including fines, confiscation of devices or legal action.

Know the risks

Government surveillance

Some countries monitor Internet usage. Accessing your webmail or cloud services could expose your personal or corporate information to surveillance.

Censorship and content laws

Materials that are legal in Canada—such as novels, images or movies—may be considered pornographic, offensive or illegal in other countries.

Intellectual property regulations

Downloaded music, films or software on your devices could violate local intellectual property laws, even if they were legally obtained in Canada.

Data seizure and encryption restrictions

Certain countries may legally demand access to the data on your device, including encrypted files or sensitive corporate information.

Laws may apply to the hardware and the format in which your data is stored. If you are not familiar with the laws covering intellectual property, digital information and encrypted data in the country where you are travelling, contact the embassy or mission of your destination country in Canada before you leave on your trip abroad. 

Border agents are legally entitled to search and confiscate the devices of anyone entering or leaving their countries. Do not take any data into another country that you are not prepared to lose. 

Related links

• GetCyberSafe.ca
• Using data plans outside Canada
• Overseas fraud: An increasing threat to the safety of Canadians
• Embassies, consulates and offices by destination