SHIELD

Travel

Travelling to China: an honest threat model

What Chinese law imposes, what happens in practice, and the minimum hardware preparation for a business trip.

Published 16 min read Critical

Last reviewed:

Shanghai skyline at night

Pudong, terminal 2, the immigration queue. The managing director of an industrial SME I was accompanying takes out his iPhone to tell his local contact he’s landed. WhatsApp spins in the void. He switches to Gmail: nothing. LinkedIn: nothing. His corporate VPN shows “connecting” then gives up. Forty minutes later, in the taxi, he calls me from the only channel still working — the roaming on his home line, billed at a premium — and says: “Nobody told me I’d be deaf and mute the moment I stepped off the plane.” Nobody, indeed. His travel agency had handled the visa. Not the rest.

Angle de lecture

The usual trap

“China is just abroad with blocked websites. I’ll set up a VPNEncrypted tunnel between your device and a server, masking your IP and traffic from your ISP. and that’s that.” That’s the line I hear in preparation meetings, nine times out of ten. It contains two errors which, combined, turn a routine trip into an incident.

First error: believing your VPN will work. Consumer-grade commercial VPNs — ExpressVPN, NordVPN, Mullvad, Proton — and almost all standard corporate gateways are actively filtered. The Great Firewall doesn’t just block addresses: it does DPIAttack where an actor interposes between two parties believing they're communicating directly. (deep packet inspection) and recognises the signature of classic encrypted tunnels (IKEv2, OpenVPN, L2TP/IPsec) to cut them within seconds. You arrive with a solution you’ve never tested from inside China, and it doesn’t get through.

Second error, more serious: reducing China to an access problem. The real subject is not what’s blocked, it’s what’s collected. You enter an environment where network traffic transits equipment controlled by the state, where the app everyone asks you to install analyses the content of your messages, and where the legal framework — the PIPL, in force since November 2021 — gives the authorities extensive rights over data processed on the territory. The unprepared traveller finds himself simultaneously cut off from his tools and exposed to a level of capture he’s never encountered anywhere else. The VPN, in this story, is the detail. The subject is your threat modelMapping of actors, motivations, capabilities and potential impacts against a target..

There’s a third layer, more insidious, and it’s the one that traps the technical profiles. Many executives leave with the idea that “encrypt everything” is enough. Encryption protects content in transit and at rest, that’s true. But it protects neither the metadata, nor the very fact that you’re communicating, nor the device itself once it’s physically in other hands. Worse: in a border controlSearch of electronic devices at borders by customs or police. or search environment, making heavy use of encrypted channels you refuse to open attracts attention rather than avoiding it. Security in China is not won through maximum opacity. It’s won through surface reduction: the less you carry, the less can be taken from you.

And then there’s the denial of geopolitical reality. “I sell machine tools, I’m of no interest to anyone.” Possibly. But your patents, your transfer prices, your client list, your Asian-market penetration strategy — those interest someone. Economic espionage doesn’t only target the names you read in the press. It targets the SME that holds a niche know-how, precisely because it doesn’t think of itself as a target and has therefore prepared nothing. The size of your company is not a shield. It’s often what makes the capture easy.

What the law imposes, what happens in practice

Let’s distinguish two planes, because they get confused constantly: the written law and operational reality.

On the legal plane, the PIPL and the 2017 Cybersecurity Law require Chinese operators to store certain data on the territory and to cooperate with the authorities’ requests. The 2017 National Intelligence Law goes further: its Article 7 obliges “any organisation and any citizen” to support and cooperate with the state’s intelligence work. The concrete translation: a telecom operator, a hotelier, an app publisher has no right to refuse a request from the services. This isn’t conspiracy theory, it’s the text. When you buy a local SIM, your passport is scanned and the card is tied to your identity — a legal obligation, not a shopkeeper’s overzealousness.

You have to understand exactly what the PIPL changes, because it’s often wrongly presented as “the Chinese GDPR.” On the surface, it resembles it: consent, purpose, data-subject rights. In substance, it differs radically on one point that corporate lawyers overlook: the exemptions in favour of the state. Where the GDPR frames the authorities’ access, the PIPL facilitates it. Data processed on Chinese soil is accessible to the authorities in a framework you don’t control and can’t contest from abroad. And the law provides for restrictions on outbound transfers of data: exporting locally collected data out of China may require a security assessment. For a company operating on site, that’s a compliance subject in its own right. For the traveller, the consequence is simpler: what enters China enters a jurisdiction where your usual guarantees no longer hold.

