top of page

Lighting the Dark Web: A Possible International Law Approach


Introduction

Imagining a world without the World Wide Web is downright impossible in the current “information civilization”. Its expansiveness, ubiquity and necessity has brought with it a plethora of new challenges— the ones concerning the pivotal interaction between Dark Web, Artificial Intelligence [“AI”] and cybersecurity have accelerated to an even more serious international concern with the advent of Web3. The Web can be divided into three parts: surface, deep and dark. Surface web is the part you are using to access this blogpost, it is the part that is traceable by web crawlers, search engines, and indexes. It forms 4-10% of the web, rest however, is the Deep and Dark Web. Deep web includes “pages that cannot (yet) be indexed by search engines”, whereas the Dark Web forms a 0.01% of the Deep Web where the “content is deliberately hidden, mostly (but not entirely) to facilitate the carrying out of illicit activities”. Dark Web runs on completely anonymized protocols such as the one seen on Tor browser where normal IP tracking becomes entirely ineffective and therefore, identities become entirely untraceable. Dark web then is a breeding ground for nefarious activities such as terrorism, narcotic and weapon smuggling, child pornography and human trafficking, amongst others.

The rise of cryptocurrencies and AI has aggravated the law and order concern further by providing further upholstering to the anonymized and encrypted nature of the Dark Web. Cryptocurrency, highly encrypted and decentralized like the dark web, is used for these illegal transactions owing to its inherent anonymity, and security benefits. The lack of traceability and easy integration with the web architecture renders these tokens highly attractive to users. Similarly, dangerous dark-web fed AI models made to propagate criminal activities are propagated on the dark web, and bought with cryptocurrency. These AI models aid both cyber and non-cyber-criminal activities on the web by writing malicious code, exploiting vulnerabilities, and launching attacks, amongst other things (direct involvement) and otherwise facilitating harmful actors on the web (indirect involvement).

International law challenges

The highly transnational nature of the dark web and the problems it poses can cause any national action in isolation to “unravel " the"harmony " between government practice and international law”. The non- coordinability of the dark web owing to its anonymity (procedural coordination) and its undeniably international nature challenging (official coordination) render any straightforward international law solution improbable. One of such responses as hacking the dark web is already raising international law reproach. It then is not surprising that no existent framework exists on the international law problem posed by the Dark Web.

Existing Framework

However, considering the problem is of a serious nature and has stayed around for a while, an existing framework under the international law regime does offer some guidance on how to deal with such issues. The Budapest Convention on Cybercrime for instance, developed by the Council of Europe is a pioneering multilateral treaty that promotes international cooperation in combating cybercrimes, encompassing aspects of investigation, prosecution, and extradition. Similarly, the UN Convention against Transnational Organized Crime, commonly known as the Palermo Convention, and its protocol on human trafficking, have played an indispensable role in tackling

transnational cybercrime committed through organized criminal groups. Furthermore, the Tallinn Manual on the International Law Applicable to Cyber Warfare including its revised version, The Tallinn Manual 2.0 are non-binding documents prepared by international legal experts, offers guidance on the application of existing international law to cyber conflicts, thereby aiding in the interpretation of legal principles in this context. Similarly, the Paris Call for Trust and Security in Cyberspace [“Paris Call”] is a high-level declaration of nine non-binding principles aimed to ensure “a free, secure and open” cyberspace. Additionally, an Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes has also been set up by the UN to discuss and negotiate a treaty to address challenges faced due to cybercrime, in response to repeated proposals for the same by Russia. However, it has been the subject of deep criticism and is also unlikely to be concluded.

Limitations To the Existing Framework

It is worthwhile to note that while the existing piecemeal approach offers valuable tools for addressing cybercrimes, they were not explicitly designed to tackle the intricate and hidden nature of the dark web. This fragmented approach results in a lack of comprehensive oversight, leaving significant gaps in addressing the specific issues that arise within the dark web’s clandestine networks. The absence of a dedicated regulatory framework tailored to the dark web means that regulations and enforcement efforts often lag behind the rapidly evolving tactics employed by criminals in this space. Without a unified and up-to-date international legal framework, it becomes increasingly difficult to combat the multifaceted challenges posed by the dark web. The problem is worsened by the fact that Dark Web’s highly anonymous and transnational nature already poses major jurisdictional and collaboration concerns vis-a-vis any possible international law application. A piecemeal approach muddies the already murky waters further.

