Addressing the Challenges of Enforcing the Law on the Dark Web

By Clayton Davis for

The landscape of law enforcement has changed as a result of the dramatic increase in criminal activity committed by means of the internet. While vast advancements in technology may lead one to believe that tracking criminals on the internet should be a distinct possibility, the reality of the situation is that crime thriving on the internet in an unprecedented manner. This is a direct result of criminals utilizing technology to maintain anonymity on the Web, which allows them to evade law enforcement with ease.

To understand why law enforcement has become so difficult on the Web, it is helpful to analyze the Web’s three parts. First, there is what has been dubbed the “Surface Web.” The Surface Web includes “anything that can be indexed by a typical search engine, like Google or Yahoo.”[1] Anything that can be accessed through these engines is within the domain of the Surface Web. Beyond the Surface Web is the “Deep Web.” This phrase includes “the remaining part of the Web that the Surface Web does not cover.”[2] This means that anything inaccessible through the use of a search engine qualifies as part of the Deep Web. This could include private servers which only those with permission may access, intranets utilized by a variety of organizations, or even typical social media pages that users wish to keep hidden from the general public. The final section of the Web is the “Dark Web.” The Dark Web is “a small portion of the Deep Web that has been intentionally hidden and is inaccessible through standard web browsers.”[3] Internet users are incapable or accessing this portion of the Web without the utilization of browsers dedicated to providing absolute anonymity to the user. As a result of browsers granting this anonymity to users, the Dark Web has become a hotbed for criminal activity, and an unmitigated headache for law enforcement.

A King’s College London study is helpful for demonstrating the scope of this problem. According to researchers, a series of scans of websites accessible through Tor (or “The Onion Router”) confirmed that an identified 1,547 out of 2,723 live sites “were successfully classified” as containing “illicit content.”[4] The scan determined that the most common contents of these websites on Tor included “drugs, illicit finance and pornography involving violence, children and animals.”[5] Thomas Rid, one of the King’s College London professors who directed the study, stated that “more than 50 per cent of what’s hosted [on Tor] is illegal and illegitimate” and that “other studies put that figure even higher, but [their study] applied a very conservative classification.”[6] Additionally, Rid acknowledged that the extent of the problem could be far greater. He explained that “you can never be sure that you actually access all of the dark web” and that it’s likely the problem could be larger in scale as “it’s always possible [the scan] missed sites because of the way [Tor is] designed.”[7] The King’s College London’s findings indicate, with the support of substantial amounts of evidence, that the Dark Web is enabling criminal activity. Further, the sheer volume of activity found on this section of the Web highlights the fact that law enforcement is having significant difficulties identifying and tracking down those involved.

This poses the question, how can law enforcement address burgeoning criminal activity on the Dark Web? One practice that law enforcement agencies around the world have commonly employed has been undercover investigation on the Web. Such investigations have included enforcement agent usage of “investigation chat rooms” or other “peer-to-peer networks” to “[pose] as offenders” or participants in illicit activities.[8] This method of enforcement has generated significant results. For example, the FBI found success in the arrest of Ross Ulbricht, the creator of the “Silk Road.” In 2013, the FBI described the Silk Road as “the most sophisticated and extensive criminal marketplace on the Internet today.”[9] Reportedly, Ulbricht’s involvement in the Silk Road was exposed by an undercover agent who located a series of posts on Dark Web forums.[10] After monitoring accounts suspected to be linked to the Silk Road, the agent found a post in which Ulbricht provided his Gmail account, through which the FBI managed to locate him.[11] While undercover operations have historically seen success, they are beginning to fall out of favor as “there is a lot of undercover police presence on the Internet” which is causing online criminals to become increasingly suspicious.[12] While undercover investigations are an extremely useful tool for law enforcement on the Dark Web, awareness amongst criminals regarding these investigations is preventing these investigations from becoming a permanent solution to the problem.

Another method of enforcing the law on the Dark Web is the use of “honeypot traps.” These traps are websites “that purport to” be related to illicit activity “but in fact are set up by police and are designed to capture the IP address” of Web users. The FBI employed the use of this tactic when the agency created a site called “Playpen” to lure internet criminals.[13] This resulted in significant backlash as the site “included links to more than 23,000 sexually explicit images and videos of children… including more than 9,000 files that users could download directly from the FBI.”[14] In response to the FBI’s usage of these files, the Justice Department stated that “children depicted in such images are harmed each time they are viewed, and once those images leave the government’s control, agents have no way to prevent them from being copied and re-copied to other parts of the internet.”[15] The FBI stood by their utilization of the files, with one official claiming that “there was no other way we could identify as many players” on the Dark Web.[16] Aside from the ethical dilemmas posed by law enforcement participating in illegal activity to “trap” online criminals, there are further concerns regarding this method of enforcement. A primary concern is that many “see [honeypot traps] as a form of entrapment and a violation of civil liberties.”[17] Those involved with honeypot traps have stated that “the purpose of [the traps’] existence is to create uncertainty in the minds of offenders and reduce the sense of freedom and anonymity.”[18] While the concept of deterring criminals from acting on the Web due to the possibility of honeypot traps is appealing, there are numerous moral complications that accompany the use of such tactics. Further, there is not a significant amount of data that indicates that honeypot traps are the most effective method of policing illegal activity on the dark web. This coupled with the ethical concerns surrounding honeypot traps indicates that there may be more appropriate solutions available.

