DNSFilter CEO Responds to Quad9 Injunction: “DNS resolvers should not police the internet for copyright violations”

In June of this year, Sony Music filed an injunction against DNS resolver Quad9 to block a particular website that contains links to a number of file-sharing sites. When I originally read about this injunction, my initial thought was that Sony was seeking to block access to peer-to-peer sites through Quad9. I supported Quad9’s objection as that type of content filtering should be available to the end customer at the customer’s discretion to use. However, I was floored to learn that the site in question does not actually host any content infringing on copyright. It was a listing of links to peer-to-peer domains. The copyright infringement mentioned in the injunction is a single Evanescence album that was released in March.

As the CEO of a company that provides resolver services in the DNS security space, I support Quad9’s objection to the injunction filed against them by Sony Music. With this case, the courts are creating an environment where litigation of third party security providers can become the norm. Every DNS resolver service should be outraged.

To put Sony’s injunction into perspective, DNSFilter sees over 150,000 queries to P2P or “pirating capable” sites on our network each day. That category is visible as part of our service, and roughly 85% of these queries are blocked by our customers based on either a personal choice or their company policy requirements. But according to this injunction, Quad9 is first being asked to block directly, removing the option from its customers. Second, the site in question and related domains might not even be categorized as P2P per our category service as it is not explicitly a pirating site. This raises the question that in the future if this is enforced, are DNS resolvers now responsible for creating an entirely new category of domains that link or are related to P2P sites? And are DNS resolvers required to block these categories regardless of legitimate use?

According to the injunction, Quad9 could incur a fine of up to $298,356.00 (€250,000) for not blocking the site. In the event they cannot pay the fine, they could be subject to a prison sentence of at least 6 months but not exceeding 2 years. There is no detail in the injunction how many times Quad9 might be responsible for paying this amount. So it is unclear if this would be a one-time fine for failing to comply, or an offense where Quad9 could incur multiple penalties.

As Quad9 is a privacy-centric non-profit, this injunction seems to be a targeted attack on a company with fewer resources, as opposed to a genuine attempt to stop piracy. There are larger players that Sony Music could choose to go after in the DNS space—companies that profit off of their solution, which Quad9 does not. But Quad9 is likely an easy target for them because they’re a non-profit, and also because they are now headquartered in Europe, and therefore eligible to be sued under EU law.

It’s possible that Sony Music is targeting an industry that is growing rapidly, attempting to create new policies now instead of at the point when DNS protection is as ubiquitous as anti-virus—a future that’s virtually here.

But another question I have is: Why go after ISPs and DNS resolvers in the first place? DNS resolvers are a distant third party when it comes to the accessibility of illegal content online. Sony Music should take this issue to those committing the infringement and those hosting the pirated content. DNS resolvers are not responsible for what content is on the internet, they simply resolve the queries. And in many cases, with DNS resolvers like DNSFilter, our content filtering applications actually reduce traffic to peer-to-peer sharing and other illegal sites.

We agree with Quad9 that this injunction could set a dangerous precedent where companies uninvolved with piracy will find themselves responsible for policing online content, adding significant costs and risks to platforms meant for cybersecurity intended to be used for protecting users from malicious content such as ransomware. The costs of these fines could be astronomical depending on how they are enforced. Pirating has been going on for decades, and there will always be a black market for this type of material.

Both Quad9 and DNSFilter’s main objective is to stop users from accessing malicious content online, such as malware, phishing, and botnet sites. As Quad9 addressed in a statement, complying with this injunction will detract from their true mission as it will add unnecessary overhead to the operational costs of their platform, and diminish the quality of the user experience.

While we are against piracy and intellectual property theft, it is not the job of a DNS resolver to police the internet for copyright violations. It is our responsibility to give our users the capability to protect themselves in a digital space. The true parties responsible for this content should be the ones incurring the costs. In the meantime, all of our customers have the option to block these sites if they choose to.

We look forward to supporting Quad9 fully and joining forces with other cybersecurity companies to fight what we believe is only the beginning of a larger attempt to enforce control over internet piracy using DNS resolution as the mechanism.

 

Search
  • There are no suggestions because the search field is empty.
Latest posts
2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025 2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025

Earlier this month I joined Mikey Pruitt, our Global Partner Evangelist, on the DNSFilter podcast dnsUNFILTERED to discuss my 2025 cybersecurity predictions. We had a lot of fun and covered all of the points I’ll outline here, but I wanted to go deeper. My 30 years of cybersecurity experience have given me a strong sense of where we’re heading as an industry—the shift to the cloud in many ways is a precursor in the adoption of AI and the future...

From Reactive to Proactive: How to Create a DNS Security Strategy that Stops Attacks From Reactive to Proactive: How to Create a DNS Security Strategy that Stops Attacks

Most businesses only think about DNS security after an attack has already occurred. By then, the damage is done - downtime, lost revenue, compromised data, and a tarnished reputation. In an environment where cyber threats are constantly evolving, a reactive approach to DNS security simply isn’t enough.

How MSPs Can Enhance Customer Experience with Technology How MSPs Can Enhance Customer Experience with Technology

Customer experience is the secret sauce that sets successful Managed Service Providers (MSPs) apart from the rest. In a market teeming with competition, you need to offer more than the best technology or the lowest prices. It's about how clients feel when they interact with your services. A stellar customer experience can transform a one-time client into a loyal advocate, while a poor one can send them running to your competitors. According to a ...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.