Jump to content

European DNS Resolver Policy

Norm
Norm title European DNS Resolver Policy
Type of norm Policy
Geographic scope Regional
Status Active
Official text https://europeanresolverpolicy.com/
Related Norms GDPR

The European Resolver Policy is an industry-led initiative that sets out best practices for the protection of personal data by DNS resolver operators in Europe in response to the GDPR.[1] It was developed in recognition of most users' lack of understanding of DNS and concerns over being tracked and data monetized.[2] Key figures: Andrew Campling, of 419 Consulting, Andrey Meshkov, of AdGuard, Richard Malovic, of Whalebone, Vittorio Bertola, of Open Xchange, Ken Carnesi, of DNSFilter, and John Todd, of Quad9.[3]

Policy Area Component 1 Component 2 Component 3 Component 4 Component 5 Component 6
privacy DNS Operators MUST make, document and publish their operational practices to protect the privacy and security of their users' data. DNS Operators SHOULD NOT retain or transfer to any third party any personal data arising from the use of these services except where anonymized or aggregated data is necessary for cybersecurity, DNS analytics, reporting, and research purposes. DNS Operators SHOULD NOT directly or indirectly monetize any personal data arising from the use of these services and SHOULD NOT enable other parties to monetize the data either. DNS Operators SHOULD NOT use or require HTTP cookies or other tracking techniques when communicating The practices documented in section 5 of the IETFs RFC 8932 (Recommendations for DNS Privacy Service Operators) SHOULD be adopted
security/filtering Blocking: must detail categories of material Filtering: should be possible to both opt-in and opt-out Cyber intelligence: aggregated material should be shared with DNS clients that use HTTP-based DNS transports for resolution.
transparency Transparency and privacy notice – readily accessible, written using plain language kept up to date Confirmation of the national jurisdiction that it operates under Clarity on compliance with EU and national legislation Details of any personal data that is stored or processed Details of data requests from law enforcement agencies – origin and action taken Complaints procedure for filtering

References[edit | edit source]

Hypertext Transfer Protocol. Application-level protocol for distributed, collaborative, hypermedia information systems (RFC 2616).

Request For Comments. Archival series dedicated to documenting Internet technical specifications, including general contributions from the Internet research and engineering community as well as standards documents (RFC Editor Model, Version 3).

Europe, according to the ICANN Geographic Regions (ICANN Geographic Regions).

Retrieved from "https://icannwiki.org/index.php?title=European_DNS_Resolver_Policy&oldid=1394717"
Semantic properties for "European DNS Resolver Policy"
RDF feed
Has entity typeSpecifies the primary classification or fundamental type of the page's subject (e.g., Event, Organization, Person).
Norm +
Has geographic scopeDefines the geographical reach or jurisdiction of a governance process (Global, Regional, or National).
Regional +
Has norm type
Policy +
Has status
Active +
Is related to norm
GDPR +
Links to official text
Https://europeanresolverpolicy.com/ +