Child Sex Trafficking

Deep Web vs. Dark Web: Defending Children Against Online Exploitation

By April 18, 2014 April 20th, 2023 No Comments

As digital defenders of children, exploring and understanding the deepest and darkest corners of the Internet is part of Thorn’s effort to better combat child abuse imagery and child sex trafficking.

Recently, we have seen an increase in the discussion of the terms “Deep Web” and “Dark Web.” People unfamiliar with these phrases may consider the Deep Web and the Dark Web to be interchangeable terms. However, these phrases refer to very different aspects, and in an effort to better explain where child exploitation is happening online, we at Thorn want to take the opportunity to differentiate the two.

The term “Dark Web” (or Dark Internet) refers to areas of the Internet that are no longer accessible, or that have “gone dark” – i.e. dead ends. This happens when Internet routers stop referencing parts of the Internet, either because old addresses have become compromised by malware, or simply because the routers have forgotten where to access these areas. An example of the Dark Web is the old military site, MILNET, active in the 1980’s, which was part of ARPANET, the progenitor of the modern Internet. ARPANET is no longer accessible by today’s routers, unless they follow very specific instructions.

The Dark Web is therefore fundamentally different than the Deep Web in that the Dark Web cannot be accessed, period. The term “Deep Web,” refers to the “deeper” parts of the web that are accessible, but are considered hard to find because they aren’t indexed by regular search engines. Information on the Deep Web can be indexed, but only using complex search algorithms that have the ability to break down certain barriers. These algorithms are a result of complex research being done on the Deep Web, read more here: “Deep Web Research and Discovery Resources 2014.”

The Deep Web is made up of dynamic content, or content that is password-protected, unlinked, restricted by form-controlled entry, or updated ahead of search engine indexing. Harmless examples of “dynamic” content include your emails on Gmail, .pdf or .doc files stored on Dropbox, personal information stored on Facebook, or private photo albums from your last family reunion.

The malicious Deep Web content that we, at Thorn, are concerned about is primarily hosted on Tor and .onion peer-to-peer network servers (P2P networks), as well as obscure image sharing websites that can only be accessed if you have specific URLs, usernames and passwords. These areas of the Deep Web are where proactive action needs to be taken to stop the largely undeterred child predators who are trading child pornography or offering children for sale.

We applaud the efforts of the Department of Homeland Security for its successful “Operation Round Table,” which identified and dismantled a Deep Web child pornography website that was operating on the Tor network. This site hosted over 2,000 videos and 27,000 members, and was operated by 14 men, all of whom were arrested, and face 20 years to life in prison. Operation Round Table led to the seizure of over 40 terabytes of data that investigators have used to open more than 300 investigations into potential subscribers.

At Thorn, we’re currently exploring what else can be done. We’d be interested to hear from you if you know of research or tools or have ideas of deterring and disrupting exploitation in the deep web.  Share now on our Facebook page, or by emailing us at