Illicit Trade in the Dark Web
With millions of pages on the internet is surprising to learn that 90% of them are not indexed by search engines like Google, Yahoo or Bing, etc. This means that only a tiny portion of the internet is accessible through search engines or standard means.
Ok, wait, what does that mean?
To better understand the different levels of the internet, let’s use the ocean analogy:
The surface web would be the top of the ocean which appears to spread for miles around, and which can be seen easily or “accessible”. This level is the portion of the World Wide Web that is readily available to the general public and searchable with standard web search engines.
The deep web is the deeper part of the ocean beneath the surface where contents are not indexed by standard web search engines for any reason.The content of the deep web is hidden behind HTTP forms, and includes many common uses such as web mail, online banking, and services that users must pay for, and which is protected by a paywall, such as video on demand, some online magazines and newspapers, and many more. Content of the deep web can be located and accessed by a direct URL or IP address, and may require password or other security access past the public website page.
Finally, the dark web would be the bottom of the ocean, a place accessible only by using special technologies. Sites that run on this part of the internet never appear on the radar of the law-enforcement agencies and financial regulators. This creates an environment which facilitates fraudulent and illegal activities. When we talk about the internet being a facilitator of illicit trade, we fail to acknowledge the odious workings of the Dark Web,
What Is the Dark Web?
The origin of the Dark Web is not as sinister as its present-day workings. It was launched by the US Naval Research Laboratory back in 2003. The agency used it for law-enforcement and secret services and to help political dissidents fighting for their rights in countries with oppressive regimes.
But with time, the legitimate side of the Dark Web was overtaken by people with malicious intent who used the site anonymously ‘offering organised crime services’. Today, the secluded, undetected, and unregulated Dark Web surreptitiously backs organised crime networks which take advantage of the fact that these sites cannot be cautiously monitored by authorities.
Illicit trade is part of the different criminal activities being offered in the dark web, counterfeit goods like designer bags, luxury perfumes and genuine life-saving drugs are easily available. But the Dark Web also facilitates heinous crimes like kidnapping, hacking, and even murder.
How does it work and what Types of Illicit Goods Can Be Found on the Dark Web?
The Dark Web has been running on the foundations of Tor (the Onion Router), which enables anonymous communication. When you use Tor’s browser, your internet traffic is routed through a number of different relays. Tor routes traffic through a minimum of 3 servers before reaching its intended destination. In the absence of an identifiable route, the authorities find it difficult to link a post to its original creator.
This convenience has allowed the rise of criminal operations, including cybercrimes. From duped credit cards and lifetime Netflix subscriptions to compromised visas and services of hitmen are readily available on the dark web “sites”. Kidnappers and murderers can advertise their ‘services’ freely and fearlessly on this dark space.
It is also a preferred space for drug dealers who sell brain-damaging substances to drug addicts from their safe spaces without having the fear of being caught mid-transaction. Besides this, login credentials for a six-figure bank account are available against the payment of a few hundred dollars, allowing access to bank accounts with hundreds of thousands of dollars in them. The Dark Web also has a thriving market for other illicit goods like knock-off products and pornography videos. In 2013, federal prosecutors arrested the creator of a fake eBay-style website, Silk Road, which sold illicit products, including stolen credit cards, fake IDs, drugs and guns.
How transactions are made in the Dark Web
Using credit cards for making or receiving payments for illicit products or “services” is not a viable option for people who want to keep their identity anonymous.
A digital black market needs the digital equivalent of cash. And that’s exactly what Bitcoin is. Bitcoin, like cash, allows transactions to be made anonymously. And with no one in charge of the Bitcoin network, there’s no one with the authority to block illicit transactions.
As with Tor, it’s important to note that not all uses of the Bitcoin network are for illicit purposes. There are several thousands of legitimate businesses that accept Bitcoin. But criminals have been attracted to Bitcoin for the same reasons they’ve been attracted to conventional cash.
Is It Possible to regulate the Dark Web?
Developing regulation to address the dark side of the Dark Web requires an understanding of the benefits and risks of anonymity and of an open internet, therefore a complex process.
First, using proxy servers or sites like Tor for anonymity is not inherently criminal. However, for the authorities, there is no way to distinguish between innocent users and those who are using the mask of anonymity to carry out their nefarious designs.
The second complex issue is the borderless nature of the internet, therefore the application of regulations can be challenging. The internet is not controlled by a country or a specific institution. There are certain types of content where there is unanimous consent from all countries about their illegality, such as high level violence or images of child abuse. However, their opinion stands divided when we refer to the freedom of political dissidents.
Thirdly, the approach to this issue is also very different from country to country. China, for example, has made efforts to completely block access to Tor, and Russia is trying to deanonymize Tor for political purposes. Another example is Austria whose dramatic policies in 2014 created a wave of concern, when the authorities apprehended a man who made his computer a Tor relay and accused him of contributing to cyber-crimes committed by another user. The verdict was staggering: it is illegal to operate a Tor exit relay in Austria. This proved to be a major blow for Austrians who want to support the project.
