Lawmakers Question Google Over Encryption Plans

Google's plan to encrypt more traffic on the Chrome browser is drawing attention from a House panel investigating the company over antitrust issues.

The House Judiciary Committee recently sent a 17-page letter to Google that included questions about the encryption plan known as DNS over HTTPS protocol (DoH). That protocol would make it harder for outside parties to intercept users as they navigate to websites.

The lawmakers requested all communications related to Google's decision about DoH, “including discussions about whether to implement DoH as the default setting for Chrome or for Android and whether data collected or processed through DoH will be used for any commercial purposes.”

advertisement

advertisement

DNS, often described as a phone book for the web, translates the addresses people type into a URL bar into IP addresses. Google said earlier this month that Chrome 78 will use the encrypted DNS over HTTPS protocol, but only for the small proportion of users who have configured their computers to use one of six DNS providers -- including Cloudflare, OpenDNS and Google's own DNS service (Google Public DNS). 

“Our proposal for DoH enables secure connections and does not change a user’s DNS, so all existing filters and controls remain intact,” a company spokesperson stated Monday.

Google has said the new protocol will boost privacy and security. “When connected on a public WiFi, DoH would prevent other WiFi users from seeing which websites you visit, as well as prevent potential spoofing or pharming attacks,” Kenji Baheux, Chrome product manager, wrote in a Sept. 10 blog post.

Organizations representing cable companies and telecoms recently expressed concerns to Congress about Google's plan, arguing it would give Google more control over consumers' data.

“While we recognize the potential positive effects of encryption, we are concerned about the potential for default, centralized resolution of DNS queries, and the collection of the majority of worldwide DNS data by a single, global internet company,” the CTIA, NCTA - The Internet & Television Association, and US Telecom -- The Broadband Association, said in a September 19 letter to lawmakers.

A spokesperson for the House Energy and Commerce Committee said the panel has “heard from stakeholders on all sides,” according to The Wall Street Journal, which reported Sunday night on the controversy.

The lobbying groups also argue that Google's plan will lead to a more centralized web.

“DNS acts as a telephone directory for the Internet and has historically been broadly dispersed, on a de-centralized 'local basis,'” the lobbying groups wrote. “Google is unilaterally moving forward with centralizing encrypted domain name requests within Chrome and Android, rather than having DNS queries dispersed amongst hundreds of providers.”

Google counters that there is no basis for that concern. “Google has no plans to centralize or change people’s DNS providers to Google by default,” a spokesperson says. Any claim that we are trying to become the centralized encrypted DNS provider is inaccurate.”

Next story loading loading..