Updated July 8, 3:40 p.m.
At 2:32 p.m. Eastern Daylight Time on Tuesday, June 28, 2022, the Global Internet Forum to Counter Terrorism (GIFCT) activated the Content Incident (CI) level within its Incident Response Framework in response to an attack in Udaipur, Rajasthan, India and took the following steps:
- Alerted all GIFCT members that the CI had been activated. By this time, in line with our Incident Response Framework, communications were already underway between GIFCT and its member companies to share situational awareness about the offline violence in order to prepare for the potential that the event met the criteria to activate a level of our Incident Response Framework that would result in hashing of perpetrator-produced content.
- Enabled GIFCT members to share hashes of the content understood to be produced and edited by the perpetrators depicting the attack.
- Alerted the United Nations Security Council Counter-Terrorism Committee Executive Directorate and GIFCT’s Independent Advisory Committee that the CI had been activated in response to the attack.
Simultaneously, individual GIFCT members engaged in platform-specific enforcement operations, identifying and reviewing content in line with their respective terms of service, including instances of the content shared in a range of contexts.
At 1:42 p.m. Eastern Daylight Time on Wednesday, June 29, 2022, GIFCT concluded the activated CI based on the time passed since the conclusion of the offline violent event and feedback from members on the level of attempts to upload new versions of the violating content on member platforms. New hashes of the perpetrator-produced content will continue to be added to the GIFCT hash-sharing database as members identify and share them.
While members continue to add new hashes to the database, we can currently provide the following information from this event:
- Between when GIFCT activated the CI at 2:32 p.m. EDT on Tuesday, June 28 and its conclusion at 1:42 p.m. EDT on Wednesday, June 29, members added approximately 54 visually distinct items to the GIFCT hash-sharing database.
- These related to approximately 54 visually distinct videos, no hashes corresponding to still images were added.
Next Steps:
We will continue to follow developments tied to potential violence in an effort to share situational awareness across GIFCT members and remain as prepared as possible to respond to perpetrator-produced content from offline violent attacks.
Research and insights from experts will continue to be provided through the Global Network on Extremism and Technology (GNET), the academic network funded by GIFCT to research issues related to violent extremist behaviors and technologies.
First Published June 28 2022
Content Incident Activated in Response to Attack in Udaipur, Rajasthan, India
At 2:32 p.m. Eastern Daylight Time on Tuesday, June 28, 2022, the Global Internet Forum to Counter Terrorism (GIFCT) activated the Content Incident (CI) within its Incident Response Framework in response to an attack in Udaipur, Rajasthan, India.
The CI was activated due to:
- The existence of content of the attack, apparently produced, edited, and distributed by the perpetrator
- The content depicting attempted violence towards people, and
- The content appearing on GIFCT member platforms.
As a result, hashes corresponding to the perpetrator-produced content depicting the attack in video and image form qualify to be added to the GIFCT hash-sharing database. This enables other GIFCT members to identify whether the same content has been shared on their platforms and address it in accordance with their respective platform policies.
In 2021, GIFCT enhanced our Incident Response Framework, establishing three levels of response to offline violent events with an online aspect. In cases where either the Content Incident (CI) or Content Incident Protocol (CIP) levels are activated, GIFCT enables its members to contribute hashes of the perpetrator-produced content and shares updates publicly on the GIFCT website about our response to the attack.
For more information about:
- GIFCT’s Incident Response Framework that guides how GIFCT and its members respond to mass violent attacks and their online dimensions, see here: https://gifct.org/incident-response/
- GIFCT’s hash-sharing database, see here: https://gifct.org/tech-innovation/
We will provide further updates on this post.