Google faces congressional scrutiny over DNS encryption
Image credit: Dreamstime
Congress is investigating Google’s move to encrypt DNS requests over claims that the switchover could stifle competition, the Wall Street Journal has reported.
While browsing online, a user’s computer sends DNS (Domain Name System) requests to servers to ask for information: the IP address associated with a domain name. DNS requests are normally resolved over an unencrypted channel by default, allowing for the possibility of third parties collecting data on the sites a user has visited or rerouting them elsewhere via a 'man-in-the-middle' attack.
Concerns about this vulnerability have been realised for years, with calls to introduce secure DNS-over-HTTPS (DOH). When encrypted in this manner, DNS requests appear like ordinary encrypted traffic, preventing spoofing from hackers and snooping from internet service providers (ISPs), while also making it unfeasible for ISPs to block DOH.
Recently, Mozilla - developer of the Firefox web browser - announced that it was preparing to encrypt DNS requests by default, using DOH. Google followed suit, announcing on its support blog that it would be experimenting with DNS over TLS in Chrome 78. Users will have the choice to switch over to DOH or to continue sending unencrypted DNS requests.
Google’s decision appears to have caused some political outcry, with the Wall Street Journal reporting that the US House Judiciary Committee opening investigations into its plans, while the Justice Department has also “recently received complaints”.
A group representing ISPs is understood to have written to Congress warning that the switchover could “inhibit” competition in multiple sectors, echoing concerns from across the political spectrum about the concentration of online power within Google, Facebook and a handful of other tech behemoths. In addition to wielding huge shares in the browser and digital advertising markets, Google also operates its own DNS system – Google Public DNS – which could benefit from the move.
“Because the majority of worldwide internet traffic […] runs through the Chrome browser or the Android operating system, Google could become the overwhelmingly predominant DNS lookup provider,” the group of ISPs wrote. “Google would acquire greater control over user data across networks and devices across the world. This could inhibit competitors and possibly foreclose competition in advertising and other industries.”
The Judiciary Committee will look into whether by denying other parties access to user data, the introduction of encrypted DNS will give Google an unfair advantage. Legislators have already sent a letter to Google asking if the tech giant would collect and process this data for commercial purposes, such as ad targeting.
Marshall Erwin, senior director of trust and security at Mozilla, told the Wall Street Journal that the characterisation of encrypted DNS as anti-competitive was “fundamentally misleading” and motivated by a desire for continued easy access to user data.
A Google spokesperson said: “Google has no plans to centralise or change people’s DNS providers to Google by default. Any claim that we are trying to become the centralised encrypted DNS provider is inaccurate.”
Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.