Associations representing the major broadband providers, wired and wireless, have contacted Hill leaders to try and get them to stop Google from adopting a new encryption regime for domain name lookups in its Chrome browser and Android operating system, a move they said could give the company too much power.
The move is being pitched as boosting privacy by making Web surveillance more difficult.
Some children's privacy groups have also registered their concerns about the new DNS over HTTPS (DoH) system, which they say could make it harder to ferret out and stop online child predators.
In a letter to the chairs and ranking members of the House and Senate Judiciary, Commerce (Energy & Commerce in the House), and Homeland Security committees, NCTA-The Internet & Television Association, CTIA and USTelecom, joined to warn of the possible repercussions of the new system "If not coordinated with others in the internet ecosystem."
"Google is unilaterally moving forward with centralizing encrypted domain name requests within Chrome and Android, rather than having DNS queries dispersed among hundreds of providers," they told the legislators.
They said that while they are aware of the upsides of encryption, the big downside would be Google's greater control over data use and the potential that it could "could inhibit competitors and possibly foreclose competition in advertising and other industries."
Congress is currently investigating how big edge providers, including Google, use their market power and technical expertise and whether antitrust laws are keeping pace with them.
They wrote about what they thought the consequences would be of Google's centralizing domain name encryption requests? ("the majority of worldwide internet traffic [both wired and wireless] runs through the Chrome browser or the Android operating system,":
"Over the last several decades, DNS has been used to build other critical internet features and functionality including: (a) the provision of parental controls and IoT management for end users; (b) connecting end users to the nearest content delivery networks, thus ensuring the delivery of content in the fastest, cheapest, and most reliable manner; and (c) assisting rights holders’ and law enforcement’s efforts in enforcing judicial orders in combating online piracy, as well as law enforcement’s efforts in enforcing judicial orders in combating the exploitation of minors," they wrote. "Google’s centralization of DNS would bypass these critical features, undermining important consumer services and protections, and likely resulting in confusion because consumers will not understand why these features are no longer working."
They also say having Google the centralized DNS gatekeeper would undermine cybersecurity.
The associations want the the committee to call on Google not to make its centralized encrypted DBS the default on its Chrome and Android platforms to adopt a more decentralized approach.
In a separate letter to some of the same legislators, the National Center on Sexual Exploitation and more than a dozen other groups warned that moving away from the dispersed model of DNS functionality will make it harder for watchdog groups to identify what websites are hosting child sex abuse images, for example.
"To be clear," they wrote, "our aim is not to demonize technology, and we clearly recognize that Internet users’ data should be secure. Furthermore, we are not calling for DoH to be banned, and we acknowledge that Internet encryption can serve useful security and privacy purposes."
"While Google and others are rightly striving to protect privacy, they have failed to prioritize child safety by not adequately accounting for the potential unintended consequences of encryption."
“We're currently experimenting with new ways to enhance online privacy and security while maintaining existing content filtering and parental controls," Google said in a statement. "Our proposal for DoH enables secure connections and does not change a user’s DNS, so all existing filters and controls remain intact. Furthermore, there is no change to how DNS providers work with law enforcement in accordance with court orders.”
Google is billing the move as an experiment, and only with DNS providers that already support DoH.
According to Google, Chrome is experimenting with DoH and the feature won't be enabled for the vast majority of users, who can also opt out.
As to the centralizing charge. Google says it has no plans to "centralize" by default, so that charge is not accurate.