[TechBro8615]

Yeah, I was wondering this too. What makes Quad9 such a special DNS resolver that Sony is picking on you and only you? What about Cloudflare, or Google, or literally every ISP? Why not just tell Sony to go fuck themselves?

One wonders if Quad9 has its own ulterior motive here, because none of the other DNS providers seem to care, and I find it difficult to believe Sony isn't trying to sue them too.

[Tozen]

They don't want to pick a fight with Cloudflare or Google, because they have deep pockets, and doing so can clearly backfire on them in multiple ways. Where if they pick on easier targets, they then can get the courts to back their censorship, and use that way to force legal compliance by all DNS resolvers. It's a strategy of a bully or predator, where they see a weakness that they can exploit.

Additionally, many DNS resolvers don't turn over records or anonymize. Which doesn't help such companies when they make a claim. These type of companies want the courts to help them to completely destroy the possibility of user privacy or any protection of rights, as it pertains to any claims that they might make. They want to be able to force 3rd parties and DNS resolvers to be compliant to their policies and profits.

[post-it]

Start with a small company to establish precedent, like patent trolls do.

[TechBro8615]

Wasn't Quad9 started by IBM? The title of the launch post was "IBM Quad9" [0]. This doesn't seem like a small company.

If anything maybe the reason Sony started with Quad9 is because Quad9 is already a censoring DNS resolver, since by design it censors malware domains, and Sony is saying "well then you should censor copyright infringement too."

[0] https://news.ycombinator.com/item?id=15712744

[bwoodcock]

Nope, Quad9 was not started by IBM. It was an internal project of PCH, started in 2014 in response first to European privacy regulators who were being lobbied by Google for a one-off exemption for 8.8.8.8 in the run-up to GDPR implementation; then in 2015 a number of cybersecurity organizations were contacting us to do another (we'd built several global recursive resolvers before, while nobody else had done more than one, so it was reasonable for people to be coming to us for more) that did malware/phishing/tracking blocking. Since if we did two separate ones, people would have to choose between privacy and security, we decided to just roll the two projects into one. Because it was public-facing, in 2016 we spun it out into its own separate non-profit originally called "CleanerDNS." From past experience, we knew that a memorable IP address was crucial. We were working with APNIC, and they got us a good v6 address, but then, depending on your mood, we were either sincerely flattered, or tortious interference happened, and so we had to try for other of the other easy-to-remember ones. My friend Jeff Jonas was, at that time, an SVP at IBM, and stepped up and got us 9.9.9.0/24. That process started in July of 2017 and IBM's sponsorship wasn't publicly announced until November of 2017.

[bwoodcock]

Quad9 is a public-benefit not-for-profit. Our purpose is to improve privacy and security. What else did you have in mind?

Quad9 is special in that it's the only recursive resolver of any size that's not headquartered in the jurisdiction of the Northern District of California federal courts. All three others of the "big four" are, and Quad9 was until it moved to Switzerland so as to be bound by criminal privacy law, and to get out from under USG data-collection requirements.

But Quad9 is _not_ the only one being attacked by Sony. Sony has already won against Cloudflare in other venues, but that's a much easier target.

https://www.musicbusinessworldwide.com/italian-court-orders-...

https://dimitrology.com/cloudflare-wants-to-eliminate-moot-p...

Quad9 doesn't sell hosting services to pirate sites, so has no connection with the alleged infringers. Which is the point of all this. Quad9 is being attacked _because_ it has no relationship with infringing parties. If Sony can establish a precedent that Quad9 can be forced to censor, then that precedent is, in principle, applicable to all parties. Firewall manufacturers. Operating system publishers. Wifi hotspot manufacturers. Open-source software authors. Etc.

[nuker]

What are “USG data-collection requirements” please?