>For GDPR reasons alone it's probably not a good idea to take a business phone across certain borders. You run the risk of disclosing customer data to a 3rd party, if only because the customer data in your phone book counts as PII.

But "law enforcement" is specifically exempt?

https://en.wikipedia.org/wiki/General_Data_Protection_Regula...