What is DNS4EU?
DNS4EU is an initiative by the European Commission that aims to offer an alternative to the public DNS resolvers currently dominating the market.
The majority of European Union (EU) businesses heavily depend on a small number of publicly operated DNS resolvers that are managed by entities outside the EU. In the event that any of these resolver services face disruptions, it significantly complicates the ability of EU authorities to manage potential malicious cyberattacks, as well as handle significant geopolitical and technical incidents effectively. The aim is to ensure that data of EU citizens and public institutions are secure and that they abide by GDPR and other privacy standards, while staying 100% in the EU digital space.
DNS4EU, a European initiative, presents multiple avenues for establishing a secure and compliant DNS resolver, aligning seamlessly with EU regulations.
What is the goal and purpose of this project?
The goal of DNS4EU is to ensure the digital sovereignty of the EU by providing a private, safe, and independent European DNS resolver.
The DNS4EU initiative aligns with the EU's strategic goal of enhancing its digital autonomy by providing an alternative to the existing public DNS services provided by non-european entities.
Who is involved in the development and research?
The entire project is managed by an international consortium, comprising private cybersecurity companies, CERTs, and academic institutions from 10 European Union countries
Leader of the consortium is Whalebone.
- Whalebone - a cybersecurity company developing zero-disruption products for Telcos, ISPs, and enterprises. It provides millions of internet users as above seamless DNS security, protecting them from malware, phishing schemes, ransomware, and other malicious digital attacks without the need to download anything.
- Other members of the consortium are CZ.NIC (CZE), CVUT (CZE), Time.lex (BE), deSEC (GER), Sztaki (HUN), ABILAB (ITA), NASK (POL), DNSC (RO). Inseparable role plays associated partners that provide the consortium with consultation and sharing know-how.
Associated partners are F-SECURE (FIN), CESNET (CZE), Ministry of Electronic Governance (BG).
More about the consortium here.
Who can participate in the DNS4EU?
DNS4EU includes options for different audience segments.
- Public and free DNS resolver will be available for end-users and those subjects that wish to join this free service with basic DNS security protection.
- DNS4EU for Governments
Protection for thousands of organizations on the DNS level. This is a completely different use case from just a public resolver.
- DNS4EU for Telcos
- Last pillar is dedicated to Threat Intelligence (CERTs, CSIRTs and academic subjects). DNS4EU threat intelligence is enhanced by CERTs and other institutions all around the EU, providing information on EU-specific threats, as well as by the data about cyberattacks gathered through the telco partners. CERTs are valuable partners for effective collaboration in local threat intelligence exchange.
How does DNS4EU work?
The DNS resolver basically translates the domain names people use to machine-readable IP addresses and back.
Mostly, people and institutions use the DNS resolver set by their connection provider.
DNS4EU, a European initiative, presents multiple avenues for establishing a secure and compliant DNS resolver.
This DNS resolver, which not only fulfills this basic function, but is able to filter out malicious traffic as well, thus effectively protecting any device using the resolver with no need for installation or maintenance of any software. Basically, if any device connected to the DNS4EU Resolver tries to access a malicious domain (for example to activate a malware or to access a scam website), it is stopped immediately, preventing any damage the threat may have caused.
Moreover, the resolver and all of the processes necessary for its development and operation are hosted 100% in the EU, thus making sure that it abides GDPR and all highest privacy norms set by the EU.
Basically, if any device connected to the DNS4EU Resolver tries to access a malicious domain (for example to activate a malware or to access a scam website), it is stopped immediately, preventing any damage the threat may have caused.
What is the timeline of this project?
The project officially started in January 2023. DNS4EU is co-funded by the EU from 2023 to 2025. The EU will partially contribute to the development of the infrastructure and It is expected and encouraged by the European Commission that the service is commercialized, since it has to be sustainable without operational costs from the EU after 2025.
Is DNS4EU mandatory? What about potential censorship?
To ensure net neutrality and freedom for the internet users, the usage of DNS4EU is voluntary for EU citizens and they are always free to choose a different DNS provider.
