Cybersecurity & Public Policy Seminar: A Conversation with Alex Gamero Garrido

Abstract

About the Speaker:

Alex is a Ford Foundation Post-Doc Fellow in Computer Science at Northeastern University, working with David Choffnes. His research focuses on the intersection of computer networking systems and public policy with an emphasis on online privacy. His studies have won multiple conference distinctions in computer networking. He completed his Ph.D. in Computer Science from UC San Diego (2021), where he received Microsoft Research’s Dissertation Grant.

Abstract:

EU data localization regulations limit data transfers to non-EU countries with the GDPR. However, BGP, DNS and other Internet protocols were not designed to enforce jurisdictional constraints, so implementing data localization is challenging. Despite initial research on the topic in 2018 (before GPDR took effect), little is known about if or how companies currently operate their infrastructure to comply with the regulations. Garrido closes this knowledge gap by empirically measuring the extent to which servers and routers that process EU requests are located outside of the EU (and a handful of "adequate'' non-EU countries). The key challenge is that both browser measurements (to infer relevant endpoints) and data-plane measurements (to infer relevant IP addresses) are needed, but no large-scale public infrastructure allows both. Garrido builds a novel methodology that combines BrightData (browser) and RIPE Atlas (data-plane) probes, with joint measurements from over 1,000 networks in 20 EU countries.

To Register: Please email joshua.anderson@tufts.edu