Also, wouldn't giving your password to the US government be in breach of Facebook / Twitter EULA, as in, don't give your password to third parties? So anyone getting a visum for the US can expect a permaban haha lol.
It's an EULA breach, yes. I want to say even
with an explicitly issued warrant -- law can compel physical access to a device but personal information such as passwords is a hell of a lot sketchier on the legal mandate front. Iirc that's one of the things that have been brought up in court to get employers asking for that stuff to knock it the hell off. Pretty sure it's not a criminal breach, but forcing visitors to give social media passwords
is basically forcing them to commit
civil law violations, specifically of the contract sort. I'd be hella' surprised if that's not a lawsuit waiting for someone pissed off and wealthy enough to handle the court fees.
Though for what it's worth, it's not really
all privacy protection laws. The 1974 one's still in full effect, even for non-citizens et al. The practical impact of that kinda' remains to be seen. It'd be some kind of morbid hilarity if fuckups related to that cost the US more in court fees than what we're spending to ramp up visitor harassment.