On the border plane, officers’ power is broad and discretionary. The search of electronic devices on entry is documented — particularly for travellers arriving from certain regions or presenting certain profiles. The forced installation of monitoring apps has been reported at land crossings, notably in Xinjiang. The compelled disclosureLegal obligation to provide passwords or decrypt devices under penalty. of passwords is not framed as it may be in a democracy: there is no robust protection against self-incrimination you can raise against a state security officer. To refuse is to risk confiscation, prolonged questioning, even a denial of entry. This is precisely why the clean-device doctrine is not a paranoid luxury but the rational response: you don’t negotiate a password under compulsion if the device contains nothing.

On the practical plane, here’s what really happens. The Great Firewall permanently blocks the entire Google portfolio (Search, Gmail, Maps, Drive, Meet, YouTube, Play Store), WhatsApp, SignalOpen-source messenger with E2EE by default, operated by Signal Foundation., Telegram, Facebook, Instagram, X, LinkedIn, Dropbox, OneDrive, and most foreign news sites. Slack works intermittently. Conversely, WeChat becomes indispensable: it’s the phone, the messaging, the payment, the QR code to get into a restaurant. And Citizen LabDiscipline analyzing digital traces after an incident to reconstruct what happened.’s research has repeatedly documented that WeChat analyses message content — including from foreign accounts — to detect sensitive terms, and that this surveillance feeds server-side filtering. You’re not in a private messenger. You’re in a channel observed by design.

The metadataData about data: who wrote what, when, where, to whom., for its part, is collected continuously and without exception: who you call, when, from which cell, for how long. For a foreign national on the move, this level of passive capture is the baseline state, not a hypothetical risk. And for exposed profiles — journalist, lawyer on a case involving Chinese assets, executive with significant economic interests, researcher on a sensitive subject — you shift from passive collection to active targeting: intrusion attempts on devices, fake Wi-Fi access points, modified legitimate apps, physical surveillance.

Let’s break down the vectors, because “surveillance” stays a vague word until you decompose it. The first vector is the network: anything that transits in clear over the Wi-Fi of a hotel, a café or a conference centre must be considered read. Hotels are legally required to register their foreign guests with the police and to cooperate with security requests; assuming their network is neutral makes no sense. The second vector is the app: local apps demand very broad permissions — contacts, precise location, microphone, camera, files — not through development negligence, but because that’s the expected architecture. WeChat is not a messenger that happens to have a privacy problem; it’s a surveillance infrastructure that also provides a messaging service. The third vector is physical access: a device left unattended, even for a few minutes, in a hotel safe, on a meeting-room table, in a car, is a device exposed to cloning or implantation. The fourth, reserved for the most exposed profiles, is targeted software targeting: Citizen Lab has documented cases of journalists and activists whose devices were compromised by malware distributed through legitimate local channels. For these profiles, a clean device isn’t a recommendation, it’s a prerequisite.

What makes all this hard to internalise for an executive is the absence of signal. At home, an intrusion leaves traces, triggers alerts, opens a recourse. In China, the capture is silent, legal, and without any accessible counter-power. You won’t know you’ve been read. You’ll never know. That’s exactly why the preparation must be a priori: there is no possible a posteriori remediation when you don’t even know something happened.

The right design: enter clean

The mental switch fits in a single sentence: you don’t secure a device loaded with data in China, you enter with a device that has nothing to protect. It’s simpler, more robust, and it doesn’t depend on whether this or that VPN gets through this month.

In concrete terms, the baseline rule for any business trip: enter with a device that has no access to your production data. A travel phone with a pre-purchased international eSIMIntegrated reprogrammable SIM card supporting multiple carrier profiles. — not a local SIM tied to your passport — and a dedicated travel laptop, provisioned for the mission, empty of anything not strictly necessary on site. If the device contains nothing sensitive, neither the border, nor the hotel safe, nor the forensic analysis on return can extract anything from it. It’s the same logic as for border searchesSearch of electronic devices at borders by customs or police.: the best protection against the seizure of a secret is not to carry the secret.