Within recent years, law enforcement around the world has begun to rely upon the use of hacking to pursue anonymous criminals on the internet. The rise of the Dark Web has provided protection to internet criminals in that it “[obscures] digital footprints left behind with third parties, rendering existing surveillance methods obsolete.”[19]  To combat Dark Web protections, enforcement agencies have begun “[implementing] hacking techniques that deploy surveillance software over the Internet to directly access and control criminals’ devices.”[20] This malware exerts absolute control over foreign computers and can even “force the target computer to covertly upload files to a server controlled by law enforcement” or “commandeer computers that associate with the target by, for example, accessing a website it hosts.”[21] While this technique of tracking down Dark Web criminals boasts massive potential, there are a host of concerns regarding its usage. Federal Rule of Criminal Procedure 41 permits a magistrate to issue search warrants for a device’s location if the “location has been concealed through technological means.”[22] A potential problem with this is that it could result in “the largest expansion of extraterritorial enforcement jurisdiction in FBI history” as “[a]pproximately 80% of the computers on the dark web are located outside the United States.”[23] Due to the nature of Dark Web browsers, “each device’s location is indistinguishable from that of the next” meaning that “any given law enforcement target is likely to be located abroad.”[24] This poses a series of national sovereignty challenges to enforcement of the law that enforcement agencies would be forced to overcome should they wish to pursue internet criminals. This technology-oriented solution to the Dark Web’s crime problem is continuing to develop, and while there are legal barriers to enforcement through hacking, its potential indicates that it could be the future’s method of enforcement.

Criminal activity on the Dark Web is a natural result of the pure anonymity that browsers grant to users. While potential methods of enforcement do exist, each method demonstrates a series of inadequacies. Legal theorists have stated that the only true solution to crime on the Dark Web “would be to get rid of the Dark Web altogether.”[25] However, this is simply not feasible as “[t]here is a lot of demand for the goods and services offered on the Dark Web and someone is always going to take the risks to fulfill that demand.”[26] Acknowledging that there is no way to eliminate crime on the Dark Web in its entirety, it is important to move forward knowing that we can diminish the impact these crimes have on the global community by perfecting existing methods of enforcement.

Clayton Davis is a 3L from Cottonwood Heights, Utah. He enjoys public interest law and currently works as a Law Clerk in the Child and Family Support Division at the Utah Attorney General’s Office.

[1] Amanda Haasz, Underneath it All: Policing International Child Pornography on the Dark Web, 43 Syracuse J. Int’l. L. & Com. 353 (2016) at 356.

[2] Id. at 357.

[3] Id.

[4] Daniel Moore & Thomas Rid, Cryptopolitik and the Darknet, Taylor and Francis Online Vol. 58 (2016).

[5] Id.

[6] Cara McGoogan, Dark web browser Tor is overwhelmingly used for crime, says study, The Telegraph (2016)

[7] Id.

[8] Amanda Haasz, Underneath it All: Policing International Child Pornography on the Dark Web, 43 Syracuse J. Int’l. L. & Com. 353 (2016) at 370.

[9] Tim Hume, How the FBI caught Ross Ulbricht, alleged creator of criminal marketplace Silk Road, CNN (2013).

[10] Id.

[11] Id.

[12] Amanda Haasz, Underneath it All: Policing International Child Pornography on the Dark Web, 43 Syracuse J. Int’l. L. & Com. 353 (2016) at 370.

[13] Brad Heath, FBI ran website sharing thousands of child porn images, USA Today (2016).

[14] Id.

[15] Id.

[16] Id.

[17] Amanda Haasz, Underneath it All: Policing International Child Pornography on the Dark Web, 43 Syracuse J. Int’l. L. & Com. 353 (2016) at 371.

[18] Id.

[19] Ahmed Ghappour, Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web, 69 Stan. L. Rev. 1075 (2017).

[20] Id.

[21] Id. at 1080.

[22] Fed. R. Crim. P. 41(b)(6)

[23] Ahmed Ghappour, Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web, 69 Stan. L. Rev. 1075 (2017) at 1081.

[24] Ahmed Ghappour, Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web, 69 Stan. L. Rev. 1075 (2017) at 1081-82.

[25] Amanda Haasz, Underneath it All: Policing International Child Pornography on the Dark Web, 43 Syracuse J. Int’l. L. & Com. 353 (2016) at 378.

[26] Id.