The different reactions to the Tor project means that there is no single way to deal with the its complexities . Even though it is important to keep the anonymity of users intact, it is equally important to apprehend criminal minds who are involved in unlawful activities.
Given that international cooperation will be essential, governments must work together towards creating smart Dark Web policy. The specific tactics for intervening on the Dark Web must be carefully considered. Many governments, including the U.S. government, have made attempts in the past with varying degrees of success. By learning from past mistakes, leaders can create policy that effectively addresses the challenge of tomorrow’s internet.
How to intervene on the dark web?
Carefully choosing intervention tactics are essential for taking down criminal activities on the Dark Web while simultaneously protecting the anonymity of innocent users.
Different government agencies have been working to catch the criminal networks that are carrying out with illegal activities. Since 2002, the FBI uses a computer and internet protocol address verifier (CIPAV) that helps them identifying who hides their actual location by using anonymity services like Tor or proxy servers. Without compromising on the anonymity of legitimate users, the software separates flagged Tor traffic from regular internet traffic. This helps the FBI to narrow down search parameters when it is carrying out its investigations.
In the same manner, the Department of Defense’s Advanced Research Projects Agency (DARPA) is working on a tool called Memex that will help the law-enforcement agencies to make sense of Tor traffic without compromising anonymity. The specific patterns detected by the software will help the agencies track down the person/network making suspicious requests.
Playpen case
In February 2015 the FBI identified the IP addresses of users that were accessing Playpen — a hidden Tor child abuse site.
The sinister site was launched in 2014 and within a month had 60,000 member accounts. By 2015, the site had 215,000 users, at least 117,000 posts, and a shocking number of 11,000 unique visitors per week. In an unprecedented move by the FBI and after getting a warrant from a federal magistrate judge in Virginia, the FBI transferred the Playpen server to one of their own.
The FBI ran the site between February 20 and March 4 and was able to access the computers of around 1000 users. This allowed the FBI to bring 1500 cases against people accessing images of child abuse. Some may argue that the FBI shouldn’t have been running a child abuse server. But this was also important for the authorities to reach the people responsible for it.
Another question that also rises in such situation relates to the authority of a judge. Some often ask if a judge should be allowed to give the warrant to authorize searches that don’t fall in their jurisdiction. This is a tricky debate mainly because it is nearly impossible to identify a single user and then apply for a warrant. However, the FBI did the impossible as well and apply for a unique warrant for every suspected computer.
Silk Road case
The FBI has also a fair share of unsuccessful cases. The Silk Road takedown is one of them. Even though the operator of the site — Ross Ulbricht — was arrested in 2013, the market for illegal goods has only expanded since then. The market that was once centralized around Silk Road has now become more scattered. In fact, there is a directory of Dark Web marketplaces on Reddit that informs users which sites are unreliable and which are credible. It is also important to note that a month after the shutdown of Silk Road, Silk Road 2.0 was launched. Even though it was short-lived, the immediate launch of the site shows that the authorities have a long way to go to put an end to the working of Dark Web marketplaces.
The Reddit case
Another unsuccessful case of FBI intervention surfaced in March 2015. The FBI served a subpoena to Reddit and asked for the data of five users who accessed r/darknetmarkets — a subforum on Reddit where users discussed illegal online marketplaces. This was a flagrant disregard to users right to discussion on open forums. Also, this action is likely to encourage criminals to hide in the Dark Web and operate from there, leaving no trace on the surface web. This will make the process of tracking these criminals down even more challenging.
These three cases highlight the level of effectiveness of government intervention. The intervention of the FBI in the Playpen case was fruitful because the authorities entered the space where everyone is a criminal. The tactics employed to deal with sites like Silk Road was a failure because it only dealt with a symptom — an illegal marketplace — and didn’t address the root causes that result in the launch of such sites. The tactics employed in the Reddit case were a big failure and could have never resulted in favorable results as it discourages innocent users from having discussions on open forums about a topic.
Wrapping up
The Dark Web is, by its nature, anonymous and incapable of discriminating between criminals and ordinary users. Enforcement agencies must address this issue by employing tactics that maintain the privacy of the average user while unmasking the criminal.
The most effective way of doing this is by “following the users”. Under proper legal authority, government hackers can place deanonymising tools onto the computers of users accessing the site. If the government merely shuts down the site, another will pop up in its place. On the other hand, if enforcers bring charges against the users of an illicit site, future users who are considering accessing illegal sites will be more hesitant to do so because of the risk of getting caught.
The debate around the Dark Web has no end in sight. As policy-makers move forward, they must monitor vigilantly the evolution of the Dark Web and ensure that enforcement agencies have the resources and legal support to police successfully the Dark Web. Dark Web policy, like all good policy, must be nuanced and thoughtful in order to strike the balance between the needs of privacy-minded users and the government’s responsibility to stop illegal activity.
