We knew this was coming, but now the clock is running.
-
We knew this was coming, but now the clock is running. From Privacy International:
"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."
"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."
PI linked to and summarized a Federal Register entry describing the proposed requirements:
-All visitors must submit ‘their social media from the last 5 years’
-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf
Hmmm... Just in time for the World Cup and Olympics?
I think we will see countries boycott these events, but this might push more over the edge. -
We knew this was coming, but now the clock is running. From Privacy International:
"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."
"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."
PI linked to and summarized a Federal Register entry describing the proposed requirements:
-All visitors must submit ‘their social media from the last 5 years’
-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf
@briankrebs Why would anyone want to travel to the US. Use a burner phone
-
@briankrebs I would be unable to comply, even if I wanted to (and hell, I don't want to).
I regularly use unique Email addresses and not all of them are documented. I guess that 5 years means 500+ email addresses.
HaveIBennPwned quite often informs me, how wise that move is
. Do they allow wildcards in email addresses?There are several more "no go" points in that text. And if a relative would hand out any information about me, I would consider that a breach of trust. So I won't do that either.
I think any person wanting to visit the U.S. at the current state must be completely nuts.
@Martin SeegerI think any person wanting to visit the U.S. at the current state must be completely nuts.
Or unfathomably naive... -
We knew this was coming, but now the clock is running. From Privacy International:
"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."
"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."
PI linked to and summarized a Federal Register entry describing the proposed requirements:
-All visitors must submit ‘their social media from the last 5 years’
-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf
@briankrebs just cancel the Olympics and the FIFA World Cup as the next step.
I will not travel to the US in 2026 just as sure as I would not recommend time travel to Germany 1936 to a jew.
-
I feel for anyone in the travel, tourism and hospitality industries, which make up ~ 10M jobs and ~ 3 percent of the nation's GDP. From the U.S. International Trade Administration (trade.gov)
"Inbound international travel to the United States plays a vital role in the Nation’s economy and promotes cultural exchange and understanding. Travel and tourism is the largest single services export for the United States, accounting for 22 percent of the country’s services exports and 7 percent of all exports in 2023. The travel and tourism industry contributed $2.3 trillion to the U.S. economy in 2022 (2.97 percent of the country’s GDP), supporting 9.5 million jobs."
@briankrebs right about now, no one should be going to the USA, the only language the 🟠 understands is money, he really doesn't care about people, no matter who they are.
-
@briankrebs I would be unable to comply, even if I wanted to (and hell, I don't want to).
I regularly use unique Email addresses and not all of them are documented. I guess that 5 years means 500+ email addresses.
HaveIBennPwned quite often informs me, how wise that move is
. Do they allow wildcards in email addresses?There are several more "no go" points in that text. And if a relative would hand out any information about me, I would consider that a breach of trust. So I won't do that either.
I think any person wanting to visit the U.S. at the current state must be completely nuts.
"Do they allow wildcards in email addresses?"
All my email addresses of the last 10 years: *@*.com
("com" might be a bit of a stretch, could be replaced with *.)
-
We knew this was coming, but now the clock is running. From Privacy International:
"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."
"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."
PI linked to and summarized a Federal Register entry describing the proposed requirements:
-All visitors must submit ‘their social media from the last 5 years’
-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf
@briankrebs I have been to the United States in the past, but it is one place I know I am certainly not going anymore. Let’s hope that could change in the future.
-
@arrakeen_urbanite @briankrebs
And for everyone's safety, require vaccinations. Maybe do mandatory drug tests, too.
-
@farbel @briankrebs is CPB a typo for CBP, or the actual address is CPB_PRA ? CPB dhs gov goes nowhere.
@faraiwe @briankrebs I changed it and got this:
-
I feel for anyone in the travel, tourism and hospitality industries, which make up ~ 10M jobs and ~ 3 percent of the nation's GDP. From the U.S. International Trade Administration (trade.gov)
"Inbound international travel to the United States plays a vital role in the Nation’s economy and promotes cultural exchange and understanding. Travel and tourism is the largest single services export for the United States, accounting for 22 percent of the country’s services exports and 7 percent of all exports in 2023. The travel and tourism industry contributed $2.3 trillion to the U.S. economy in 2022 (2.97 percent of the country’s GDP), supporting 9.5 million jobs."
