Google says your DNS queries are kept separate from everything else Google knows about you. Google has never let an independent auditor verify this. Cloudflare hired KPMG. Google hired nobody. This is the same company that paid $391.5 million for secretly tracking users' locations after they turned location tracking off. The same company that paid $5 billion for tracking Chrome Incognito browsing it promised was private. Google asks you to trust that it walls off DNS data from ad data. The company's track record on "trust us, we don't track that" is worth exactly $5.4 billion in settlements. Google says you choose to use 8.8.8.8 for faster, more secure DNS. Billions of people never chose anything. Google DNS is the default on Android phones, Chromebooks, and Chrome's Secure DNS. With 72% of the world's phones and 65% of browsers, Google made the choice before you did. Most people don't know what DNS is, let alone which one their phone uses. Google's "opt-in" DNS service is opt-out on Google's own platforms -- and almost nobody opts out of defaults.
What they claim: Google's DNS privacy page highlights that "temporary logs" with IP addresses are deleted within "24 to 48 hours."
What we found: Google's own documentation states that "permanent logs" -- a sampling of temporary logs with IP addresses replaced by city-level location -- are retained indefinitely with no expiration date. Additionally, Google may retain temporary log data (including IP addresses) "longer than 48 hours solely for addressing security and abuse issues" with no defined maximum. The 24-48 hour claim applies only to the most identifiable data under normal circumstances. The query data itself -- what domains people are resolving, when, and from which city -- lives forever. The headline number is the shortest retention period for the narrowest data category.
What they claim: Google Public DNS positions itself as a privacy improvement over ISP-provided DNS, noting that ISPs may log and sell browsing data.
What we found: ISPs that provide DNS resolution face telecommunications regulation: GDPR Article 6 in Europe, the Telecommunications Act in Australia, FCC oversight in the US (when privacy rules are in effect). Google Public DNS handles more queries than any ISP but is regulated as a tech company under different standards. Google retains anonymized permanent logs indefinitely -- a practice that would trigger regulatory scrutiny if an ISP did it. The FTC has never audited Google's DNS data handling. Switching from ISP DNS to Google DNS trades one surveillance risk for another, but the one you're trading for faces less regulatory oversight.
What they claim: Google states it "does not correlate or associate personal information in Google Public DNS logs with your information from use of any other Google service except for addressing security and abuse."
What we found: Google has never submitted its DNS privacy claims to an independent third-party audit. Cloudflare uses KPMG. Quad9 operates under Swiss privacy law with published transparency reports. Google asks users to trust its self-reported data separation within a company that earned $350 billion in 2024 (77% from advertising) and was sued by 50 US states for deceptive location tracking practices (settled for $391.5 million in 2022). Google paid $5 billion to settle the Chrome Incognito Mode class action in 2024, in which plaintiffs proved Google tracked browsing activity it promised not to track. The claim that DNS data is siloed from ad data rests entirely on Google's word.
What they claim: Google asks users to trust its stated commitment to keeping DNS data separate from advertising and user profiles.
What we found: In 2024, Google agreed to settle the Brown v. Google class action for $5 billion after plaintiffs demonstrated that Google tracked Chrome users' browsing activity in Incognito Mode despite explicitly promising that Incognito "won't be saved." Internal Google documents showed employees raised concerns that Incognito's privacy claims were misleading. Separately, Google paid $391.5 million in 2022 to settle a 50-state investigation into deceptive location tracking -- Google tracked users' locations after they turned off Location History. In both cases, Google's stated privacy commitments did not match observed behavior. DNS data separation rests on the same type of promise.
What they claim: Google Public DNS is presented as a choice users actively make to improve speed and security.
What we found: Google Public DNS is configured as the default resolver on many Android devices and all Chromebooks. Chrome's Secure DNS feature defaults to Google's resolver. Users who never change a DNS setting are automatically feeding queries to Google. Android has 72%+ global mobile market share. Chrome has 65%+ browser market share. Google didn't ask these users to choose 8.8.8.8 -- it chose for them. The DNS resolver marketed as an opt-in speed improvement is pre-installed on billions of devices as a default that most users never change.
What they claim: Google states DNS data is not associated with any Google account and is treated separately from other Google services.
What we found: A typical Google user on an Android phone using Chrome, logged into Gmail, searching with Google, and resolving DNS through 8.8.8.8 gives one company visibility into: every website visited (Chrome), every email received (Gmail), every search query (Google Search), device location (Android), and every domain resolved (Google DNS). Each service has its own privacy policy. All are operated by the same legal entity. Google's 2024 annual report disclosed that it processes data from 4.3 billion users across its products. The claim that DNS data is siloed is a policy choice, not a technical barrier -- and policies can change with a Terms of Service update.