The American giant’s decision to use only the .com domain reopens the debate on jurisdiction, governance and net neutrality. An analysis of the technical and geopolitical implications that foreshadow a future of digital borders, selective blocking and new spheres of influence by Andrea Monti – Initially published in Italian on Italian Tech – La Repubblica
Google has announced its decision to abandon local domains — the geographical codes associated with individual countries — meaning that the search engine will only be accessible via ‘.com’.
In explaining the reasons behind this decision, Google refers to the greater efficiency now possible in providing localised responses with a single address.
However, the statement also specifies that: ‘It is important to note that, although this update will change what users see in their browser address bar, it will not affect the way search works or change how we handle obligations under national laws.’ It therefore appears that Google will continue to comply with requests to de-index content in accordance with data protection legislation and to provide information on Italian users, as far as we are concerned, as requested by the judiciary.
In reality, this clarification is somewhat pointless because the absence of an Italian domain name does not prevent the authorities from accessing caches (servers that are part of Google’s cloud infrastructure and may be located in our country).
What appears to be an unsolicited justification therefore prompts some more general reflection on the possible practical significance of the decision to abandon national geographical domains, in relation to the debate on the future of internet governance.
Who assigns national domain names
National domain names are granted for use by entities called ‘registries’ that are dependent on a private international organisation called the Internet Corporation for Assigning Name and Numbers (ICANN).
For Italy, the ‘Registry’ is managed by the Institute of Informatics and Telematics of the National Research Council, to which requests for the assignment and cancellation of ‘.it’ addresses must be addressed.
Those interested in obtaining a domain name cannot apply directly to the Registry but must go through authorised ‘concessionaires’ called ‘Registrars’, who are subject to a set of rules, including the obligation to manage the ‘DNS’ — special systems that convert domain names, such as google.it, into the corresponding IP number (i.e. the ‘licence plate’ of the physical server associated with the domain), which in the case of google.it is 142.250.180.131.
The domain name does not correspond to the location of the data and the platform
An important thing to consider in this regard is that a geographical domain name does not necessarily correspond to the physical location of the server to which the domain is associated. In the case of Google, the IP 142.250.180.131 associated with the domain google.it is geolocated in Italy, but also in other countries.
In itself, there is nothing strange about this, as it is standard practice in network traffic management. However, to limit ourselves to Italy, the fact that servers located anywhere in the world and associated with the .it geographical code depend on the National Registry implies that the traffic concerning them is subject to the jurisdiction of the country where the Registry itself is located. In other words, the servers that run google.it may well be located abroad, but if an order were to be issued by an administrative authority or the judiciary, Italian registrars, foreign registrars who have signed a contract with the CNR and the CNR itself would have to comply with the order.
The role of national operators as substitutes for the courts
It is quite clear that, to stay with the example, if a person does not have an Italian domain name and the domain name is managed by a foreign registrar, the local authorities have no way of intervening directly if the person managing the domain name or the servers that make the domain accessible decides not to cooperate. A solution to this impasse therefore had to be found.
In a perfect application of the boiled frog metaphor — plunging a frog into a pot of cold water and gradually raising the temperature to boiling point so that the ‘victim’ only notices when it is too late — the breakdown of net neutrality took place gradually.
The beginning was marked by The Pirate Bay case, dating back to 2009. The search engine was located abroad, on a non-Italian domain and without a cache in this country. Unable to act directly, the Italian authorities ordered all national operators to block traffic to that network resource. In other words, instead of seizing a distribution centre, people are prevented from reaching it by requiring road operators not to allow transit. But this, of course, does not stop the substances from being distributed.
Therefore, not only does ‘blackout’ or ‘filtering’ not prevent the illegal activity from continuing upstream, but it also involves an undue invasion of the privacy of people who are completely unrelated to the investigation.
‘Filtering’ the connection to a website means ‘intercepting’ all IP addresses passing through each operator’s network (including those of people who are not doing anything wrong), identifying individual connections to a particular domain name or IP number in order to block them or redirect them to websites available to the police.
Of course, without direct control over the domain name, various technical operations are no longer possible (or are not easily possible). Two examples are redirecting email to a different mail server and controlling the destination IP to which the server must respond in order to create ‘decoy sites’ to identify those attempting to connect. This and other things are no longer possible, unless the foreign operator located abroad decides to cooperate voluntarily, as Google has stated it will do, and not because it is legally required to do so.
The most striking examples supporting this conclusion are the minimal willingness shown by OpenAI to comply with the requests made by the Data Protection Authority and the failure to implement the ‘block’ of Deepseek ordered by the authority. In both cases, despite the profound differences, the decisions taken by the platforms took into account considerations that had little or nothing to do with the law and much to do with expediency.
The consolidation of the national strategy on traffic control
Following the Pirate Bay case, the approach whereby Italian law and administrative measures apply directly abroad without the need for agreements or treaties has become established. Its legal validity raises some concerns, but these are not currently being given due consideration.