“Clean device” doesn’t mean “an old phone lying in a drawer.” A clean device is provisioned: a freshly reinstalled system, dedicated travel accounts not linked to your main identities, a strict minimum of apps, and access to mission documents via cloud after the border crossing rather than in local storage. For an executive, the opposite reflex — “I’ll take my usual laptop and delete two or three folders” — is the classic mistake: deleted data is recoverable, app caches are full of information, and a synced password keychain gives access to everything else. You don’t lighten a production device, you build a different one. For the most exposed trips, some go as far as a burner phonePrepaid disposable phone used for a specific purpose then abandoned. reconfigured or destroyed on return, and the total isolationPhysical isolation: no network connection between a system and the rest of infrastructure. of the most sensitive documents, which simply never cross the border.

The VPN remains useful, but as a tool of comfort and connectivity, not as a shield. And it’s tested before departure, from China or via a server on site, never from London. Obfuscated protocols (Shadowsocks, V2Ray, Trojan) resist filtering better than standard VPNs — it’s what the subsidiaries of foreign companies based there use. Their legal status for a foreigner passing through is a grey zone (unauthorised VPNs are technically illegal), but prosecutions against a business traveller are rare. Crucial point: the VPN must be armed before crossing the border. Once on the territory, downloading or configuring a circumvention solution becomes markedly harder, access to foreign stores being itself blocked.

Finally, behaviour on site matters as much as the hardware. Never discuss confidential business over WeChat, even with a trusted partner. Sensitive meetings are held outside, in an open and noisy space, not in a hotel conference room nor in offices you don’t control — it’s been the standard for diplomats and foreign correspondents for decades. And the device never leaves your pocket during a meeting: not left on the table while you go to fetch a coffee.

Payment and communication: the double constraint

Payment is logistical trap number one. Western bank cards are accepted in large hotels and a few international restaurants, but refused in the vast majority of shops, local restaurants and transport. The norm is the QR code: WeChat Pay or Alipay. Since 2023, both services accept the registration of foreign cards (Visa, Mastercard), which has greatly simplified the traveller’s life — but it also means tying a card to an account hosted on infrastructure subject to the PIPL. Good practice: an account dedicated to the trip, funded just for the duration of the stay, never your main personal account tied to your whole digital life. You thereby limit what’s exposed to the duration and perimeter of the trip.

Communication follows the same logic of compartmentation. To reach your local partners, WeChat is unavoidable — so a dedicated account, innocuous content. For your sensitive exchanges with your team back home, you go through SignalOpen-source messenger with E2EE by default, operated by Signal Foundation. or an end-to-end encryptedEnd-to-end encryption: only sender and recipient can read content. channel via your obfuscated VPN, knowing that these apps are themselves blocked without a tunnel. And for the truly confidential — a negotiation in progress, a transfer price — nothing written, nothing stored locally: an encrypted voice call, or better, it waits for your return. The rule that sums it all up: on the territory, you treat each channel as if it were public, and you organise your secrets so that no channel carries them.

What this means in practice

For you, as an individual

  1. A travel phone with an eSIM, not your everyday one — Buy an international eSIMIntegrated reprogrammable SIM card supporting multiple carrier profiles. before departure (Airalo, Holafly, around thirty euros for two weeks). It often routes traffic outside the Great Firewall, and above all it’s not tied to your passport like a local SIM. Ideally, a cheap second phone rather than your main device crammed with accounts.
  2. A dedicated WeChat account for China — Create a separate WeChat account, not linked to your full identity or your permanent professional contacts. Same for Alipay: a travel account funded just for the duration of the stay. You install these apps, and local apps such as DiDi (taxi) or Meituan (food), only on the travel phone — never on your main device.
  3. An obfuscated VPN installed and tested before boarding — Set up an obfuscated solution (Outline, which is turnkey Shadowsocks, or a V2Ray server) and verify that it connects from China, asking a contact on site to test the same access. Cost: a small VPS at a few euros a month. Once on the territory, it’ll be too late to tinker.

For you, the CISO / IT director / executive

1. The PIPL makes China a jurisdiction apart in your travel policy. The 2021 personal-data protection law, coupled with the 2017 intelligence law, gives the authorities extensive rights over everything processed on the territory — and obliges local players to cooperate. Direct consequence: you can’t apply to China the same compartmentation policySeparating identities by usage (civil, public pro, sensitive pro, operational). as to an intra-EU trip. You need a dedicated, written clause that explicitly defines what is not allowed to enter the territory.

