On July 24, 2019, Facebook, YouTube, Microsoft and Twitter announced that they had introduced a new pillar to their the Global Internet Forum to Counter Terrorism (GIFCT)— crisis response, released their first GIFCT Transparency Report, and added Pinterest and Dropbox as members. The four companies came together in June 2017 to form the GIFCT. The first workshop was held on August 1, 2017 in San Francisco.

Crisis response focussed on content incident protocol

This fourth strategy is a result of promises made in the Christchurch Call to Action, the GIFCT will introduce “joint content incident protocols for responding to emerging or active events” such as the terrorist attack in Christchurch. This will allow member companies to share, process, and act upon relevant information quickly and efficiently.

Features of the protocol:

  • Can be triggered by a real-world event involving murder or attempted murder of defenseless civilians or innocents
  • Outlines steps that tech companies can take to respond quickly to an attack
  • Companies will work together to categorise the type of incident and the anticipated level and degree of online impact
  • Share intelligence and content with non-GIFCT companies and other stakeholders, as needed, by setting up formal channels of communication.

The other three strategies are:

  • Joint Tech Innovation: includes the Hash Sharing Consortium
  • Knowledge Sharing: conducted 11 workshops around the world in partnership with Tech Against Terrorism; a workshop is scheduled to take place in Delhi in 2019
  • Conducting and funding research: supports Global Research Network on Terrorism and Technology (GRNNT) which develops research and provides policy recommendations around the prevention of terrorist exploitation of technology; published 6 papers in 2019, and 6 more will be published by the end of 2019

GICT Transparency Report

This report complements individual transparency reports put out my member companies. It gives the following details:

  • GIFCT’s primary work streams
  • How Hash Sharing Consortium defines terrorist content (“define terrorist content based on content relating to organizations on the UN Terrorist Sanctions lists”)
  • Volume and types of content included in the database

Important disclosures from the report:

  • No formal requests from law enforcement or governments to access the hash sharing consortium database or GIFCT content
  • No access to non-industry members

More than 200,000 digital fingerprints in the Hash Sharing Consortium

Hash Sharing Consortium, the jointly developed shared industry database of “hashes”, that is, digital fingerprints, which predates GIFCT, enables companies to share known terrorist images and video propaganda with partner companies. Since the creation of GIFCT, they have increased the volume of hashes in the database — 100,000 hashes in 2018, and more than 100,000 hashes in first six months of 2019.

What is a hash?

The consortium shares “hashes” (or digital fingerprints) of known terrorist images and videos. The image or video is “hashed” in its raw form and is not linked to any source original platform or user data. Hashes appear as a numerical representation of the original content and can’t be reverse engineered to create the image and/or video.

This database includes photos and videos. They are expanding it to include URLs “that lead to known terrorist and violent extremist content online”.

13 members of Hash Sharing Consortium: Microsoft, Facebook, Twitter, YouTube, Ask.fm, Cloudinary, Instagram, JustPaste.it, LinkedIn, Verizon Media, Reddit, Snap, and Yellow.

According to the GIFCT Transparency Report, hashes are given the following labels in the shared database (their share within the database is given in brackets):

  • Imminent Credible Threat (ICT 0.4%): A public posting of a specific, imminent, credible threat of violence toward non-combatants and/or civilian infrastructure.
  • Graphic Violence Against Defenseless People (4.8%): The murder, execution, rape, torture, or infliction of serious bodily harm on defenseless people (prisoner exploitation, obvious non-combatants being targeted).
  • Glorification of Terrorist Acts (GTA 85.5%): Content that glorifies, praises, condones or celebrates attacks after the fact.
  • Recruitment and Instruction (R&I 9.1%): Materials that seek to recruit followers, give guidance or instruct them operationally.
  • New Zealand Perpetrator Content (0.6%): Due to the virality and cross-platform spread of the attacker’s manifesto and attack video, and because New Zealand authorities deemed all manifesto and attack video content illegal, the GIFCT created a crisis bank to mitigate the spread of this content.

Toolkit to Counter Violent Extremism

GIFCT released cross-platform counter-violent extremist toolkit that they developed with Institute for Strategic Dialogue. It will assist civil society organisations “in developing online campaigns to challenge extremist ideologies, while prioritizing their safety”.

New members — Dropbox and Pinterest

  • Pinterest and Dropbox are new members of the GIFCT
  • Membership Criteria launched in December 2018
  • Will continue to add new members, especially smaller companies