This project provides the European Commission with no means of censorship. Furthermore, this would be against the goals of the project, which aims to be commercially successful. The EU will not have access to configuration, data, etc. On top of that, DNS4EU will not be forced on anyone. It will just abide to local restrictions, just as any internet service provider has to anyway. In other words, DNS4EU is not a way toward censorship, but actually toward data protection and better quality of the internet in Europe.
How does DNS4EU and NIS2 fit together?
“Member states should encourage the development and use of public and secure European DNS resolver service.” NIS2 directive, 2023
DNS4EU, a European initiative, presents multiple avenues for establishing a secure and compliant DNS resolver, aligning seamlessly with EU regulations. Its base lies in the cornerstone EU documents such as the Cybersecurity Strategy of the EU. Finally, it was recommended in the European Parliament and Council’s directive NIS2.
4 points to remember
EU’s Digital Sovereignty
The European Commission aims to keep user’s data in the Union digital space to support its digital independence and sovereignty.
Onboard 100 Million People
The goal of the DNS4EU is to collaborate with various EU stakeholders to provide safe, private and stable internet for EU citizens.
Citizens of the EU should be provided with DNS resolution that adheres to the highest privacy standards, incl all the EU data privacy regulations.
Whalebone is a cybersecurity company founded in 2016 in Brno, Czech republic – the major central European tech hub. With its security products, the company currently protects millions of people worldwide through telcos, ISPs , as well as company networks all over the world. Since all of Whalebone's products operate on the network DNS level, we can protect all the connected devices, including the IoT and other devices that are otherwise difficult or impossible to protect. On top of that, all of this happens in the simplest possible way, so that everyone gets a chance to be seamlessly protected.www.whalebone.io
CZ.NIC is an interest association of legal entities founded in 1998 by leading providers of Internet services in the Czech Republic. The principal activities include operation of the CZ domain registry and DNS servers for the CZ top-level domain (TLD). Besides the domain name registry, the Association is strongly involved in research and development, cyber security, standardisation activities as well as promoting new technologies.
The Czech Technical University in Prague is one of the largest and oldest technical universities in Europe. The AI Center (AIC) is an excellent research institution covering a wide range of artificial intelligence research with strong emphasis on applications. We cover the following research areas and application domains: robotics, machine learning, optimization, cybersecurity and smart mobility.
The main responsibility of DNSC is to ensure the cyber security of the national civilian cyberspace, in collaboration with the competent institutions and authorities. DNSC is the competent authority at the national level for the national civilian cyberspace, including the management of risks and cyber incidents.
The CERT Polska team operates within the structures of NASK (Research and Academic Computer Network) — a research institute which conducts scientific studies, operates the national .pl domain registry and provides advanced IT services.
The primary task of HUN-REN SZTAKI is to perform basic and application-oriented research in an interdisciplinary setting in the fields of computer science, engineering, IT, intelligent systems, process control, multimedia, and wide area networking. The institute also provides the technical base for HunCERT, a specialized team that aims to assist Hungarian ISPs in the proactive management of network incidents, while raising public awareness about cyber security.
ABI Lab is a consortium of banks and companies whose mission is to analyse and promote
innovation in the Italian banking sector. Through its Centres of Excellence, ABI Lab conducts
primary research in key areas including, Digital Transformation, Fintech, Blockchain/DLT,
Cybersecurity, AI, IT and Operations and Sustainable Transition.
deSEC is an NGO committed to increasing Internet security and privacy for users. Its current main project is the spread of DNSSEC, which is pursued by providing a DNS hosting service that is both security enabled and privacy aware. The service furthermore offers and advertises new DNS technology, novel DNS use cases and DNS best practices.
Time.lex is a boutique law firm based in Brussels, specialized in information and technology law in the broadest sense, including privacy protection, data and information management, e-business, intellectual property and telecommunications. Its activities cover all legal issues encountered in the creation, management and exploitation of information and technology, in all of its diverse forms.