On Tuesday, the Internet Services Providers’ Association (ISPA) which is also UK’s Trade Association for providers of internet services announced that the nomination of Mozilla Firefox has been withdrawn from the “Internet Villain Category”. This decision came after they saw a global backlash to their nomination of Mozilla for their DNS-over-HTTPS (DoH) push. ISPA withdrew the Internet Villain category as a whole from the ISPA Awards 2019 ceremony which will be held today in London.
— Internet Services Providers Association (ISPAUK) (@ISPAUK) July 9, 2019
The official blog post reads, “Last week ISPA included Mozilla in our list of Internet Villain nominees for our upcoming annual awards.
In the 21 years the event has been running it is probably fair to say that no other nomination has generated such strong opinion. We have previously given the award to the Home Secretary for pushing surveillance legislation, leaders of regimes limiting freedom of speech and ambulance-chasing copyright lawyers. The villain category is intended to draw attention to an important issue in a light-hearted manner, but this year has clearly sent the wrong message, one that doesn’t reflect ISPA’s genuine desire to engage in a constructive dialogue. ISPA is therefore withdrawing the Mozilla nomination and Internet Villain category this year.”
Mozilla Firefox, which is the preferred browser for a lot of users encourages privacy protection and feature options to keep one’s Internet activity as private as possible.
One of the recently proposed features – DoH (DNS-over-HTTPS) which is still in the testing phase didn’t receive a good response from the ISPA trade association.
Hence, the ISPA decided to nominate Mozilla as one of the “Internet Villains” among the nominees for 2019. In their announcement, the ISPA mentioned that Mozilla is one of the Internet Villains for supporting DoH (DNS-over-HTTPS).
@mozilla is nominated for the #ISPAs #InternetVillain for their proposed approach to introduce DNS-over-HTTPS in such a way as to bypass UK filtering obligations and parental controls, undermining #internet safety standards in the UK. https://t.co/d9NaiaJYnk pic.twitter.com/WeZhLq2uvi
— Internet Services Providers Association (ISPAUK) (@ISPAUK) July 4, 2019
Mozilla on this announcement responded by saying that this is one way to know that they are fighting the good fight.
Well here's one way to know we're fighting the good fight. https://t.co/E0T3g1wrhl
— Firefox 🔥 (@firefox) July 5, 2019
On the other hand this announcement amongst the community garnered a lot of criticism. They rebuked ISPA for promoting online censorship and enabling rampant surveillance. Additionally there were comments of ISPA being the Internet Villian in this scenario. Some the tweet responses are given below:
@ISPAUK your thinly veiled attempt to promote online censorship and enable rampant surveillance is disgraceful. You're the true #InternetVillain. #deleteyourself. For those still sane, support @mozilla and trial #DoH https://t.co/MggUlDcJkJ
— Larry Brangwyn (@larik47) July 4, 2019
The UK should be nominated to Internet villain, not Mozilla.
— The End of Gondola (@gon_dla) July 5, 2019
I award Internet Villain status to @ISPAUK, for prioritising censorship and surveillance over personal freedom and Internet safety. Utter madness.
— Tethys (@ultratethys) July 4, 2019
Along with Mozilla, Article 13 Copyright Directive and United States President Donald Trump also appeared in the nominations list. Here’s how ISPA explained in their announcement:
“Mozilla – for their proposed approach to introduce DNS-over-HTTPS in such a way as to bypass UK filtering obligations and parental controls, undermining internet safety standards in the UK.
Article 13 Copyright Directive – for threatening freedom of expression online by requiring ‘content recognition technologies’ across platforms
President Donald Trump – for causing a huge amount of uncertainty across the complex, global telecommunications supply chain in the course of trying to protect national security”
Why are the ISPs pushing back against DNS-over-HTTPS?
DoH basically means that your DNS requests will be encrypted over an HTTPS connection. Traditionally, the DNS requests are unencrypted and your DNS provider or the ISP can monitor/control your browsing activity. Without DoH, you can easily enforce blocking/content filtering through your DNS provider or the ISP can do that when they want.
However, DoH takes that out of the equation and hence, you get a private browsing experience. Admittedly big broadband ISPs and politicians are concerned that large scale third-party deployments of DoH, which encrypts DNS requests using the common HTTPS protocol for websites (i.e. turning IP addresses into human readable domain names), could disrupt their ability to censor, track and control related internet services.
The above position is however a particularly narrow way of looking at the technology, because at its core DoH is about protecting user privacy and making internet connections more secure. As a result DoH is often praised and widely supported by the wider internet community.
Mozilla is not alone in pushing DoH but they found themselves being singled out by the ISPA because of their proposal to enable the feature by default within Firefox which is yet to happen. Google is also planning to introduce its own DoH solution in its Chrome browser. The result could be that ISPs lose a lot of their control over DNS and break their internet censorship plans.
Is DoH useful for internet users? If so, how?
On one side of the coin, DoH lets users bypass any content filters enforced by the DNS or the ISPs. So, it is a good thing that it will put a stop to Internet censorship and DoH will help in this.
But, on the other side, if you are a parent, you can no longer set content filters if your kid utilizes DoH on Mozilla Firefox. And potentially DoH could be a solution for some to bypass parental controls, which could be a bad thing. And this particular reason is given by the ISPA for nominating Mozilla for the Internet Villian category. It says that DNS-over-HTTPS will bypass UK filtering obligations and parental controls, undermining internet safety standards in the UK.
Also, using DoH means that you can no longer use the local host file, in case you are using it for ad blocking or for any other reason.
The Internet community criticized the way ISPA handled the back lash and withdrew the category as a whole. One of the user comments on Hacker News read, “You have to love how all their “thoughtful criticisms” of DNS over HTTPS have nothing to do with the things they cited in their nomination of Mozilla as villain. Their issue was explicitly “bypassing UK filtering obligations” not that load of flaming horseshit they just pulled out of their ass in response to the backlash.”
Translation: @ISPAUK has made a terrible judgment call, has entirely misunderstood the issue at hand and as a body supposedly representing ISPs has zero understanding of the industry they represent. Ergo, don’t bother being a member. Worthless organisation.
— Vince (@VModifiedMind) July 9, 2019