“We need to look at the internet from the point of view of privacy and security,” said Matt Beckstrom, systems librarian at Lewis and Clark Library in Helena, Montana. With the end of net neutrality and increased awareness of data collection by companies like Facebook, internet users are more engaged with online privacy issues than ever. People are turning to dark web tools to protect their anonymity, and libraries have an opportunity to help users learn about and access these tools.
At “Casting light on the Dark Web: Dispelling myths and using it to preserve your anonymity” on June 23 at the ALA Annual Conference and Exhibition in Washington, D.C., Beckstrom and Brady Lund, PhD student at Emporia (Kans.) University School of Library and Information Management, explained the basics of the dark web and how libraries can use it.
You can think of the internet like an iceberg: “Everything above the water is called the surface web,” said Beckstrom. The surface web includes popular websites including news sites, Facebook, and ecommerce. “That feels like a very large part of the internet, but in reality, at least 80% or 90% of the internet is part of the deep web.” Deep web content isn’t indexed by search engines. It includes anything behind a paywall or other authentication, as well as internal networks like corporate intranets. The dark web is a subset of the deep web but, unlike most of the deep web, requires specialized tools to access. This distinction is not often clear: “One publisher asked if our book is going to help people hack into other people’s databases,” Lund said. “No,” he added.
“The dark web really should be called something more like the hidden web,” said Beckstrom. “Dark automatically gives the impression that it’s evil, that something’s wrong.” The dark web’s reputation is often connected to criminal black markets like Silk Road, a dark website for drugs and arms dealing that was first shut down in 2013 and again in 2014. Beckstrom and Lund both believe it’s important to acknowledge that illegal activities happen on the dark web. But, “the systems were not designed for this purpose,” Lund said, and “we think the platforms shouldn’t be overlooked because of these things.”
Unlike the surface internet, many dark web sites are not interlinked, and web addresses can often change. Because of this, there are a number of tools for accessing the dark web and most are highly specialized. “Remember Napster?” Beckstrom asked. “That was a dark web platform.”
The platforms most likely to benefit libraries in protecting patron privacy are those that are built like web browsers and can be used to access the surface internet as well as dark websites. Tor (originally short for “The Onion Router”) works like a normal web browser and even has a mobile browser available on Android devices. While privacy modes in common internet browsers provide a layer of anonymity by blocking cookies, identifying information like IP address and device fingerprints can still be linked back to a user. In Tor, requests are encrypted and routed through “nodes” on the network to make the origin of the request anonymous. These extra steps make accessing websites slower—Beckstrom doesn’t recommend using Tor or browsers like it to stream Netflix, for example—but provide an added layer of security.
Other dark web browsers include I2P, which “tunnels” traffic through a series of networked computers to a resource and then returns that data along a different path, again making it difficult to trace. It can also be used for end-to-end encrypted messaging and was designed to allow people to get information out in a way that couldn’t be censored or blocked. Freenet began as a graduate student’s thesis project, and stores information in distributed nodes which prevents anyone from knowing who’s accessing the information, or who put it there. However, Freenet does require users to store encrypted data from other users on their own machine as part of the network.
For the most part, libraries can easily install dark web browsers on public computers, with some limitations for libraries that receive federal E-rate funding and are required to filter websites. A year ago, after consulting with his district attorney, Beckstrom installed Tor on the public computers in his library system and hasn’t had any problems. He’s also begun to use the browser as a teaching tool to raise awareness of how users can proactively protect their privacy online.
“Libraries can become a part of it, too,” said Beckstrom. Lund highlighted the work of the Library Freedom Project, which encourages libraries to act as Tor nodes, which accept and pass along traffic anonymously.
For more information, Beckstrom and Lund’s LITA guide Casting Light on the Dark Web: A Guide for Safe Exploration (Rowman & Littlefield 2019) will be released in September.