Person using laptop in the dark with shadow behind them representing the shadowy and looming threat of Google and Mozilla/Cloudflare's move toward centralized DoH
October 11, 2019

Google’s Centralized DoH Plan Could Grow Online Child Sexual Abuse and Break Safety Filters

From high speed Internet, 4G/5G, smartphones, streaming media, social media apps, to TOR and centralized DoH the amazing technological advances revolutionizing our daily lives have also been adapted—with incredibly devastating “success”—to further criminal and sexually exploitative ends.

It’s been more than 20 years since I first became involved in the movement to end sexual exploitation. I started out as a very small actor in the effort to pass what we today call the Trafficking Victims Protection Act (TVPA). In those days, our primary way of sending advocacy letters to members of Congress was by fax and we accessed the Internet via noisy and slow dial-up connections. None of us advocating to end sex trafficking then could have envisioned the wide-ranging impact that technological advances would have in expanding and normalizing sexual exploitation in the U.S. and around the world.

The New York Times’ report titled “The Internet is Overrun with Images of Child Sexual Abuse” gives us one such gut-wrenching glimpse into this reality and is a must read.

As a Gen Xer and someone not interested in technology or highly adaptive to change, I was only too happy to let the rapidly shifting technological landscape pass me by. Life in the slow lane with my hard bound books and flip phone was just fine with me. If great civilizations throughout the millennia could flourish without the aid of smartphones, e-readers, and texting then so could I!

Perhaps this may have been true if I had a different career but, as I have much too slowly come to realize, as an advocate for the abolition of sexual abuse and exploitation understanding the intricacies of tech is not an option—it’s essential. The scale of the threats posed by the reckless, and sometimes nefarious, powerbrokers in the world of Big Tech make it imperative that advocates—be they frontline social workers, program directors, coalition leaders, parents, or policymakers—dig into technology issues.  

At NCOSE we’ve recently been wrestling with one such issue: DNS to HTTPS encryption (DoH). It’s a big doughy mess of a topic for techies and non-techies alike that just so happens to be of crucial importance to not only how the Internet works, but also to maintaining the ecosystem of filter and anti-malware systems that help keep us all safe online and, very importantly, which also help us prevent sexual exploitation online.

Blurred image of a young child in a bed surrounded by stuffed animals as a somber commentary on the prevalence of child sexual abuse images
Child Sexual Abuse Images Are Flooding the Internet and (Almost) No One is Fighting Back

The Domain Name System (DNS) is the system by which we retrieve information on the Internet through domain names like dictionary.com. Commonly referred to as the “phone book” of the Internet, the DNS converts website names, which are easily readable by people, to Internet Protocol (IP) addresses, which are unique numerical labels that get linked to your online activity. DNS servers are the computers which together form the system by which domain names are translated into IP addresses. 

The current DNS system is open and decentralized; Internet Service Providers (ISPs) route, or direct, Internet traffic based on the visibility of user domain name requests for specific sites. This “architecture” facilitates both policing and filtering. Internet safety tools and filters used by parents, libraries, and schools often rely on the ability of ISPs to “see” DNS addresses in order to keep children safe online.

Internet security experts are working to increase Internet privacy and security—very necessary and worthy goals—by securing domain name searches, which at present can be monitored, intercepted, and misdirected. One option developed by the Internet Engineering Task Force (IEFT) is a new protocol, DNS over HTTPS (DoH), which encrypts user domain name queries over a secure HTTPS connection to a DNS server, rather than by a standard unencrypted DNS connection.

So far, so good… except that key browser and mobile operating system providers are set to deploy DoH on a centralized basis (“centralized DoH”). This will dramatically change the Internet by rerouting web traffic in ways that will likely make many child protection tools and filters obsolete.

Just who are those “key browser and mobile operating system providers”? None other than Google and Mozilla. Mozilla Firefox, in partnership with Cloudflare, began its rollout of DoH in late September. Google intends to roll out its DoH protocol as the default setting on its Chrome browser starting October 22, and is also poised to implement this system on Android devices.