Suggestions and Way Forward

Perhaps the most obvious solution to this would seem to be the formulation of a treaty. However, it may not be the ideal path forward in the case of the dark web. One significant impediment to the treaty approach lies in the inherent challenges of achieving consensus among the diverse states involved. Given the divergent interests, legal traditions, and priorities of different nations, reaching agreement on vital issues related to the dark web could be a protracted and contentious process. Moreover, the dark web is characterized by its ever-evolving nature. Its clandestine activities and technological landscape change rapidly, rendering it difficult to predict and incorporate these changes within the framework of a treaty.

Even in the unlikely event that a treaty is successfully crafted, the process of adapting it to accommodate new developments in the dark web could be an onerous and time-consuming endeavor. This raises concerns about the treaty’s effectiveness in addressing the dynamic challenges posed by the dark web and highlights the need for more flexible and responsive regulatory mechanisms.

Therefore, it becomes imperative to consider alternate mechanisms for regulation. One such alternative gaining support among several countries, including the United States, China and Australia, is the formulation of international norms. Unlike treaties, which are legally binding agreements that necessitate complex negotiations and ratification, norms offer a more flexible approach to shaping international behavior. Norms can provide a framework for responsible state

behavior, addressing issues such as cybersecurity, data protection, and the prevention of cybercrimes.

By fostering cooperation and setting common expectations, international norms can contribute to a more agile and adaptable response to the unique challenges posed by the dark web. Since norms are often based on general principles, consensus building is generally less challenging than with treaties. Further, This approach also allows for quicker adaptation to emerging challenges and technological advancements within the dark web.

In the realm of cyberspace, the importance of norms is already being recognized by both states and corporations, offering a promising model for addressing the challenges of the dark web. Initiatives like the Paris Call underscore the commitment of states to establish a set of norms that promote a safe and secure digital environment. Similarly, in April 2018, Microsoft launched its Digital Peace campaign alongside the Cybersecurity Tech Accord, an agreement designed to encourage the internet and technology industry to enhance customer privacy and security protection against cyberattacks.

Additionally, in May 2018, Siemens introduced a Charter of Trust aimed at fostering adherence to security principles and processes, with the ultimate goal of establishing a global standard for cybersecurity. In a similar vein, the development of norms specifically tailored to the challenges posed by the dark web is essential.

The idea is to have guidelines, standards, and policy documents of a non-binding nature to influence and further shape the norms which have been argued before in this article. These soft- law instruments should encourage principles and values that already find their presence in the current and proposed norms regarding conduct on the Dark Web.

For instance, though any expectations of privacy on the dark web are remarked to be suffering from a want of reasonableness, the international law instruments should aim at inculcating promotion of safety, harmony, peace and balance between governmental surveillance and investigative interests and freedom of speech and right to privacy on the other hand. Here, extant norms do cater to both interests in some way and future norms can aim at this balance. At the end, it is all a complex calculation and constant reconfiguration in an increasingly complex and dynamic environment of the Dark Web.

Additionally, since coming across an international law approach for purely the Dark Web remains elusive, extrapolating possible solutions from other Dark-Web technologies such as AI and Cryptocurrency becomes a favourable option. For instance, an international Dark Web regulatory agency to create a unified framework for the regulation of Dark Web and allied technologies and inform the development of such policies around the world could be established. The same has been already suggested effectively in an AI context. Another suggestion could be formulation of global standards on regulating activities on the Dark Web. One of such sub-standards could be standard guidelines to ensure legality of such online transactions. The aforementioned standard concerns Bitcoin, one of the ubiquities of illegal transactions on the Dark Web.

Conclusion

In navigating the Dark Web's multifaceted challenges, adaptability and cooperation are key. A dynamic and flexible approach is essential to protect the digital realm while embracing the ever- changing nature of this hidden web. Overall, it is important to note that more progress will be made should the stakeholders choose to work with the technology rather than against it. An apt understanding of the Dark web is required for addressing the challenges it poses and the

international law application that could thus be attracted. Ultimately, In situations of high uncertainty and lack of clarity like this, prudence lies in promoting values rather than binding frameworks.


Authors:

Nandini Babbar and Parul Anand are Law Students at National Law University, Jodhpur.

3 views0 comments

Comments


bottom of page