What is DNS4EU?
DNS4EU is an initiative by the European Commission that aims to offer an alternative to the public DNS resolvers currently dominating the market.
Supported by the European Union Agency for Cybersecurity (ENISA), the European Union's DNS4EU secure-infrastructure project provides a protective, privacy-compliant, and resilient DNS service to strengthen the EU’s digital sovereignty and enhance digital security for European Union citizens, governments, and institutions.
The program provides robust DNS security for public institutions and their employees, ministries, local governments or municipalities, healthcare, education, and other critical services such as telecommunications providers. By working with the latter, for example, it ensures DNS resolution service for all of a telco’s customers, with minimum manual overhead for their teams.
Additionally, the DNS4EU solutions aid organizations in complying with regulatory requirements (such as GDPR) to keep data within European borders.
As these organizations often face challenges to independently developing and maintaining high-level cybersecurity measures (such as election cycles or funding), the DNS4EU project solves these challenges by providing a Europe-based, centralized, scalable solution to ensure the highest standards of security and privacy, compliant with EU regulations.
What is the goal and purpose of this project?
The goal of DNS4EU is to ensure the digital sovereignty of the EU by providing a private, safe, and independent European DNS resolver.
The DNS4EU initiative aligns with the EU's strategic goal of enhancing its digital autonomy by providing an alternative to the existing public DNS services provided by non-european entities.
DNS4EU aims to enhance the European Union's control over its digital infrastructure and data, reducing European reliance on foreign DNS providers and thereby supporting the digital sovereignty of European organizations and citizens.
Who is involved in the development and research?
The entire project is managed by an international consortium, comprising private cybersecurity companies, CERTs, and academic institutions from 10 European Union countries
Leader of the consortium is Whalebone.
- Whalebone - a cybersecurity company developing user-centric products for Telcos, ISPs, and enterprises. It provides millions of internet users as above seamless DNS security, protecting them from malware, phishing schemes, ransomware, and other malicious digital attacks without the need to download anything.
- Other members of the consortium are CZ.NIC (CZ), CVUT (CZ), Time.lex (BE), deSEC (DE), HUN-REN (HU), ABILAB (IT), NASK (PL), DNSC (RO). Inseparable role plays associated partners that provide the consortium with consultation and sharing know-how.
Associated partners are F-SECURE (FI), CESNET (CZ), Ministry of Electronic Governance (BG).
More about the consortium here.
Who participates in DNS4EU?
DNS4EU includes options for different audience segments.
- A public and free DNS resolver will be available for end users and those subjects that wish to join this free service with basic DNS security protection.
- DNS4EU for Governments – Protection for thousands of organisations on the DNS level. This is a completely different use case from just a public resolver.
- DNS4EU for Telcos – In order to make sure that the DNS4EU resolution is actually enjoyed by many users throughout the EU, we believe that telcos and ISPs are crucial partners. We offer DNS4EU resolvers via telco networks and process the complete DNS traffic on those resolvers.
- The last pillar is dedicated to Threat Intelligence (CERTs, CSIRTs and academic subjects). A significant feature of DNS4EU is its capability to provide regional threat intelligence. A malicious threat discovered in one country can be simultaneously blocked across multiple countries or regions, preventing its spread. DNS4EU threat intelligence is enhanced by CERTs and other institutions all around the EU, providing information on EU-specific threats, as well as by the data about cyberattacks gathered through the telco partners. CERTs are valuable partners for effective collaboration in local threat intelligence exchange.
How does DNS4EU work?
The DNS resolver basically translates the domain names people use to machine-readable IP addresses and back.
Organisations do not need to be governmental institutions to take advantage of the DNS4EU program. It provides a solution for any organisations providing essential public services, which can include for example healthcare, telecommunications, internet service providers, utilities, transportation, or banking/financial services.
- Mostly, people and institutions use the DNS resolver set by their connection provider.
DNS4EU, a European initiative, presents multiple avenues for establishing a secure and compliant DNS resolver. - This DNS resolver, which not only fulfills this basic function, but is able to filter out malicious traffic as well, thus effectively protects any device using the resolver with no need for installation or maintenance of any software. Basically, if any device connected to the DNS4EU Resolver tries to access a malicious domain (for example to activate a malware or to access a scam website), it is stopped immediately, preventing any damage the threat may have caused.
- Moreover, the resolver and all of the processes necessary for its development and operation are hosted 100% in the EU, thus making sure that it abides GDPR and all highest privacy norms set by the EU.
- Basically, if any device connected to the DNS4EU Resolver tries to access a malicious domain (for example to activate a malware or to access a scam website), it is stopped immediately, preventing any damage the threat may have caused.
What is the timeline of this project?
The DNS4EU project started officially in January 2023, and is co-funded by the EU from 2023 to 2025. The EU will partially contribute to the development of the infrastructure and it is expected and encouraged by the European Commission that the service is commercialised, since it has to be sustainable without operational costs from the EU after 2025.
Is DNS4EU mandatory for EU citizens, and does it enable censorship by the European Commission?
To ensure net neutrality and freedom for internet users, the usage of DNS4EU is voluntary for EU citizens, and they are always free to choose a different DNS provider.
This project provides the European Commission with no means of censorship. Furthermore, this would be against the goals of the project, which aims to strengthen digital sovereignty. The EU will not have access to configuration, data, etc. On top of that, DNS4EU will not be forced on anyone. It will merely abide to local regulations required of internet service provider. In other words, DNS4EU is not a way toward censorship, but actually toward data protection and better internet security and sovereignty for Europeans.
How does DNS4EU support NIS2?
