What Is the Dark Web? A Research Overview
The dark web is a layer of the internet reachable only via anonymizing networks like Tor. This guide explains what it is, who uses it, and what the risks are.
The dark web is a layer of the internet that standard browsers cannot reach — and that makes it the subject of more mythology than any other part of the network. It is not a separate internet. It is not inherently criminal. It is a collection of websites and services hosted on anonymizing overlay networks, primarily Tor, that require specific software to access. Understanding what it actually is — and what it is not — is the first step toward evaluating its risks and uses honestly.
The internet has three broadly recognized layers: the surface web you search every day, the deep web (unindexed but not hidden), and the dark web (intentionally hidden, accessible only with specialized tools). Most people interact with only the first layer. The dark web sits at the third.
What the Dark Web Actually Is
The dark web consists of web content hosted on overlay networks — primarily Tor (The Onion Router) and I2P (Invisible Internet Project) — that cannot be indexed or accessed using ordinary browsers like Chrome or Safari. These networks use layered encryption and multi-hop routing to obscure both the location of servers and the identity of users.
Sites on the Tor network use .onion addresses — strings of characters that look like 3g2upl4pq6kufc4m.onion — that are not resolvable by standard DNS servers. They exist only within the Tor network itself. This is what makes the dark web distinct from the rest of the internet: it is not merely unindexed, it is architecturally hidden.
The Tor Project, a U.S.-based nonprofit, maintains the Tor software and network. As of 2024, the Tor network sees roughly 2–3 million daily users worldwide, according to Tor Project metrics.
How It Differs from the Surface Web and Deep Web
These three layers are frequently conflated in news coverage. They are distinct categories with different characteristics.
| Layer | What It Is | How to Access | Indexed By Search Engines | Estimated Share |
|---|---|---|---|---|
| Surface web | Publicly viewable pages | Any browser | Yes | ~5% of total web content |
| Deep web | Unindexed but not hidden | Browser + login/auth | No | ~90–95% |
| Dark web | Intentionally hidden overlay content | Tor, I2P, Freenet | No | Fraction of deep web |
The deep web includes your email inbox, banking portal, academic databases like JSTOR and PubMed, and corporate intranets. These are not accessible to search crawlers — not because they're hidden, but because they sit behind authentication walls. The Cisco Annual Internet Report (2020) estimated that the deep web contains orders of magnitude more data than the surface web.
The dark web is a subset of the deep web, but with a fundamental difference: its content is deliberately hidden using anonymizing infrastructure. Understanding the deep web vs dark web distinction prevents a lot of confusion.
A Brief History — From DARPA to Silk Road
The dark web's infrastructure has military origins. In the mid-1990s, researchers at the U.S. Naval Research Laboratory — Paul Syverson, Michael Reed, and David Goldschlag — developed onion routing to protect intelligence communications. The first academic paper on the technique was published in 1996. DARPA funded further development.
The Tor Project was formally launched in 2002, open-sourced with support from the Electronic Frontier Foundation (EFF) starting in 2004. Making it open-source was a deliberate strategy: if only government agents used the network, it would be easy to identify them. Civilian adoption created the privacy cover the network needed to function.
Tor saw gradual adoption by journalists, dissidents, and privacy advocates through the late 2000s. Then, in 2011, Silk Road launched — a pseudonymous drug marketplace run by Ross Ulbricht under the alias "Dread Pirate Roberts." Before its FBI seizure in October 2013, Silk Road had processed an estimated $1.2 billion in transactions. It changed public perception of the dark web permanently, and not accurately.
For the complete timeline, see the history of the dark web.
Who Actually Uses the Dark Web
The popular image — a criminal buying contraband — is a subset of dark web users, not the majority. Research by the Oxford Internet Institute (2019) found that censorship circumvention and general privacy were the most common motivations for Tor use globally.
The actual user base includes:
- Journalists and whistleblowers — SecureDrop, maintained by the Freedom of the Press Foundation, runs on Tor. Organizations including The Guardian, Washington Post, and The New York Times use it to receive documents from sources safely.
- Political dissidents — During Iran's 2022 protests, Tor usage from Iran spiked measurably. Authoritarian governments block platforms; Tor unblocks them.
- Cybersecurity researchers — Firms like Recorded Future, DarkOwl, and Flashpoint monitor dark web forums professionally for threat intelligence.
- Ordinary privacy seekers — People who want to avoid ISP tracking, ad profiling, or government surveillance in restrictive states.
- Criminal actors — Drug markets, fraud forums, and stolen-data markets do exist. They are a real part of the ecosystem, just not the whole of it.
For a detailed breakdown, see who uses the dark web.
The Legitimate Uses — And Why They Matter
Several well-known news organizations operate official .onion mirrors. The BBC launched a Tor mirror in 2019 specifically to reach audiences in censored countries. The New York Times followed. These are not dark-web curiosities — they are infrastructure decisions made to serve readers who cannot access clearnet news.
SecureDrop is perhaps the clearest example of the dark web serving a democratic function. It is the primary secure submission system used by investigative journalists worldwide to receive tips and documents from sources. Without Tor's anonymity layer, many sources could not safely share information.
Freedom House's 2023 Internet Freedom report documented internet restrictions in 70 countries. In that context, the dark web is less a criminal marketplace and more an access layer for people whose governments have blocked the open web.
Using Tor is legal in the United States, United Kingdom, and most of the European Union. For a full breakdown of legal to access the dark web across jurisdictions, see our dedicated guide.
Risks and Realities
The dark web carries real risks, and none of them should be minimized. Scams are endemic — exit scams, phishing sites mimicking legitimate markets, and outright fraud are common. Malware distribution is prevalent. Law enforcement actively monitors dark web forums and markets: the FBI, DEA, and Europol have run joint operations that resulted in hundreds of arrests.
Illegal content exists and is actively policed. Possession of certain content — regardless of the network you accessed it on — carries serious criminal penalties.
Understanding risks on the dark web before accessing any dark-web content is not optional. Neither is understanding how Tor Browser works before using it.
The dark web is a real infrastructure layer with legitimate users, significant risks, and a documented history. The rest of this site covers each part of that picture in detail.
Frequently Asked Questions
Is the dark web the same as the deep web?
No. The deep web is any web content not indexed by search engines — including your email inbox, bank account portal, and academic databases. The dark web is a subset that requires anonymizing software (primarily Tor) to access and is deliberately hidden. All dark web content is part of the deep web, but most deep web content has nothing to do with the dark web.
Can you be tracked on the dark web?
Tor significantly reduces the ability of outside observers to link your traffic to your identity, but it does not make you invisible. Law enforcement has de-anonymized Tor users through traffic analysis, compromised exit nodes, and — more commonly — poor operational security on the part of suspects. Several major market operators were identified through mistakes unrelated to Tor itself.
Is it illegal to access the dark web?
In most Western jurisdictions — the U.S., U.K., EU member states — simply accessing the dark web using Tor is not illegal. What you do there may be. Purchasing controlled substances, accessing certain categories of illegal content, and participating in fraud are illegal regardless of the network you're on.
What is a .onion address?
A .onion address is a hostname used to identify hidden services on the Tor network. Unlike standard domain names, .onion addresses are not registered through a DNS authority. They are derived cryptographically from the public key of the server hosting the service. They are only resolvable within the Tor network.
Who built the dark web?
The underlying infrastructure — onion routing — was developed by Paul Syverson, Michael Reed, and David Goldschlag at the U.S. Naval Research Laboratory in the mid-1990s. The Tor Project, founded in 2002, built the open-source network that most people use to access the dark web today.