Yes, that’s the same Google that already controls 70% of the browser market and which, as reports have revealed, has an apparent track record of supporting entities like Backpage.com that are now under federal prosecution for sex trafficking. 

All search activity using Google browsers will be encrypted and hidden from everyone—including law enforcement—except Google. Google will in effect, encrypt all information funneled through its products and direct it to land on its own server where Google will house all of our data. Thus, DNS will be centralized by one major entity: Google.

.@google's centralized DoH plan will dramatically change the Internet by rerouting web traffic in ways that will likely make many child protection tools and filters obsolete. Click To Tweet

Because Google and Mozilla’s iteration of DoH will make it harder to identify illegal content normally blocked by the ISPs, it could disrupt the way many tools function to protect children in homes, libraries, and schools. Since all domain name queries will be encrypted, traditional tools developed for child safety may be broken and countless images of child sexual abuse victims could potentially become widely accessible. 

For a crash course on DoH and the security risks involved, we encourage you to check out these articles and reports:

In light of the staggering implications of centralized DoH for online sexual exploitation, NCOSE and nineteen other groups sent a letter to members of the House and Senate Judiciary and Commerce Committees urging them to look into the unforeseen consequences of DoH and to press Google and Mozilla to prioritize child safety online. 

You can take action too! Please study this issue. Contact your congressional offices and ask them to slow down Google and Mozilla’s unilateral decision to centralize DoH. Also, sign our petition to Google! It’s time to tell the titans of tech that the safety and well-being of children online is not a tech experiment. All stakeholders need to be involved in DoH implementation and child safety online must no longer be an afterthought to the tech industry.

References:

1 – Zak Doffman, “Google Chrome Update – ‘A Threat to Children, Cybersecurity and Government Snooping,’” Forbes (April 22, 2019), forbes.com/sites/zakdoffman/2019/04/22/crisis-as-changes-to-google-chrome-threaten-child-safety-and-cybersecurity/#6649e1f45704.\

2 – Shane Tews, “Should Big Tech be the Sole Operator of the Internet’s Domain Name Infrastructure” (June 25, 2019), aei.org/publication/should-big-tech-be-the-sole-operator-of-the-internets-domain-name-infrastructure.

3 – Danny Bradbury, “Google Experiments with DNS-over_HTTPS in Chrome,” Naked Security (September 12, 2019), nakedsecurity.sophos.com/2019/09/12/google-experiments-with-dns-over-http-in-chrome.

4 – Fred Langford, “DNS over HTTPS: Why We’re Saying DoH could be Catastrophic,” Internet Watch Foundation (July 17, 2019), iwf.org.uk/news/dns-over-https-why-we’re-saying-doh-could-be-catastrophic.

5 – Tews, ibid.

Contribute to Defend Human Dignity


Your gift today will help change policies and public opinion regarding sexual exploitation issues like pornography, sex trafficking, child abuse, and more.

Donate

Lisa L. Thompson

headshot of Lisa Thompson

Vice President of Policy and Research

As Vice President of Policy and Research for the National Center on Sexual Exploitation, Lisa conducts policy analysis and advocacy, advances understanding of pornography’s public health harms, and liaises with public officials, advocates, and academics to advance strategies combating the web of sexual exploitation, including pornography, stripping, prostitution, sexual trafficking, sexual assault, and more.

Lisa joined NCOSE following two years with World Hope International where as Director of Anti-Trafficking, Lisa oversaw sex trafficking recovery programs in Cambodia, Liberia, and Sierra Leone. Lisa is a contributing author to Hands that Heal: International Curriculum for Caregivers of Trafficking Survivors, as well as the book Global Perspectives on Prostitution and Sex Trafficking:  Europe Latin America, North America, and Global. Lisa also routinely speaks and trains on sexual exploitation topics for a diverse range of audiences. Lisa served for more than 12 years as the Liaison for the Abolition of Sexual Trafficking for The Salvation Army USA National Headquarters.

Lisa earned a Bachelor of Arts in Government from Western Kentucky University, and Master’s degree in Leadership, Public Policy and Social Issues from Union Institute and University.

Further Reading

Related