[Ed Note : In an interesting read, Shweta Rao of NALSAR University of Law brings us upto speed on the debate regarding regulation of the mysterious “dark web” and provides us with a possible way to proceed as far as this hidden part of the web is concerned. ]
Human Traffickers, Whistleblowers, Pedophiles, Journalists and Lonely-Hearts Chat-room participants all find a home on the Dark Web, the underbelly of the World Wide Web that is inaccessible to the ordinary netizen. The Dark Web is a small fraction of the Deep Web, a term it is often confused with, but the distinction between the two is important.
The Dark Web unlike the Deep Web is only accessible through anonymous servers, as distinguished from non-anonymous surface web accessing servers like Google, Bing etc. One such server is The onion router (Tor),one of the most popular servers for accessing the dark web, which derives its name from the similarity of the platform’s multilayered encryption to that of the layers of an onion. Dark Web sites also require users to enter a unique Tor address with an additional security layer of a password input. These access restrictions are what distinguish the Dark Web from the Deep Web, which may be breached into through Surface Web applications. Further, the Deep Web may, due to its discreet nature, seem to occupy a fraction of the World Wide Web, when in actuality, it is estimated to be 4000-5000 times larger than the Surface Web and hosts around 90% of the internet’s web traffic. The Dark Web, in contrast to these figures, occupies a minuscule amount of space, with less than 45,000 Dark Web sites as recorded in 2015. Thus, the difference between Deep and Dark Web lies not in their respective content, but in the requirements and means of access to these two spaces along with the quantity of web traffic they attract.
The Dark Web has existed nearly as long as the Internet has and begun as a parallel project to the US Department of Defense’s (USDD’s) 1960s ARPANET Project. The USDD allowed the Dark Web to be accessible to the public via the Tor for it to mask its own communications. Essentially, if the Dark Web was used for only USDD communications there would be no anonymity as anyone who made their way into the system would be aware that all communications would be that of the USDD. So, by allowing the public to access it via the Tor, the USDD could use the general traffic of the Dark Web through the Tor to mask its communications under the stampede of information passing through the Tor.
While the Internet became a household name by the late 90’s the Dark Web remained obscure until 2013 when it gained infamy due to the arrest of Ross William Ulbricht ( aka the Dread Pirate Roberts) the operator of the Silk Route, marketplace for illegal goods and services.
While fully regulating a structure such as the Dark Web is a near impossible feat, this arrest has indeed pushed the previously obscure Dark Web into the spotlight, putting prosecutors and law enforcement agencies across the world on the alert. This new-found attention into the workings of the Dark Web is the junction at which the debate for regulation policies emerges.
The debate on the status of surveillance of the Dark Web broadly has two branches. The first branch, which has emerged with more force post the exposure of the Silk Route, advocates for more frequent and stricter probes into the activities of the Dark Web. In contrast, the second branch weighs increased regulation against issues of breach of privacy, which is one of the main reasons behind use of servers such as Tor.
In order to understand the reasoning behind either branch’s stance, it is essential to look at the breakup of the Dark Web and its various uses, each finding its place at different points along the spectrum having legality and illegality as its extremes.
The Dark Web, as mentioned previously, occupies a faction of the space on the Deep Web with less than 50,000 websites currently functioning, and the number of fully active sites are even lower. Legal activities take up about 55.9% of the total space on the Dark Web whilst the rest of the space contains illegal activities such as counterfeit, child pornography, illegal arms dealing and drug pedaling amongst others. Activities such as whistleblowing and hacking given their contextual scenario-based characteristic would thus not allow themselves to be placed in one or the other category and would fall into a “grey area” of sorts.
With over 50% of the activity on the Dark Web being illegal, the call for increased regulations seems to be reasonable. However, those who are regular residents of this fraction of the internet oft differ. And this hinges on, as mentioned earlier, the issue of privacy.
Privacy has become a buzzword across the globe in the recent past with various nations having to reevaluate the rights their citizens’ information had in the midst of the boom of the data wars. From the General Data Protection Regulations (GDPR) in the EU to the Puttaswamy case in India, across the globe, the Right to Privacy has been thrown into the spotlight. Its relevance only grows with corporations both large and small mining information from users across platforms. Privacy has thus become the need of the hour, and the privacy that the Dark Web provides has been one its biggest USPs. It has harbored anyone one requiring the shield of privacy including political whistleblowers who have in the past have released vital information on violations against citizens in both tyrannical regimes as well as in democracies. Edward Snowden, whose claim to infamy was indeed surrounding privacy and surveillance, had used and still continues to use the Dark Web to ensure the protection of any communications from his location, which is a Moscow airport terminal.
In the age of #FakeNews targeting the journalism community, the need to protect the private Tor gateway that many journalists use to protect their sensitive information seems to be of paramount importance. But despite what the creators of the Tor would like to believe, the bulk of the active traffic (which differs from the actual number of sites present) in the aforementioned “illegal” branch of the Dark Web is predominantly is that of child pornography distribution.
However, this might not bode the end of the privacy sphere as created by the Tor within the Dark Web. Using the same logic as used by the USDD, given that the increased activity of child pornography and abuse sites is a known factor, it becomes easier for authorities to single out threads of heightened activity within the Dark Web without compromising its integral cloak of privacy. This tactic has been successfully used by the American FBI in the Playpen case where it singled out the thread of rapid activity created by a website called Playpen which had over 200,000 active accounts that participated in the creating and viewing of child pornography. The FBI singled out the traffic for this site due to its dynamic activity and once the source of the activity was precisely determined, the FBI in a unprecedented move extracted the Playpen website from the Dark Web onto a federal server and then were able to access the IP addresses of over a 1000 users who were then prosecuted, with the creator of the site having received 30 years of jailtime. This was all done without the privacy of other Tor users being breached.
Thus, whilst Hamlet’s existential question may not have a middle ground to settle on, the status of regulations on the Dark Web could be established by using the past precedent and by using better non-invasive surveillance methods along with international cooperation, in order to respect its true intended purpose.