Every morning, millions of Queenslanders interact with government digital services. They book health appointments on Queensland Health platforms. They pay council rates through local government portals. They check flood warnings on emergency management sites. They access educational resources through Department of Education systems. They apply for licences, register vehicles, pay fines, access support services — all through websites that run on domain names.

Every single one of those domain names is rented.

Queensland Health does not own its domain. Brisbane City Council does not own its domain. Queensland Police does not own its domain. They lease them annually from private registrars, under rules set by auDA, which operates under a framework established in part by ICANN — an American private nonprofit that Queensland has no formal relationship with and no meaningful oversight of.

This is not a criticism of any government agency or the people who run their IT infrastructure. It is simply the reality of how the internet has worked for forty years. But it is a reality worth examining carefully, because digital sovereignty — the ability of a government to control its own digital infrastructure — is increasingly recognised as a genuine policy imperative. And Queensland has an opportunity that most jurisdictions do not.

WHAT DIGITAL SOVEREIGNTY ACTUALLY MEANS.

Digital sovereignty is a concept that has gained significant traction in policy circles over the past decade. At its most basic, it refers to the ability of a state, organisation, or individual to control its own digital infrastructure — its data, its systems, and its addresses — independently of foreign or private actors whose interests may not align with its own.

The European Union has invested billions in digital sovereignty initiatives over the past decade. The GAIA-X cloud infrastructure project, the European Health Data Space, the Digital Decade policy program — all of these represent attempts by European governments to reduce their dependence on American and Chinese technology companies and establish independent control over critical digital infrastructure.

Australia has been slower to engage with this agenda, but the conversation is accelerating. The Australian Government’s Cyber Security Strategy, the Critical Infrastructure Resilience Strategy, and various state-level digital strategies all touch on themes of digital independence and resilience. The question of who controls the digital addresses of government services is not yet front and centre in these conversations. But it should be.

"A government that cannot guarantee the permanent availability of its own digital addresses is a government that has ceded a small but real piece of its sovereignty to private actors."

THE PRACTICAL RISKS OF RENTED GOVERNMENT DOMAINS.

The case for permanent government domain ownership is not merely theoretical. There are practical risks associated with the current model of annual domain rental that are worth understanding clearly.

Administrative failure is the most common. Government IT infrastructure is complex, and the people responsible for domain renewals change frequently. Contracts end, staff move on, institutional knowledge is lost. The email addresses that receive domain renewal notices may be deactivated when the staff member who managed them leaves. The credit cards on file may expire. The registrar account may be locked due to a billing dispute. Any of these scenarios can result in a government domain lapsing — temporarily or permanently.

This is not a hypothetical concern. Government agencies around the world have lost or temporarily lost control of their domains due to administrative failures. The consequences can range from reputational embarrassment to genuine security risks, as domain squatters and malicious actors can register lapsed government domains and use them for phishing attacks that exploit the trust citizens place in .gov addresses.

Registrar consolidation is a less visible but increasingly significant risk. The domain registrar industry has been consolidating for years. Large registrars have acquired smaller competitors, creating a market where the domain names of government agencies end up under the control of companies that did not exist when the original registration was made. Each acquisition introduces uncertainty about continuity of service, pricing, and terms.

Policy changes at the registrar or registry level can affect government domains directly. auDA has changed its policies before, and it will change them again. A future policy change that affects the eligibility rules for .gov.au domains — or the requirements for maintaining them — could create disruption for government agencies that have no alternative infrastructure to fall back on.

THE CASE FOR PERMANENT GOVERNMENT ADDRESSES.

Queensland Foundation secured .qld and .queensland as permanent onchain TLDs. These are not traditional domains. They do not require annual renewal. They are not held at the pleasure of a private registrar. They are recorded on the blockchain permanently — immutable, transferable, and independent of any authority above Queensland Foundation.

For Queensland government institutions, this represents a genuine alternative to the current model of annual domain rental. Consider what permanent ownership of key government addresses would look like in practice.

gov.qld  ·  health.qld  ·  police.qld  ·  fire.qld  ·  education.qld — permanent onchain sovereignty.

gov.qld — the permanent, sovereign digital address of Queensland government. Not rented from an American company through an Australian intermediary. Owned permanently, recorded on the blockchain, controlled entirely by the Queensland Government.

health.qld — permanent digital infrastructure for Queensland Health. An address that cannot lapse, cannot be squatted, cannot be affected by a registrar acquisition or a policy change. An address that will be available as long as Queensland Health needs it, without any ongoing cost or administrative burden.

police.qld, fire.qld, ambulance.qld — permanent addresses for emergency services that citizens need to trust absolutely. The reliability of these addresses is not just a convenience issue. It is a safety issue. An emergency service that temporarily loses control of its domain because of an administrative failure creates a genuine public safety risk. Permanent onchain ownership eliminates this risk completely.