Since 2006, with the Google v Vividown case, it has been considered legitimate to serve court documents on the Italian subsidiary even if they were addressed to employees of other entities of the group operating abroad for matters related to content control on the platform. The trial ended with the acquittal of the defendants, but did not affect the principle allowing the initiation of proceedings to be communicated in a country other than that in which the defendants resided. In November 2022 and then last October 2024, the Milan court ordered Cloudflare, even though it is not an operator based in Italy, to follow the orders of the Communications Authority and adopt a series of measures to prevent the anonymous use of its DNS by individuals involved in illegal streaming activities.
Finally, last month, the same court issued a similar decision against Google.
The stone guests at the net neutrality table
The scenario that emerges from these lines is quite clear: net neutrality is no longer a shared value and needs to be reviewed in light of changing political and economic conditions, particularly those related to the content industry. It should be remembered that, more than any other group of stakeholders, copyright holders have been at the forefront of protecting their interests in the face of a model of development and commercialisation of internet services based on de facto deregulation and the neutrality of access and connection services to public telecommunications networks.
It is clear, therefore, that the uninvited guests in this whole discussion are called ‘internet governance’, ‘jurisdiction’, i.e. the geographical limit to the exercise of state power, and ‘Atlanticism’.
Who governs the Big Internet?
In the field of internet governance, the role of those who control domain names and IP numbers is as fundamental as it is unknown to most people.
These are non-governmental, non-national organisations that, without any formal authority, keep an important part of the technological system that makes the Big Internet ecosystem work running.
To understand their importance, just consider that RIPE — the body that manages European IP numbers — at Ukraine’s request, was asked to decide whether or not to ‘disconnect’ Russia from the rest of the world. In this specific case, Ukraine’s request was addressed to the wrong recipient (it asked for the revocation of the use of the .ru domain, which is the responsibility of ICANN, not RIPE), but this does not change the fact that a decision of great geopolitical importance can be made by entities without any legitimacy and in full autonomy. It is clear, therefore, that the structure of internet governance represents a first limitation to the possibility of combating offences which, by their nature, involve several States and — here we come to the second uninvited guest — several jurisdictions.
National jurisdiction and the exercise of power
Jurisdiction coincides with national borders and, in practice, works in such a way that when you reach the border, the authorities must stop and request the cooperation of their counterparts in order to carry out any activity. A well-known example is extradition: as long as the person to be repatriated is abroad, they can only be arrested by local authorities, while they fall under Italian jurisdiction when they board an aircraft or ship flying the Italian flag, which are considered Italian territory.
For some time now, the European Union — through its regulation on the protection of personal data and other measures — has been pushing this rule and believes that it can apply EU rules even outside the territory of Member States.
Until such time as, as in the case of the data security legislation issued by China or the US CLOUD Act or by a national court as in the Cloudflare case, such a choice is made by a sovereign state, its legal legitimacy and political appropriateness can be debated. But when this decision, which concerns criminal matters, is taken by bodies that administer a treaty such as the EU and not by a real state, the doubt that can be raised is entirely legitimate.
Geopolitics and control over network traffic
Be that as it may, the direct curtailment of US jurisdiction over Big Tech, and here we come to the third guest, Atlanticism, could not remain unchallenged for long. In fact, the current conflict fought with tariffs — which, to date, is actually more like the Chalk War in the XVI century Italian military campaign of Charles de Valois [*When Charles de Valois invaded Italy in the 16th century, he met with almost no resistance. It is said that he only had to use chalk to draw the boundaries of his army. Since then, the expression “Chalk War” has been used in Italian to describe a very easy task, made so by the lack of resistance from the other side.] — sees the ‘securing’ of large American technology companies from attempts to impose taxes and other obligations as a key element in the ongoing negotiations. Given that the Atlanticist geopolitical positioning of the EU member states, and therefore of the EU itself, is obviously not in question, it is clear that one of the two contenders is stepping into the ring to face the world heavyweight champion with one foot in a bucket of cement and one arm tied behind his back, but above all without a referee.
The options on the table
It is likely that Google’s decision was not directly influenced by the scenario described above, but it is certain that the overall geopolitical conditions play a fundamental role in strategic decisions that also have technological and organisational implications.
The intricate relationships between internet governance, jurisdiction and choosing sides are, as always, a long-standing problem that has been neglected outside the circles of experts.
The options on the table are clear: we must decide whether to leave things as they are, whether to transfer control of the network, for example, to the UN, or whether, on the contrary, to fragment it at the level of individual nation states. We need to agree on a kind of ‘extradition of data’ located in individual countries that respects individual national jurisdictions. We need to decide, once and for all, whether there should be only one Big Internet or whether — as seems to be the case — we are moving towards the creation of as many large networks as there are areas of influence of the world’s major powers, connected by a few checkpoints through which to control what comes in and what goes out.
Whatever the choice, our idea of the internet is destined to disappear forever, marking the awakening from a dream of freedom that lasted, in historical terms, the blink of an eye.