Firefox Announces New Partner in Delivering Private and Secure DNS Services to Users
NextDNS Joins Firefox’s Trusted Recursive Resolver Program Committing to Data Retention and Transparency Requirements that Respect User Privacy
Firefox announced a new partnership with NextDNS to provide Firefox users with private and secure encrypted Domain Name System (DNS) services through its Trusted Recursive Resolver Program. The company has committed to putting user privacy first in efforts to modernize DNS.
For more than 30 years, DNS has served as a key mechanism for accessing sites and services on the web. DNS is the Internet’s directory. It translates names we know like www.firefox.com to numeric Internet addresses that a computer understands. Almost every activity on the Internet begins with a DNS request.
The Domain Name System (DNS) is one of the oldest parts of internet architecture, and remains largely untouched by efforts to make the web safer and more private. Malicious actors can spy on or tamper with users’ browsing activity and DNS providers, including internet service providers (ISPs), can collect and monetize a user’s browsing activity.
Over the last two years, Firefox, in partnership with other industry stakeholders, has been working to develop, standardize, and deploy DNS over HTTPs (DoH). DoH aims to protect that same browsing activity from interception, manipulation, and collection in the middle of the network.
But encrypting DNS data with DoH is only the first step. Requiring the companies handling this data have rules in place – like the ones outlined in the TRR program – ensures that the access to that data is not being abused, is a necessary second.
“For most users, it’s very hard to know where their DNS requests go and what the resolver is doing with them.” said Eric Rescorla, Firefox CTO. “Firefox’s Trusted Recursive Resolver program allows Mozilla to negotiate with providers on your behalf and require that they have strong privacy policies before handling your DNS data. We’re excited to have NextDNS partner with us in our work to put people back in control of their data and privacy online.”
Our trusted recursive resolver program aims to standardize requirements for three areas: limiting data collection and retention from the resolver, ensuring transparency for any data retention that does occur, and limiting any potential use of the resolver to block access or modify content. By marrying the right technology – DoH – and strict operational requirements for those implementing it, we are improving user privacy by default by finding good partners, establishing legal agreements that put privacy first, and shipping a product we believe is best by default.
“We applaud Mozilla’s leading stance on privacy and we are proud to partner with them to offer the choice of a modern, fast and no-logs trusted DNS resolver to the Firefox community,” said Romain Cointepas, Co-founder, NextDNS.
NextDNS launched in March 2019 providing a fully customizable, modern and secure DNS resolver. Since then the company has worked to continue to improve the service and has released DNS-over-HTTPS apps for all major platforms (iOS, Android, macOS, Windows, Linux) and routers.
NextDNS is the latest resolver to join the TRR program. Cloudflare joined the program in 2018.
“Cloudflare joined the program back in 2018 with its launch of 1.1.1.1, the public DNS resolver built around the principle of privacy-first. We believe that giving consumers the ability to choose the fastest, most privacy-respecting DNS is a win-win. It’s good for them and it’s good for the Internet,” said Matthew Prince, co-founder & CEO, Cloudflare. “We hope more ISPs and DNS providers will follow this lead so we can finally encrypt one of the Internet’s most important protocols.”
While the TRR program, and its privacy first policies, is specific to Firefox’s implementation of DoH, we believe that all internet users are entitled to these protections. As the work to implement DoH continues, we look forward to bringing more partners into the TRR program who are committed to bringing the DNS system into the 21st century with the privacy and security protections users deserve and hope the rest of the industry follows suit.