2. The returning device is a suspect device until proven otherwise. Any equipment that has transited through China (or Russia) must be treated as potentially compromised. Direct consequence: a ban on reconnecting directly to the corporate network, a systematic re-image of the travel laptop, and a documented return-from-missionStructured process for managing a security incident: detection, containment, eradication, recovery. procedure — not a “it’s fine, I kept it on me.”

3. The briefing is not optional for exposed profiles. A negotiator on a Sino-European file, an executive with significant assets, a sensitive researcher: these profiles move from diffuse risk to active targeting. Direct consequence: a security briefing with someone who knows the Chinese context before departure, a clean provisioned device, and no local storage of sensitive data during the stay — access happens via cloud after the border, over a controlled connection.

For you, the executive

The IT director will prepare a device for you, configure a VPN, hand you a sheet. That’s his job, let him do it. But three decisions aren’t his. They’re yours, because they commit a risk only you can accept.

What do I take. Not your usual devices. Not your phone crammed with ten years of history, not the laptop on which your entire professional life lives. Dedicated equipment, prepared blank for this trip, containing only what you need on site. The rule is simple: what doesn’t cross the border can’t be taken from you.

What do I leave. Everything that has value. And more than the documents, your communication histories. Your discussion threads with your executive committee, your exchanges on the file in progress, your messages with your lawyers. That’s where the strategic information is, not in a PowerPoint presentation. A messaging history says more about your strategy than a binder of contracts.

What I accept losing. Ask yourself the question before leaving, not on the plane. If your devices are taken at the border, or if you’re asked to unlock them, what happens? If the answer is “nothing serious, the device is empty,” you’ve prepared well. If the answer knots your stomach, you brought the wrong thing.

The IT director prepares the hardware. The executive decides the risk. Don’t delegate these three judgements: they aren’t technical, they’re yours.

Mistakes we see all the time

  • Testing your VPN from London. It works perfectly in London. That’s exactly why the test proves nothing. The only valid test is from China.
  • Leaving with your usual phone and laptop “because it’s only a week.” The duration of the stay changes nothing about the capture. Ten minutes of physical access to the safe is enough.
  • Buying a local SIM for convenience. Passport scanned, line tied to your identity, and traffic within the Great Firewall’s perimeter. The pre-purchased eSIM avoids all three.
  • Discussing a sensitive file over WeChat “because the contact is trustworthy.” The contact’s trustworthiness is irrelevant: it’s the channel that’s observed, not the person.
  • Reconnecting the returning device to the corporate VPN straight from the airport, to “catch up on email.” That’s the precise moment a compromised device contaminates the network.
  • Believing the GDPR protects you over there. It doesn’t apply. It’s the PIPL that governs the territory, and it plays the other way.

Actionable checklist

  • N1 Map what's blocked (Great Firewall) before departure
  • N1 Pre-purchased international eSIM — never a local SIM with passport scan
  • N1 Payment plan validated: Alipay/WeChat Pay on a dedicated account, or a usable card on site
  • N2 Obfuscated VPN (Outline/V2Ray) installed AND tested from China before boarding
  • N2 WeChat and Alipay accounts dedicated to the trip, not linked to your main identity
  • N2 Local apps (WeChat, DiDi, Meituan) on the travel phone only
  • N2 No confidential business discussion over WeChat
  • N2 Sensitive meetings held outside, never in a room or conference space
  • N3 Dedicated travel laptop, provisioned clean, with no production data
  • N3 Sensitive data in the cloud post-border, never in local storage on site
  • N3 China-specific security briefing for any exposed profile before departure
  • N3 Systematic re-image on return, no direct reconnection to the corporate network

Going further

Citizen Lab has documented WeChat surveillance and the targeting of journalists and activists for years — it’s the reference source for understanding the concrete vectors, beyond generalities. The PIPL text translated by DigiChina (Stanford) lets you read the law rather than assume it. GreatFire tracks the state of filtering in real time, useful for checking what gets through before you leave. Finally, the NCSC’s guidance on travelling abroad with electronic devices frames the “clean device” doctrine that underpins this whole article. For the hardware side and the return, see also our articles on the travel laptop, the eSIM and crossing borders.

Sources and further reading

Related articles