The redirection of internet traffic away from its initial path to a different one to collect information could be used to evade network oversight, Boston University computer science professor Sharon Goldberg argued during a presentation around the topic of cybersecurity Monday.
Approximately 30 people attended the presentation titled “Network Security, Territoriality, and National Security Surveillance: A Computer Scientist’s View on Law and Policy” at the School of Law Monday afternoon. The talk was part of a joint series sponsored by BU in an effort to merge the fields of computer science and law.
“You can redirect traffic flows [on a network],” Goldberg, a professor in the College of Arts and Sciences, said during the presentation. “Just because traffic stays within the U.S. doesn’t mean it has to stay in the U.S.”
The presentation facilitated a discussion about the role of the government in collecting information through surveillance. Specifically, Goldberg talked about the Foreign Intelligence Surveillance Act and the specific protections it provides to citizens and information-collecting agencies like the National Security Agency.
Goldberg also discussed the protections granted by the Fourth Amendment and whether certain actions are covered by the amendment. Her research brought up the distinction between domestic and foreign surveillance and what that means for the NSA.
“Basically, there are more restrictive rules to collect data in the U.S. so it’s better to collect data from abroad,” Goldberg shared in the presentation.
Goldberg further elaborated on an updated argument from her research paper she wrote in 2014 titled “Unrestrained Bulk Surveillance on Americans by Collecting Network Traffic Abroad” about how traffic shaping can be used to evade oversight.
“I was trying to update my article from 2014 and in the course of doing that, more information [on surveillance procedures] has come out since then,” Goldberg said after the presentation. “Legal documents have been released that were originally classified, and so that raises questions if what we were saying in 2014 was actually accurate.”
Goldberg said her work focused on the ways agencies use traffic shaping to have less oversight.
“This work is sort of how you can evade the laws, or change where you can collect traffic, or conduct surveillance in certain ways, so that you have less legal oversight,” Goldberg said.
The presentation culminated with discussions between attendees and conversations with Goldberg herself.
Several attendees said they were able to learn and take away new knowledge about privacy and cybersecurity from the talk.
Wendy Gordon, a law professor who teaches classes related to cyber security, said she still had a lot of questions after listening to Goldberg.
“How might we amend it and how can we get more bank for our surveillance buck?” Gordon said. “We might just want people to know the danger they are under when they send things.”
Pengcheng Xu, a senior in CAS, is majoring in mathematics. He said he was interested in the computer science component of the presentation.
“I have a deeper perspective with what network security is really about and what specific stages it goes under,” Xu said.
Jude Muyanja, a Boston-based legal assistant, said he heard about the talk from a friend at BU and said he learned a lot regarding the United States’ role in protecting the privacy of citizens.
“I have learned that networks like Google or Facebook might have routers abroad, not here in the U.S., so that affects American citizens,” Muyanja said.
Muyanja also said he was interested in the human rights aspect of the presentation.
“Using the cyber net is a human right so then how do our human rights protect it or defend it?” Muyanja said. “I also learned that human rights of individuals all over the world should be protected, so that people can be safe and can be secured to be able to communicate freely.”