At first glance, browsing the web seems like a pretty straightforward process. Behind the scenes, after you enter a URL into your device’s address bar, your device sends a request to a domain name server (DNS) to translate the URL into a machine-readable IP address. Once your device receives the corresponding IP address, it opens the website. There are many reasons why a user might want to set a custom DNS on their smartphone. whether it’s to avoid content filtering, for privacy, or for any other reason, and services like Google and Cloudflare offer their own DNS. Now, however, the European Health and Digital Executive Agency (HaDEA) has proposed an EU-built and donated DNS infrastructure, dubbed DNS4EU.
In the DNS4EU infrastructure project (marked by The record), it states that “the deployment of DNS4EU aims to remedy such a consolidation of DNS resolution in the hands of a few companies, which leaves the resolution process itself vulnerable in the event of significant events affecting a major supplier” . While it is true that many DNS providers are based outside the EU, the project page also states that the EU wants to launch DNS4EU for cybersecurity and data privacy reasons. The European Commission has highlighted the need for a sovereign DNS in December.
DNS4EU would also filter out illegal content hosted on dangerous domains, such as malware, phishing sites and other cybersecurity threats. Websites banned by court orders could also be added to the filter. DNS4EU should also be fully GDPR compliant, ensuring data is processed in Europe and personal data cannot be sold or monetized.
As for the technical details, the document states that “the service infrastructure should comply with the latest security and privacy-enhancing standards (e.g., HTTPS, DNSSEC), including DNS encryption (e.g., DNS over TLS (DoT) and DoH) and be fully IPv6 compliant. “DNS-over-TLS (DoT) or DNS-over-HTTPS (DoH) are private DNS standards that ensure your DNS queries are encrypted. Many popular DNS servers, such as Google Public DNS, NextDNS, and Cloudflare, support both DoT and DoH standards. Android 12 currently only supports DoT natively, but DoH support is also being added in Android 13.
It does not appear that the EU intends to make this DNS infrastructure mandatory for use in the EU, as it has stated that guides will be made available for users to set it up on their own devices “via a dedicated website under a clearly marked URL”. . It also doesn’t appear to be an entirely public service, as there will be “premium services for enhanced security (e.g. ad-hoc filtering, monitoring, 24/7 support), tailored to specific industry needs. “.