GoKawiilHong Kong police gain warrantless power to force unlock of encrypted devices with jail time for refusal
Al is a long time tech writer with a penchant for all things nerdy. While he writes for Gadget Review, he manages a team of review writers, ensuring their content is nothing short of perfect.
Al is a long time tech writer with a penchant for all things nerdy. While he writes for Gadget Review, he manages a team of review writers, ensuring their content is nothing short of perfect.
Your iPhone’s encryption means nothing if Hong Kong police decide you’re a security threat. New amendments to the city’s National Security Law now allow authorities to demand “any password or other decryption method” for phones, laptops, and encrypted devices—no warrant required, even with digital IDs.
The rules, effective March 23, 2026, turn your biometric locks and multi-factor authentication into legal obligations rather than privacy protections. Refuse to unlock your device? That’s a year in jail plus a HK$100,000 fine (roughly $12,700 USD). Provide fake credentials? Three years behind bars.
Device Security Becomes Legal Liability
These expanded powers target anyone with access to encrypted data, from device owners to IT administrators.
These powers extend beyond device owners to anyone who knows access details—your spouse, business partner, or IT administrator. The law covers everything from smartphone PINs to enterprise-grade encryption keys, essentially making digital privacy contingent on government approval, creating computer problems that go far beyond typical technical issues.
For travelers using encrypted messaging apps like Signal or running VPNs, Hong Kong just became a digital minefield. Your usual privacy tools now carry potential criminal liability if authorities deem your communications threatening to “national security”—a deliberately vague standard covering:
Secession
... continue reading