THE COUNCIL DIMENSION.

Queensland has 77 local government areas, each with its own council and its own digital infrastructure. From Brisbane City Council — one of the largest local governments in Australia — to small rural shires with populations in the hundreds, every council maintains a website, email systems, and digital services that depend on domain names.

The domain management challenges for small councils are particularly acute. Large councils have dedicated IT departments with staff whose job includes managing domain renewals. Small councils may have a single IT generalist who is also responsible for hardware, software, cybersecurity, and a dozen other priorities. Domain renewal is the kind of administrative task that falls through the cracks.

Permanent onchain council addresses eliminate this problem entirely. council.brisbane for Brisbane City Council. council.goldcoast for Gold Coast City Council. shire.toowoomba for Toowoomba Regional Council. Once claimed, these addresses are permanent. No renewal required. No administrative overhead. No risk of lapse.

"The small rural shire that loses its domain because its one IT person went on leave during renewal week is not a hypothetical. It has happened. Permanent onchain addresses make it impossible for it to happen again."

THE EMERGENCY SERVICES IMPERATIVE.

If there is one category of government digital infrastructure where permanence is not merely desirable but arguably essential, it is emergency services.

Queensland Fire and Emergency Services. Queensland Ambulance Service. Queensland Police Service. Queensland Health emergency departments. These services exist to protect life. The digital addresses through which citizens access information about them, contact them, and trust their communications must be absolutely reliable. Not reliable until the credit card expires. Not reliable until the registrar is acquired. Permanently reliable.

Consider the scenario of a major natural disaster — a cyclone, a flood event, a bushfire — where citizens are urgently seeking information about evacuation routes, emergency contacts, and shelter locations. If the Queensland Emergency Management website were temporarily inaccessible because its domain had lapsed due to an administrative failure in the preceding weeks, the consequences could be serious. People make decisions based on the information available to them. Unavailable information is not neutral.

This is not alarmist. It is a straightforward risk assessment. The probability of a major government domain lapsing at a critical moment may be low. But the consequence of such an event, for critical emergency services, makes even a low probability worth addressing. Permanent onchain addresses bring that probability to zero.

THE SOVEREIGNTY ARGUMENT FOR QUEENSLAND.

There is a dimension to this that goes beyond the practical risk management argument. It is about what it means for Queensland to control its own digital identity.

Queensland is not a small state. With a population of 5.46 million people, an economy worth over $400 billion annually, and a landmass larger than most countries, Queensland is a significant entity. It has its own parliament, its own legal system, its own government institutions, and its own distinct identity within the Australian federation.

The digital addresses through which that identity is expressed and through which government services are delivered should reflect that significance. They should not be rented from private companies. They should not be subject to the policy decisions of bodies that Queensland has no formal relationship with. They should be owned, permanently, by Queensland institutions — recorded in an immutable blockchain record that no external actor can modify or revoke.

This is what digital sovereignty looks like in practice. Not a grand geopolitical statement. Not a rejection of the global internet. Simply the recognition that permanent onchain ownership of government digital addresses is better — more secure, more resilient, more sovereign — than annual rental from private registrars.

THE PATH FORWARD.

Queensland Foundation is not a government body. We cannot mandate that Queensland Government agencies adopt .qld or .queensland addresses. What we can do — and what we have done — is secure those TLDs permanently and make them available to any Queensland institution that recognises the value of permanent onchain digital sovereignty.

The conversation about digital sovereignty in Australian government is at an early stage. The policy frameworks are still being developed. The procurement processes for onchain digital infrastructure are not yet established. The institutional awareness of what permanent onchain domain ownership means is still limited.

But the direction of travel is clear. Governments around the world are recognising that their digital infrastructure — including their domain names — is a sovereign asset that should be controlled as such. Queensland has the opportunity to lead this conversation in Australia, with the added advantage of having a dedicated Queensland TLD namespace already secured and available.

gov.qld does not expire. health.qld cannot be squatted. council.brisbane belongs to Brisbane City Council, permanently, immutably, and entirely on Queensland’s terms.

That is what digital sovereignty looks like. And it is available now.