The recent takedown of dark web drug markets AlphaBay and Hansa have raised questions about the tactics of law enforcement and, specifically, whether some Hansa users were “entrapped” after the July 3rd closure of AlphaBay by the Department of Justice (DOJ). Before answering the question, the facts surrounding law enforcement’s investigation must be examined.
AlphaBay and Hansa are dark web sites only accessible through browsers like Tor, which scramble the location of users and site operators, making it all but impossible for the authorities to identify the whereabouts of the servers hosting a specific site. Users pay for goods with virtual currencies like Bitcoin, which cannot be easily tracked by financial institutions or law enforcement. AlphaBay and Hansa operated much like eBay; in that, hosting vendors would sell their wares, usually drugs, and pay a commission to the site on each purchase. As such, the sites were functioning in June 2017 as worldwide digital drug trafficking enterprises but with anonymity features that included encryption of message and public “PGP keys.” The transactions were safe, anonymous and invisible to law enforcement.
How big was AlphaBay? In 2 years of operation, it logged more than $1 billion in transactions and hosted 200,000 users and 40,000 vendors with 250 places to buy heroin
But that all began to unravel on June 20 when the Dutch National Police covertly took control of Hansa by seizing several servers in Europe. This action allowed real time surveillance of criminal activities and the ability to log transactions including the identification of buyers and sellers.
While the Dutch were monitoring Hansa, the DOJ, on July 4th, shut down AlphaBay and arrested the site’s founder, Alexandre Cazes, in Bangkok. Cazes committed suicide in his jail cell shortly after his arrest.
With AlphaBay closed, law enforcement took the unprecedented step of luring its former users to Hansa via forums on Reddit. Hansa had an eight times increase in new users immediately following the closure of its competitor AlphaBay. The problem, of course, is simple: the users who were on Hansa after its covert takeover by the Dutch Police could very well face prosecutions once the intercepted transactions are turned over to local law enforcement.
Did law enforcement entrap users on Hansa by allowing transactions to continue after the site was taken over, and second, luring them to the site through Reddit forums?
Entrapment is a complete defense to a criminal charge on the theory that “Government agents may not originate a criminal design, implant in an innocent person’s mind the disposition to commit a criminal act, and then induce commission of the crime so that the Government may prosecute.” A valid entrapment defense has two related elements; government inducement of the crime and the defendant’s lack of predisposition to engage in the criminal conduct. When analyzing the legal case against Hansa users, two important points exist. First, law enforcement is authorized to monitor illegal transactions during drug investigations. This occurs in every case. Law enforcement had no duty to shut down Hansa before the investigations were complete. Hansa users should never have assumed the completion of transactions meant the site was uncompromised.
Second, Hansa users were on the site to engage in illegal drug transactions. The reason users were on Reddit forums was to find out why AlphaBay was closed and to find other sites, like Hansa, to continue their drug activity. Therefore, federal prosecutors would most likely argue there were no innocent users on Hansa. Each person on the site had a “predisposition” to commit an illegal drug transaction.
However, besides entrapment, Hansa users would have many better defenses than entrapment. For example, in most instances, no drugs or monies were intercepted. As such, trying to show a particular user was part of an illegal dark web transaction would have been done through data obtained from the seized Hansa servers – servers that are located in other countries. Numerous evidentiary issues would exist to admit seized data from oversea servers assuming the seizures were lawful. A question exists as to whether the interception of data on Hansa violated the Fourth Amendment’s restraint on unreasonable search and seizures? Did law enforcement in Europe acquire search warrants before seizing the servers and did their actions conform to American law? Are prosecutors in the U.S. willing to bring law enforcement officials to the U.S. to testify regarding how the Hansa servers were compromised? At this time, no information exists as to the method utilized by Dutch Police to access the Hansa servers. However, tech experts believe many Hansa users were too willing to rely on the “auto encrypt” feature on the market. By modifying the source code of the auto encrypt, law enforcement could have intercepted transactional information before encryption.
Because of these facts, Prosecutions of drug activity on the Hansa servers are much different from a normal drug prosecution and it remains to be seen to what extent the Government will pursue those cases.