@briankrebs An image comes to mind: MAGA tripping over the power cord and unplugging the life support machines of our economy. I am sure Midjourney could use that as a prompt.
-
@briankrebs Whose going to remember all of that anyways? Seems like an excellent way to pick out people they want to harass and claim its because they lied. Presumably they already have this data thanks to big tech
"Whose going to remember all of that anyways?"
And who is going to check/verify any of this, and how?
-
as someone who has been using unique email addresses for every service, I look forward to submitting several hundred addresses.
@ojensen @briankrebs Do you even remember them all? I certainly don't.
-
I feel for anyone in the travel, tourism and hospitality industries, which make up ~ 10M jobs and ~ 3 percent of the nation's GDP. From the U.S. International Trade Administration (trade.gov)
"Inbound international travel to the United States plays a vital role in the Nation’s economy and promotes cultural exchange and understanding. Travel and tourism is the largest single services export for the United States, accounting for 22 percent of the country’s services exports and 7 percent of all exports in 2023. The travel and tourism industry contributed $2.3 trillion to the U.S. economy in 2022 (2.97 percent of the country’s GDP), supporting 9.5 million jobs."
@briankrebs don't they have like a World Cup and Olympics coming up soon? Who's gonna wanna go through all that?
-
@farbel @briankrebs is CPB a typo for CBP, or the actual address is CPB_PRA ? CPB dhs gov goes nowhere.
@faraiwe @briankrebs From the linked DHS document:
-
We knew this was coming, but now the clock is running. From Privacy International:
"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."
"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."
PI linked to and summarized a Federal Register entry describing the proposed requirements:
-All visitors must submit ‘their social media from the last 5 years’
-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf
@briankrebs So given you have to go through US immigration/customs even if just transiting through the US, this is also going to impact US Airlines, as who wants to turn over all that data even if just spending a few hours air side on the way to some where else?
-
@briankrebs I would be unable to comply, even if I wanted to (and hell, I don't want to).
I regularly use unique Email addresses and not all of them are documented. I guess that 5 years means 500+ email addresses.
HaveIBennPwned quite often informs me, how wise that move is
. Do they allow wildcards in email addresses?There are several more "no go" points in that text. And if a relative would hand out any information about me, I would consider that a breach of trust. So I won't do that either.
I think any person wanting to visit the U.S. at the current state must be completely nuts.
@masek @briankrebs Who even knows all of the profiles, phone numbers, emails etc their relatives use? Like you, I wouldn't even be able to provide my own even if I wanted to.
This seems like it's only meant to stifle free speech/ intimidate and to create probable cause if you want to go after someone. Because nobody will be able to fully comply
-
I'm British, white, male, aged 60-ish.
Prior to February 2016 I typically visited the USA 3 times a year for up to six weeks.
Since February 2016 I have visited the USA twice in a decade, for a total of 10 days.
Entering the USA as a foreigner, with a Republican POTUS in the White House, *never* felt safe, but under Trump it looks diabolically dangerous. (And to a glance I resemble "one of them": I'm not female or dark-skinned.)
@cstross @briankrebs Living here is not a walk in the park at this point...
I'd never ask anybody to travel here now. I'm glad I'm no longer in the events-organizing part of tech -- I couldn't host anything anywhere in the U.S. if it required people to come from outside.
Not our largest problem right now, but it's a fairly nasty symptom.
-
@briankrebs I wish people understood how important the Federal Register is to how law is made. The government has to consider comments and if they fail to consider them seriously you can sue to block a regulation. The more people who comment with serious objections to a rule, the harder it is for the government to implement that rule. It’s an under appreciated avenue for direct democracy and direct action. If there’s an issue you care about, you can follow that on the FR
@ShiitakeToast new rule: "Anyone submitting an objection to the federal register must first provide 5 years social media, all email addr...."
The only way to win is not to play.
-
We knew this was coming, but now the clock is running. From Privacy International:
"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."
"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."
PI linked to and summarized a Federal Register entry describing the proposed requirements:
-All visitors must submit ‘their social media from the last 5 years’
-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf
@briankrebs Not visiting any time soon, but FUCK NO!
-
@arrakeen_urbanite @briankrebs No, just to people with private jets or diplomatic passports.
