Google shuttles DNS queries from Brazil back to US

Google said the shift is not connected to proposed legislation in Brazil that would mandate user data be held locally

Google is using U.S.-based servers to answer DNS queries from Brazil as the country considers a law requiring user data to be held locally following the NSA spying revelations.

Google is using U.S.-based servers to answer DNS queries from Brazil as the country considers a law requiring user data to be held locally following the NSA spying revelations.

Google is using U.S.-based servers to answer website address queries from Brazil after the country's president proposed stronger privacy laws, according to an Internet monitoring company.

Renesys wrote on Wednesday that Google began pushing DNS (Domain Name System) queries from Brazil to U.S.-based servers around Sept. 12, the same day President Dilma Rousseff expressed support for a law requiring Internet companies to hold data collected on the country's citizens locally.

Her comments came after documents leaked by former NSA contractor Edward Snowden showed that she and Brazil were spied on by the U.S. National Security Agency (NSA).

When queried, a Google spokeswoman wrote via email on Oct. 23 that "these two events are unrelated" but did not further explain the shift.

DNS translates website domain names into the IP addresses of servers requested by a Web browser. Many ISPs (Internet service providers) and organizations run their own DNS servers. Google offers a free service, Public DNS.

Google has been vague about the change. On Sept. 25, a Google software engineer who works on Public DNS, Shen Wan, wrote on a public forum that "queries to Google DNS from Brazil (and maybe other South American countries as well) are handled by resolvers in the United States."

"Consequently you may experience longer latency than before," Wan wrote. "We are sorry about this inconvenience to you and are working to restart resolvers in Brazil in the near future."

When a forum user asked if the changes resulted from Brazil's interest in keeping local data in-country, Wan wrote that the question was off-topic. Wan didn't answer a query from IDG News Service.

People can use Google's DNS service by changing their computer's network settings to its public servers, which are at the IP addresses "" and "" If they do that, Google has total visibility on what websites are visited, which is advantageous for serving advertising, wrote Doug Madory, a Renesys senior analyst.

"By gaining visibility into the Internet usage of its users, Google can use this data to improve its commercial applications, such as the placement of advertisements," he wrote. "It is this user data that would presumably make Google Public DNS subject to the more stringent privacy laws proposed by President Rousseff."

Before the change, Google Public DNS answered queries from Sao Paulo in about 50 milliseconds, a metric called latency. Those queries now take more than 100 milliseconds, Madory wrote.

Google Public DNS "still works just fine for Latin American users, just much more slowly," Madory wrote.

Send news tips and comments to Follow me on Twitter: @jeremy_kirk

Join the CSO newsletter!

Error: Please check your email address.

Tags Googlesecurityinternet

More about GoogleIDGNational Security AgencyNSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place