Mozilla Won't Turn on DoH as Default in the UK Like It's Planning to Do in the US

By Shabana Arif on at

Despite looking to make DNS-over-HTTPS (DoH) the default for its American users, Mozilla has assured culture secretary Nicky Morgan that this won't be the case in the UK.

DoH has been fairly controversial, with the Internet Services Providers Association (ISPAUK) nominating Mozilla for an 'Internet Villain' over the whole thing, saying it will "bypass UK filtering obligations and parental controls, undermining internet safety standards in the UK."

In his letter to Morgan, Mozilla vice president of global policy, trust and security, Alan Davidson, stressed that the company “has no plans to turn on our DoH feature by default in the United Kingdom and will not do so without further engagement with public and private stakeholders”.

He did add that Mozilla does "strongly believe that DoH would offer real security benefits to UK citizens. The DNS is one of the oldest parts of the internet’s architecture, and remains largely untouched by efforts to make the web more secure.

"Because current DNS requests are unencrypted, the road that connects your citizens to their online destination is still open and used by bad actors looking to violate user privacy, attack communications, and spy on browsing activity. People’s most personal information, such as their health-related data, can be tracked, collected, leaked and used against people’s best interest. Your citizens deserve to be protected from that threat.”

Whilst safety is an issue, it has to be balanced with privacy, and walking the line between freedom and forms of censorship is never easy. The sexual abuse and exploitation of children is often cited in this debate, with a government spokesperson stating that it's "an abhorrent crime that this Government is committed to tackling," and one of the measures is blocking certain websites that DoH would allow users to circumvent.

“While we look to support security and privacy online, it is vital that all sectors of the digital industry consider child safety when developing their systems and services. We are working with industry on solutions to any potential problems as part of our ongoing work to make the UK the safest place in the world to be online," they said. [The Guardian]