The Silk Road trial: lessons for Internet regulation


On May 28 2015, federal district judge Katherine Forrest sentenced Ross Ulbricht to life in prison for his role as the creator and administrator of the notable dark net website Silk Road. The site was an anonymous online marketplace that could run using encrypted connections over the Tor network. The security and anonymity allowed users to sell drugs and other illegal goods and services. The transactions were possible because of Bitcoin.

The Silk Road opened in January 2011 and ran until October 2013, when Ulbricht was arrested in a public library in San Francisco, the servers seized, and the bitcoins appropriated. The story of how he was caught and the site brought down makes for a fantastic read, but this post is about what it can teach us about Internet regulation.

Silk Road was a cyber-libertarian paradise. The fact that it was anonymous and encrypted meant that, this was a website that was in many ways truly immune from the laws of the real world. The Silk Road allowed the commerce of individuals identifiable only by their user name, who could buy illegal items and pay them with anonymous bitcoins. Ulbricht was a libertarian who was using the site as a means of rebellion against the State, and the inhabitants of the space were in the “front lines of revolution”.

For over two years, the site worked under the premise that no regulation was possible. The Silk Road took the distributed and resilient ideals of the Internet to its extremes. The website could run using encrypted protocols known as Tor Hidden Services. Any computer can be setup to run as a server that does not show its IP address, and the Silk Road was installed in a server farm in Iceland that in theory could never be found. By using Bitcoin as the currency of choice, buyers were able to purchase drugs from a seller, pay it with anonymous currency, and these would be sent using the postal service.

But despite such security, the Silk Road eventually unravelled because Cyberspace cannot help but coexist with the real world. We may think that our digital lives exist in a bubble of zeros and ones, but the digital self needs to eat as well. Ulbricht started making small errors that had effects in reality. By making a few programming mistakes on the Silk Road code, the server’s IP address was visible on a few occasions. This was picked up by enthusiasts and talked about in Reddit forums, which were monitored by the authorities. Eventually, an FBI task force identified the server’s location in a hosting facility in Iceland. But having access to the server was not enough, as Ulbricht was connecting to the server using Tor as well, and therefore his IP address was anonymous. However, investigators were able to discover a few occasions when Ulbricht had let his guard down, and discovered that Dread Pirate Roberts (Ulbricht’s alias in the network) had logged from a café in San Francisco.

Little mistakes continued to accumulate. Two Silk Road administrators were arrested by police, and started collaborating and providing details of the operation. Furthermore, Ulbricht had excellent security after he created Silk Road, but before he had used aliases online that were easily uncovered after a Google search. Particularly damning was a comment in a drugs forum promoting Silk Road, and a question in a coding forum, all using the same online name and email address under his name. These details were eventually used to find and arrest him while he was logged into the administrator screen of the Silk Road.

The story of Silk Road encapsulates nicely the strange duality that exists at the heart of the Internet. On the one hand the dark net is a lawless space where a technical elite can work as they please. However, once a service or a user becomes the subject of law enforcement, individuals tend to fall because they usually have to interface with the real world, and invariably they will make a mistake that leads to their demise.

Ulbricht’s harsh sentence can also be read with Internet regulation in mind. It is incredible that running an illegal service would culminate in a life behind bars, and it seems like Judge Forrest was sending a message to the geeks: if you break the law, we will find you, and we will lock you up for a long time. This has all the hallmarks of a public hanging, the establishment is sending a clear message that online conduct is no different from other crimes.

One thing is clear, the cyber-libertarian ideal has taking a large hit. Will it survive?

Comments 2

Leave a Reply