ISPs lied to Congress to spread confusion about encrypted DNS, Mozilla says

Mozilla is urging Congress to reject the broadband industry's lobbying campaign against encrypted DNS in Firefox and Chrome.

The Internet providers' fight against this privacy feature raises questions about how they use broadband customers' Web-browsing data, Mozilla wrote in a letter sent today to the chairs and ranking members of three House of Representatives committees. Mozilla also said that Internet providers have been giving inaccurate information to lawmakers and urged Congress to "publicly probe current ISP data collection and use policies."

DNS over HTTPS helps keep eavesdroppers from seeing what DNS lookups your browser is making. This can make it more difficult for ISPs or other third parties to monitor what websites you visit.

"Unsurprisingly, our work on DoH [DNS over HTTPS] has prompted a campaign to forestall these privacy and security protections, as demonstrated by the recent letter to Congress from major telecommunications associations. That letter contained a number of factual inaccuracies," Mozilla Senior Director of Trust and Security Marshall Erwin wrote.

That ISP abuse includes mobile providers selling real-time location data "to third parties without user knowledge or meaningful consent;" ISPs such as Comcast "manipulat[ing] DNS to serve advertisements to consumers;" Verizon's use of "supercookies" to track Internet activity; and AT&T charging customers an extra $29 per month to avoid "the collection and monetization of their browsing history for targeted ads," Mozilla told Congress.

Web users are tracked by Google, Facebook, and other advertising companies, of course. ISPs, though, have "privileged access" to users' browsing histories because they act as the gateway to the Internet, Erwin said to Ars.

There is already "remarkably sophisticated micro-targeting across the Web," and "we don't want to see that business model duplicated in the middle of the network," he said. "We think it's just a mistake to use DNS for those purposes."

Be the first to comment

Please check your e-mail for a link to activate your account.