Last updated July 2025

If you are a lawyer crossing international borders, you should be mindful of your ethical obligations to protect privileged or confidential information. Laws in Canada and other countries may permit border agents to demand access to electronic devices. Refusing these demands may carry risks including having the electronic devices seized, additional screening or detention. Border crossings are particularly challenging if you are travelling with electronic devices that store client information or that can connect to client information.

Having a PLAN for crossing international borders ahead of time can reduce your anxiety and stress and prepare you to meet your professional obligations should you be met with a demand to access your electronic devices. Your PLAN should include:

• developing a policy for border crossings;
• leaving unnecessary devices and client information behind;
• presenting a professional attitude at the border; and
• taking the next steps after international travel.

Develop a Policy

Develop a policy for your office about cross-border travel that applies to the lawyers and the staff in your office travelling with electronic devices. Policies should include guidance for:

• when, if ever, it is appropriate to travel with electronic devices that belong to the firm or organization;
• what data lawyers and staff are permitted to store on their personal electronic devices;
• minimum security requirements for firm devices and for personal devices that store or access client information including minimum password requirements;
• what to do if a border agent demands access to an electronic device; and
• what to do after an electronic device is searched or seized by border agents.

Leave Client Information Behind

Consider taking fewer electronic devices across the border. Travelling with fewer devices may reduce your risk of having them searched or seized at the border.

Consider deleting client information stored on your electronic devices. Some countries limit searches conducted at the border to data stored locally on the electronic device. Data stored remotely or in the cloud may be protected from a search at the border. Additionally, you should isolate and clearly label client data as “confidential” so that it is easy to identify and, if possible, exclude from a search at the border.

Log out of applications containing client information prior to travel and disconnect your devices from any networks. Turning “airplane mode” on your devices prior to crossing the border can help protect against accidently downloading client information at the border.

If possible, consider deleting all applications and data from your electronic devices and then download whatever you need after you’ve crossed the border.

Present a Professional Attitude

As a lawyer, you are professionally obligated to assert privilege or confidentiality over client information. However, you should avoid unnecessarily confrontational or aggressive attitudes. Engaging with border agents with professional courtesy, civility and respect may reduce the chance for confrontation or de-escalate tense situations.

In some countries, border agents are required to seal off information over which privilege or confidentiality is asserted but this can only be done if you assert privilege or confidentiality and if you have your data properly isolated on your device. If your device contains client information or you can access client information when you’re faced with a demand at the border, you should tell the agent that you are a lawyer and explain that the device you are handing over contains client information that is confidential and, if applicable, privileged. If you have followed the PLAN, you should be able to quickly and easily show the border agent where your client information is stored and politely explain that you have an ethical obligation to assert privilege and confidentiality over same.

Next Steps

You should treat searches and seizures at the border as privacy breaches if those devices contained client information. A privacy breach can occur even if you have taken all reasonable steps to protect client information. When a client’s confidentiality is breached the client should be notified and the breach should be reported to the Alberta Lawyers Indemnity Association. Additionally, you should contemplate whether further reporting is required to the Law Society of Alberta or other entities. For example, s. 34.1(1) of the Personal Information Protection Act (Alberta) may require lawyers to report the privacy breach to the Information and Privacy Commissioner.

If you are seeking more information about crossing the border with client information, you can contact the Practice Advisors. You may also want to review the Federation of Law Societies of Canada’s Crossing the Border with Electronic Devices: What Canadian Legal Professionals Should Know.