GIFCT invests in the development and distribution of groundbreaking technological solutions to support member companies committed to preventing terrorist and violent extremists from exploiting their platforms while protecting human rights.
In 2017, the founding members of GIFCT spearheaded a shared, safe and secure industry database of “perceptual hashes” of known images and videos- produced by terrorist entities on the United Nations designated terrorist groups lists- which GIFCT members had removed from their services.
How does it work?
Digital signatures for an image or video, perceptual hashes are numerical representations of original content and cannot be reverse-engineered to recreate an image or video. To create a hash, a company converts images to black and white and resizes them so that they are identically formatted, then a mathematical procedure known as Discrete Cosine Transform is used to make a digital signature for the image – our hash. Hashes allow GIFCT members to quickly identify visually similar content which has been removed by one member, enabling it to be re-reviewed by other members to see if the content breaches their terms and conditions. All without sharing any user data between companies.
When our members review the content they have identified by hashes, they have the option to feed back to the system and tell us whether they agree or disagree that any one hash relates to terrorist activity, and to rate its severity.. At GIFCT, we respect that each member might operate a little differently. We don’t tell our members how to use the hashes or how to apply their own policies. Rather, we are here to help our members collaborate, and together we can make terrorists ineffective online.
Hash-Sharing Database Taxonomy
GIFCT originally established the hash-sharing database taxonomy in 2017 with content produced by individuals and entities on the United Nations Security Council’s Consolidated Sanctions List in order to find common ground amongst tech company members who often use slightly different operational definitions of “terrorism” and “terrorist content”. Following the terrorist attacks in Christchurch, New Zealand in March 2019 in which the perpetrator livestreamed his attack, GIFCT expanded the taxonomy in order to enable hash-sharing of content from such attacks where violent propaganda is produced and addressing producers of terrorist content that are not included on the United Nations Security Council’s Consolidated Sanctions List.
Hashes of terrorist content that qualify to be put in the hash-sharing database currently must meet the following taxonomy that recognizes the producers of the content as well as the type of content:
- Content produced by individuals and entities on the United Nations Security Council’s Consolidated Sanctions List when the content depicts or includes:
- Imminent Credible Threat (ICT): A public posting of a specific, imminent, credible threat of violence toward non-combatants and/or civilian infrastructure.
- Graphic Violence Against Defenseless People (GVADP): The murder, execution, rape, torture, or infliction of serious bodily harm on defenseless people (prisoner exploitation, obvious non-combatants being targeted).
- Glorification of Terrorist Acts (GTA): Content that glorifies, praises, condones, or celebrates attacks after the fact.
- Recruitment and Instruction (R&I): Materials that seek to recruit followers, give guidance, or instruct them operationally.
- Video or livestream content depicting murder or attempted murder produced during a terrorist or mass violent attack by the perpetrators or accomplices that results in GIFCT activating the Content Incident Protocol (CIP) [hyperlink to CIP page on GIFCT website]. When this content is hashed and shared in the database, it includes a label corresponding to the specified activated CIP.
- Activated CIPs and corresponding labels in the database currently include:
- Christchurch, New Zealand Perpetrator Hashes: On March 15, 2019, the need for a separate hash label was declared after an attacker live-streamed his attack on two mosques.
- Halle, Germany, Perpetrator Hashes: On October 9, 2019, a CIP was declared following an attacker livestreaming his attack on a synagogue.
- Glendale, Arizona, U.S., Perpetrator Hashes: On May 20, 2020, a CIP was declared following an attacker livestreaming his attack on the Westgate Entertainment District.
Going forward, we are working to expand the taxonomy for the hash-sharing database empowering our members to combat a broader range of terrorist activity, address biases that exist in the larger counterterrorism field, and remain diligent to impacts on human rights ranging from potential biases to over-censorship. See the next section on the Taxonomy Expansion to learn more.
At the beginning of 2021, GIFCT launched a multi-stakeholder effort to engage a wide range of experts on expanding the reach and impact of our hash-sharing database’s taxonomy in order to respond to terrorist content online across the ideological spectrum. We believe that our work must be complementary and mutually-reinforced with human rights and fundamental freedoms, starting with the material we recognize as terrorist content online. This six-month project resulted in a compilation report from international experts that will help shape and inform our strategy for thoughtful, deliberate, and practical broadening of our taxonomy framework over time.
Expanding the taxonomy through this process means we can empower our members to combat a wider range of terrorist activity, address the Islamist extremist-bias that currently exists in the larger counterterrorism field, and remain diligent to impacts on the human rights of those most vulnerable in this context: both victims of terrorism and violent extremism and victims of efforts to address terrorism and violent extremism.
We will initially expand the hash-sharing database’s taxonomy with three new hashed categories, prioritized based on feedback from global experts, our Independent Advisory Committee, and our member companies about how the threat of this content manifests online:
- Manifestos from terrorist and violent extremist attackers in PDF form;
- Terrorist publications that use specific branding and logos for the organization in PDF form; and
- URLs identified by Tech Against Terrorism as where specific terrorist content exists that are often shared and amplified on other platforms
We will continue working to expand the reach and impact of the hash-sharing database’s taxonomy in order to respond to terrorist content online across the ideological spectrum while also working to bring greater transparency to this specific area of our work.