OSM-S Logo
Get a Quote!

Evaluating DNS4EU and Resolving Trust

Evaluating DNS4EU and Resolving Trust

The DNS Divide Between State, NGOs, and Corporations

Using a privacy-focused DNS (Domain Name System) provider is important for several reasons, primarily concerning data protection, digital sovereignty, and enhanced security. When evaluating how different types of DNS providers handle user data, a key distinction lies in their logging policies, anonymization practices, and overall commitment to privacy, often influenced by their organizational structure and jurisdiction.

Government-Backed DNS (like DNS4EU)

DNS4EU, an initiative by the European Commission, aims to strengthen the EU’s digital independence and provide an alternative to US-based tech giants. The entity responsible for operating DNS4EU Public Resolvers is Whalebone, a company based in the Czech Republic.

  • Commitment to Data Collection: DNS4EU commits to collecting only information necessary for the proper provision and functioning of the DNS resolution service and for researching online threats. They explicitly state they will not retain, sell, or transfer to any Third Party (except as legally required) IP addresses or other user identifiers from DNS queries. Furthermore, they promise not to combine collected data with any other data in a way that could identify individual end users.
  • IP Address Anonymization: DNS4EU implements a specific process for IP address anonymization. IPv4 and IPv6 addresses are processed using the cryptographic hash function HMAC_SHA256, with an HMAC key that is regenerated daily and kept only in memory. The output undergoes a modulo operation, and to further enhance privacy, any resulting queries with fewer than 100 requests for an anonymized IP address are deleted. The goal is an “anonymous dataset” that “cannot be reasonably linked anymore to a data subject”.
  • Limited Data in Logs: Beyond anonymized IP addresses, DNS4EU collects “limited DNS query data” in its logs. This includes the DNS query sent by the device, resolver DNS response, DNS query type, DNS query timestamp, Resolver Identifier, ASN identifier, threat type (if detected), content type (if user selected filtering), transport protocol, query port, and TTL. These logs, primarily for “threat research,” are stored in EU-hosted backends for up to six (6) months and then deleted. Aggregated data, such as the total number of queries, queries per second (QPS), and resolution time averages, may be kept indefinitely.
  • Exceptions for Non-Anonymized IPs: There are a “very limited number of cases” where non-anonymized IP addresses are processed:
    • For plain DNS resolution, the client IP address is held in volatile memory (RAM) for milliseconds, just long enough to send a response, and is never stored in non-volatile memory.
    • If a user accesses a potentially malicious website after a warning page, their IP address may be stored for up to 24 hours by the DNS resolver to prevent re-blocking access.
    • During active attacks on the DNS resolver (e.g., DDoS), IP addresses are processed and may be stored for up to six (6) months to detect attackers and analyze attack characteristics.
    • For troubleshooting (software crashes), IP addresses in volatile memory at the time of a crash (core dumps) can be recorded and retained for up to three (3) months for analysis.
    • These exceptions are based on the “legitimate interest in ensuring the operation, security and safety of DNS communications”.
  • Data Sharing: DNS4EU states they DO NOT share any information that could identify an individual. Limited data (as seen in anonymized logs) is shared with selected Project Partners who train machine learning models based on this data. Aggregated data and/or a subset of anonymized data may be shared with Threat Intelligence Partners under strict confidentiality obligations for improving user security. Only general information and reports containing statistical aggregated data are made publicly available; no original dataset is public. They also explicitly state they do not correlate or combine data in their possession with data from other sources.
  • Compliance: DNS4EU states it adheres to EU laws, including GDPR, and national legislation, emphasizing data protection and privacy by design. Whalebone, the operator, is subject to the independent supervision of the Czech Office for Personal Data Protection (UOOU).
  • Criticisms: Despite anonymization efforts, privacy experts like Patrick Breyer note that DNS4EU “lacks a no-log policy” in the strictest sense, as it collects limited DNS query data and IP addresses, even if mostly anonymized. Breyer stated that “The logging of all requests – even if mostly anonymised – comes with risks”. Concerns also exist about the potential for future content filtering beyond malicious domains, although DNS4EU states it “do[es] not censor… for any purpose other than the blocking of malicious domains… or, if the User chooses”, and a test showed it didn’t filter the CUII-list or YouPorn unless child protection was active. Some users express concern that it could be an “obvious honeypot”.

