en

IPv4

  • 9.9.9.9
  • 149.112.112.112

    • IPv6

  • 2620:fe::fe
  • 2620:fe::9
    • More options
    Back to Blog
    blog

    A Letter from the GM: Urgent Call for EU Legislative Protection of Core Internet Security Infrastructure

    27 November 2025

    Dear European Unions Legislative Authorities, the European Parliament, and the Council of the European Union,

    As General Manager of Quad9, I am writing to express serious concern regarding emerging proposals that would require DNS resolvers to intervene in content enforcement actions. Such measures risk compromising a critical security layer that protects European citizens and businesses from online crime.

    Quad9 is a nonprofit public-benefit foundation providing recursive DNS resolution with embedded security protections to more than a hundred million users globally. It operates exclusively at the recursive DNS layer and does not host, modify, or distribute content. Our role is to prevent communication with known malicious hosts based on threat intelligence sourced from multiple independent providers. This protective function is recognised under the principle of technical neutrality in EU telecommunications regulation and is consistent with the objectives of NIS2, which places strong emphasis on resilience and security of essential digital infrastructure.

    The scale of the online threat is well-documented. In the 12 months to mid 2025, German consumers alone were estimated to have lost €10.6 billion to online scams including phishing, account compromise, and malware-enabled fraud. In that same time period, Quad9 blocked billions of attempted connections to malicious infrastructure across the EU. These blocks represent prevented harm. Weakening or encumbering the operation of recursive DNS resolvers would foreseeably increase exposure to exactly the types of attacks responsible for these losses.

    There is a material difference between:

    • Content distribution services, which can be used to transmit infringing content, and
    • Security infrastructure services, which prevent the spread and impact of online crime.

    Applying content-enforcement measures at the DNS resolver layer conflates these roles and risks undermining the security posture of citizens, businesses, public administrations, and critical services.

    We therefore ask that forthcoming legislative and regulatory measures:

    • Preserve the principle of technical neutrality by ensuring DNS resolvers operating as security services are not compelled to alter DNS replies.
    • Avoid DNS-layer blocking obligations directed at recursive resolvers, as such measures interfere with the underlying infrastructure of the internet, increasing systemic vulnerability.
    • Ensure proportionality under the Digital Services Act, recognising that nonprofit public-benefit infrastructure providers do not have the scale or role of hosting, platforming, or content-distribution intermediaries.
    • Promote a consistent EU-wide environment for safety-enhancing network services, in line with the objectives of NIS2, to strengthen the resilience of digital infrastructure across Member States.

    Quad9 stands ready to provide data, operational evidence, and technical expertise to support the Commission’s work in ensuring that measures to combat online piracy do not inadvertently weaken the security and stability of the European digital ecosystem.

    Yours sincerely,

    Simon Forster
    General Manager
    Quad9 Foundation