The European Union is determined to develop its own recursive DNS service, which will make it available to both the EU institutions and the public and private sector companies in general, free of charge. The service, called DNS4EU, is currently in the planning phase, and the European Union is looking for partners to help it develop an infrastructure that can serve its 27 member states.
From the EU they point out that they became interested in the development of a centrally managed DNS service based in the European Union after observing the consolidation of the DNS market around a very small group of operators from outside the EU. For the EU, this consolidation makes the DNS resolution process, by consolidating «be vulnerable in the event of draft issues affecting a large supplier«. But it is not the only factor that has led the EU to develop DNS4EU, there are other factors that have driven it, such as cybersecurity and data privacy.
According to the European Union, DNS4EU will integrate filtering capabilities which will allow blocking of domain name resolutions for harmful domains. For example, those of pages that have malware, phishing pages or those that harbor other cybersecurity threats.
This filtering capability will be developed based on threat intelligence feeds provided by trusted partners. Among them, the different national CERT teams in the area, which could be used to defend organizations and companies in Europe from the most common threats.
It is not yet clear if it will be mandatory for national government organizations across the European Union to use DNS4EU, but if it is, it would grant entities like CERT-EU more power, as well as the agility to block cyber attacks as soon as they are detected.
On the other hand, EU officials also want to use DNS4EU as a filtering system to block access to other types of prohibited content, which they could do using court orders. There are not many details on this yet, but it probably refers to the domains of pages with child sexual abuse material or content that is pirated and violates copyright laws.
The proposed DNS4EU system will have to comply with all data processing laws, such as the GDPR, ensure that domain name resolution data is processed in Europe, and prohibit the sale or monetization of any personal data with the what work. As for the technical details, DNS4EU will have to support all current standards and technologies. Among them are DNSSEC, DoT and DoH. It will also have to be IPv6 compatible.
The company or companies that are selected for the development of DNS4EU will also have to generate and manage a website with instructions so that users can modify the DNS configuration of your devices to use DNS4EU servers for name resolutions.