Non-profit / NGO DNS

These providers are generally perceived as highly privacy-focused and independent from government or large corporate interests, which builds trust for users concerned about surveillance or data exploitation.

  • Mullvad DNS: States a policy of “No logs whatsoever”. It is operated by Mullvad VPN, known for its strict privacy ethics, and is based in Sweden, which has strong privacy laws.
  • DNS.Watch: Has a “No logging policy”. It is fully independent and does not track or filter user data. This provider is based in Germany, recognized for its strict data privacy laws.
  • Quad9: States “No IP address logging (only aggregate stats)”. They explicitly do not transmit Personally Identifiable Data (PII), such as IP addresses, outside of the project. Quad9 has moved its legal presence from the US to Switzerland to ensure “maximum Internet privacy protection”, meaning it is compelled to use Swiss data protection laws (which are nearly identical to GDPR), with criminal penalties for violations. They do collect some data for threat monitoring and response, which may then be remixed and shared for security research.
  • dns0.eu: This service is highlighted for its strong privacy and no-logging commitment. It is run by a French non-profit organization founded by the co-founders of NextDNS. The no-logging policy is seen as more reliable due to its servers being located in the EU.
  • LibreDNS: Explicitly states “No logs”. It is run by LibreOps, a privacy-focused community, and is based in the EU.

Corporate DNS

Corporate DNS providers vary in their data handling, often balancing performance and features with privacy.

  • Google DNS (8.8.8.8): Often criticized because its business model revolves around data collection. Some users indicate that using Google DNS or a generic provider’s DNS often involves data mining and censorship.
  • Cloudflare (1.1.1.1): States “No IP logging” and that its logs are deleted within 24 hours. It has also been audited by KPMG to verify transparency. However, as a US-based company, it is subject to US laws like the Patriot Act and CLOUD Act. It is considered one of the more privacy-oriented providers among US-based options.
  • NextDNS: Offers optional logging, which can be completely disabled. It is designed with a strong privacy focus and states it does not sell data. For users who choose to enable logging, NextDNS offers the option to store logs in various server locations, including those within the EU and Switzerland. While the co-founders are French and also founded dns0.eu, NextDNS is identified as a US-based company.

In summary, non-profit/NGO DNS providers generally offer the strictest no-logging policies, often leveraging strong privacy laws of their operating countries (e.g., Sweden, Germany, Switzerland). Government-backed DNS like DNS4EU aims for high privacy and EU law compliance with detailed anonymization, but it does involve some level of anonymized logging and specific exceptions for non-anonymized data. Corporate DNS providers have varied policies, with some like Cloudflare and NextDNS offering commitments to limited or optional logging, but they are typically subject to the laws of their base countries, which can be a concern for some users.

Finding Your Ideal DNS Solution

Choosing the right DNS provider can be complex, especially with varying logging policies and legal jurisdictions. As you’ve seen, non-profit/NGO providers often offer the strictest no-logging policies, benefiting from robust privacy laws in countries like Sweden, Germany, and Switzerland. Government initiatives like DNS4EU prioritize high privacy and EU law compliance with detailed anonymization, though they do involve some level of anonymized logging. Meanwhile, corporate DNS providers like Cloudflare and NextDNS offer strong commitments to limited or optional logging, but their operations are tied to the laws of their base countries, which might be a consideration for some.

Navigating these nuances to find a DNS solution that aligns with your specific privacy and security needs can be challenging. We can help.

Visit our Services Page to discover how we can provide unbiased assistance in identifying the best DNS solution for your unique requirements.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Request Your
Pentest Summer 2025

Get a Quote!