Skip to Content

Cybersecurity & Standards

I* Newsletter: Domain Name System Discussions

“I*: Navigating Internet Governance and Standards” was a monthly newsletter distributed by the Center for Democracy & Technology (CDT), and compiled by the Public Interest Technology Group (PITG), a group of expert technologists who work across a complex landscape of internet standards development (“I”) organizations that convene in the public interest.

The newsletter highlighted emerging internet infrastructure issues that affect privacy, free expression, and more, clearly explaining their technical underpinnings.

# Russian network operators directed to comply with the Sovereign Internet Legislation’s creation of “National DNS”: Under penalty of a fine, telecommunications networks and autonomous systems in Russia are now obliged by the state to follow a specific set of instructions for network configuration. The new requirements effectively implement Russia’s National Domain Name System (DNS), described in legislation referred to as “Russia’s Sovereign Internet Law” that was passed in 2019. Internet service providers have been asked to replace or add a “rogue” root server operator, ostensibly run by the government, in place of the 13 globally distributed DNS root servers that route most of the world’s internet traffic. This has implications for the global governance of the DNS, a core component of the internet. The change to the internet within the borders of Russia creates a “splinternet”, and makes internet shutdowns within the country easier.

  • For more information: The document with instructions for network configuration, translated from the original Russian, is available here.

# DNS privacy protocols are a public good: Queries in the Domain Name System (DNS), or the internet’s phonebook, can be encrypted by a variety of protocols, including DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), and Oblivious DoH. But public interest advocates are confronting the inherent tradeoffs associated with the improved privacy features these protocols provide. While increasing privacy, the new protocols can obfuscate user data that is relevant for measuring and researching network behavior. Additionally, the protocols consolidate internet service provision to a small number of ISPs that designed and are early implementers of the protocols. These issues make it harder to mitigate abusive behaviour on the network and risk large-scale internet shutdowns in censorship-prone regions. Advocates suggest that not all of these technologies and configurations handle these issues equally, and so which are implemented and how should be a matter of public concern and conversation.

# Quad9 leverages Europe’s legal jurisdiction to protect user privacy: Quad9, a non-profit Domain Name System operator that provides DNS lookup with pro-privacy protocols such as DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT), recently moved from California to Switzerland to leverage the country’s pro-privacy regulatory environment and provide its users with more fully guaranteed privacy protections. 

Mallory Knodel at the Center for Democracy & Technology says, “End users have made it clear to industry that privacy should be a central focus for internet platforms and infrastructure. This demand-side dynamic cannot be fulfilled with the promises of encryption technology alone, however. Secure and privacy-preserving protocols must be complemented with policies and practices that protect users. Based in Europe, Quad9’s DNS service now leverages a strong regulatory environment in the public interest.”