“Member states should encourage the development and use of public and secure European DNS resolver service.” NIS2 directive, 2023
DNS4EU, a European initiative, presents multiple avenues for establishing a secure and compliant DNS resolver, aligning seamlessly with EU regulations. Its base lies in the cornerstone EU documents such as the Cybersecurity Strategy of the EU. Finally, it was recommended in the European Parliament and Council’s directive NIS2.
What to do next?
DNS4EU solutions are already available and the DNS4EU program already protects millions of people in Europe by securing critical-services infrastructure
- Join as a Stakeholder: Sign up to access exclusive DNS4EU newsletter updates, webinars, conferences, etc.
- For CERTs and CSIRTs: Join the Threat Intelligence Exchange to combat cyber threats in Europe.
- For Telcos/ISPs: Contact us about becoming a commercial partner to enhance your security services.
- For Government, Public Sector, and Enterprises: Contact George Buhai, Government Liaison, to initiate discussions or a Proof of Concept (PoC) for critical IT infrastructure.
- For EU Citizens: Express your interest in DNS4EU by contacting local municipal government representatives and critical service providers.
What does it mean to be a DNS4EU "Stakeholder"?
Being a DNS4EU Stakeholder means being actively involved in shaping and guiding the development of the European Union's secure and sovereign DNS infrastructure.
Stakeholders include technical experts, industry leaders, government officials, and representatives from various sectors, all working together to influence the direction of DNS4EU. The role allows participants to engage with European authorities and other stakeholders to ensure that the system meets technical, legal, and regulatory requirements while maintaining data privacy and security standards.
Join the European Union's official secure and private DNS resolution for citizens, institutions and governments.
Feel free to contact us4 points to remember
EU’s Digital Sovereignty
The European Commission aims to keep user’s data in the Union digital space to support its digital independence and sovereignty.
Regional Threat Intelligence
DNS4EU provides real-time regional threat intelligence. A malicious threat discovered in one country is blocked across multiple countries or regions, preventing its spread.
Privacy & Compliance
Citizens of the EU are provided with DNS resolution processed within the EU, to adhere to highest privacy standards, including EU data privacy regulations, such as GDPR.
Consortium leader
Whalebone (CZ)
Whalebone is a cybersecurity company founded in 2016 in Brno, Czech republic – the major central European tech hub. With its security products, the company currently protects millions of people worldwide through telcos, ISPs , as well as company networks all over the world.
Extensive experience in large-scale cybersecurity projects and collaborations with global telcos have given Whalebone great expertise in the cybersecurity arena. Deloitte ranks Whalebone 22nd in its Deloitte Technology Fast 50 Central Europe 2024 report, and the Financial Times’ Sifted Leaderboard 2024 of the fastest-growing companies in Central Europe ranks Whalebone at number 20.
www.whalebone.ioCZ.NIC (CZ)
CZ.NIC is an interest association of legal entities founded in 1998 by leading providers of Internet services in the Czech Republic. The principal activities include operation of the CZ domain registry and DNS servers for the CZ top-level domain (TLD). Besides the domain name registry, the Association is strongly involved in research and development, cyber security, standardisation activities as well as promoting new technologies.
CVUT (CZ)
The Czech Technical University in Prague is one of the largest and oldest technical universities in Europe. The AI Center (AIC) is an excellent research institution covering a wide range of artificial intelligence research with strong emphasis on applications. We cover the following research areas and application domains: robotics, machine learning, optimization, cybersecurity and smart mobility.
DNSC (RO)
The main responsibility of DNSC is to ensure the cyber security of the national civilian cyberspace, in collaboration with the competent institutions and authorities. DNSC is the competent authority at the national level for the national civilian cyberspace, including the management of risks and cyber incidents.
Nask (PL)
The CERT Polska team operates within the structures of NASK (Research and Academic Computer Network) — a research institute which conducts scientific studies, operates the national .pl domain registry and provides advanced IT services.
HUN-REN (HU)
The primary task of HUN-REN SZTAKI is to perform basic and application-oriented research in an interdisciplinary setting in the fields of computer science, engineering, IT, intelligent systems, process control, multimedia, and wide area networking. The institute also provides the technical base for HunCERT, a specialized team that aims to assist Hungarian ISPs in the proactive management of network incidents, while raising public awareness about cyber security.
Abilab (IT)
ABI Lab is a consortium of banks and companies whose mission is to analyse and promote
innovation in the Italian banking sector. Through its Centres of Excellence, ABI Lab conducts
primary research in key areas including, Digital Transformation, Fintech, Blockchain/DLT,
Cybersecurity, AI, IT and Operations and Sustainable Transition.
Desec (DE)
deSEC is an NGO committed to increasing Internet security and privacy for users. Its current main project is the spread of DNSSEC, which is pursued by providing a DNS hosting service that is both security enabled and privacy aware. The service furthermore offers and advertises new DNS technology, novel DNS use cases and DNS best practices.
time.lex (BE)
Time.lex is a boutique law firm based in Brussels, specialized in information and technology law in the broadest sense, including privacy protection, data and information management, e-business, intellectual property and telecommunications. Its activities cover all legal issues encountered in the creation, management and exploitation of information and technology, in all of its diverse forms.
Associated partners are:
- CESNET (CZE)
- F-SECURE (FIN)
- Centro Nacional de Ciberseguranca (PT)
- Ministry of Electronic Governance (BG)
Subscribe to our newsletter
Subscribe to stay informed on DNS4EU news, including updates on cybersecurity developments, exclusive webinars, conferences, and progress reports. Keep up with the latest in creating a secure and sovereign internet for the EU.