Learning by pioneering: Stop Dark Web crimes by Public-Private Collaborations

In July 2017, following 10 months of investigations, the Dutch police working in collaboration with law enforcement agencies (LEAs) in Germany, Lithuania, the United States and Europol, took control of the Hansa Market, one of the largest market places on the dark web facilitating trade in drugs. By identifying, arresting and hijacking the accounts of two of the market administrators, the Dutch police gained full control over the market place. But instead of taking it down immediately, police decided to run the site for another 27 days. This enabled them to collect significant amounts of incriminating data about the site’s administrators, sellers and buyers. Of course in full secret, and in close cooperation with the Dutch Public Prosecution Service on the legal aspects. A smart deal was made with the FBI, that was at that time about to take down Alphabay, the largest dark market at that time. By keeping the reason for its downing secret, many of Alphabay’s users flood to Hansa market, right into the hands of the Dutch Police.

 

This example further highlights why only an integral approach based on public-private collaboration can stop dark web crimes. With this in mind, a high level delegation of directors, Members of Parliament and other experts gathered at the head office of the Dutch National Police on the 4th of September to discuss the outcome of the MEDI@4SEC workshop “Policing the Dark Web”. The goal of the evening was to increase awareness on the risk that crime on the Dark Web poses to public security and highlight its undermining effect on society at large.

 

During the evening of September the 4th, the police gave the audience a unique insight in the behind-the-scene of this unprecedented and innovative operation:

“We realized that we could do serious damage to the trust of users in the so far anonymously deemed ecosystem.”

 

The disruptive effect was also reported by TNO, who researched the effect the takedowns had on the behavior of users on the dark web. Many lessons can be learned from this successful case. Perhaps the most important is that close international collaboration between LEA’s is required to fight the internationally organized crime on the dark web. Silo working by police departments needed to be broken. But any response also requires the involvement of other, non-LEA stakeholders. In the case of Hansa, coordination with the postal services to intercept drugs purchased in the market before they reached their buyer.

To take forward the discussions and develop a follow-up strategy a panel representing the main Dutch stakeholders was formed1. The panelists unanimously endorsed the actions recommended by the MEDI@4SEC workshop held last year. They see public safety and security as a joint responsibly of public and private partners and citizens at large.

 

The Dutch Association for Transport and Logistics argues that the drugs trade puts at risk the Netherlands’ excellent reputation as logistical hub; International banks run the risk of unintentionally facilitating crime by money laundering, which became painfully clear by the recent scandal at the ING bank; Mayors of Dutch and Belgium cities suffering from a growing underground drugs business state that:

“If not stopped, the trade in drugs undermines our rule of law, and eventually large parts of our social and political society.”

 

The panelists concluded that an integral approach – from awareness, prevention, disruption to prosecution, from public to private and from municipalities up to the international level – is needed to fight crime on the dark web. Mutual trust and new smart mechanisms to share information are crucial to the success of it. Privacy regulations are often mentioned as barriers to share information, but according to the public prosecution office much more can be done before privacy regulations come into play.

 

But crucially it is action rather than inaction that is required. As Theo van der Plas, director Cybercrime and Digitalization at the Dutch police, concluded:

“Just do it, and learn from your mistakes.”

 

Further details of the workshop, the reports published from it and the online discussion it prompted can be viewed at media4sec.eu/workshops/darkweb/.

 

 

1 Among others this included: the Team High Tech Crime and the Dark Web team of the Dutch National Police; the Public Prosecution Service; the investigation department of the Tax Office; a large international bank; the Dutch Association for Transport and Logistics; the head of international cyber policy of the Ministry of Foreign Affairs; and an expert from INTERPOL.

 

Marijn Rijken

Author: Marijn Rijken

Collaborative Intelligence for National Security, Workpackage Lead MEDI@4SEC

Leave a Reply

Your email address will not be published. Required fields are marked *