Skip to content

Illustration by Security Management

Tech Counterterrorism Organization Expands Focus to Include Ethnonationalists, Domestic Extremists

A counterterrorism organization formed by major U.S. technology companies—including Facebook and Microsoft—announced this week that it will expand the types of extremism content shared between firms in a key database to crack down not just on Islamic State or Taliban terrorist content but on white supremacists and far-right militias as well.

The Global Internet Forum to Counter Terrorism (GIFCT) has largely focused on videos and images posted online by terrorist groups on a United Nations list. But over the next few months, the group will add attacker manifestos and other publications and links flagged by the UN Tech Against Terrorism initiative, Reuters reported. These documents—such as Christchurch, New Zealand, shooter Brian Tarrant’s essay or Anders Breivik’s 1,518-page document released prior to the killing of 77 people in Oslo, Norway—are often shared by sympathizers after white supremacist or ethnonationalist violence.

The 14 tech companies in GIFCT share hashes—unique, anonymized digital signatures of the original pieces of content, which have already been removed from tech platforms. The partner companies use this database of hashes to identify the same content on their sites to review or remove it. Since the program’s creation in 2017, the hash-sharing database has grown to include 320,000 visually distinct hashes. And since April 2019, GIFCT has responded to more than 150 incidents to determine if there was any online dimension to an offline violent attack and whether any action needed to be taken in content incident management.

In an interview with Reuters, GIFCT Executive Director Nicholas Rasmussen said that the tech group wants to combat a wider range of threats, specifically those of racially motivated violent extremism or far-right extremist groups.

The taxonomy expansion, which broadens the range of hashes that GIFCT shares, identified three areas that would now be included in the database: PDF manifestos from terrorist and violent extremist attackers; terrorist publications that use specific branding and logos for the organization in PDF form; and URLs identified by Tech Against Terrorism where specific terrorist content exists that are often shared and amplified on other platforms.

Under the previous GIFCT taxonomy, manifestos from white supremacists or far-right extremists such as Tarrant or Breivik would not have been included in the hash database. The availability of these documents online can spur future violence, however, “as terrorist manifestos often cite, credit and praise predecessors. Allowing terrorist manifestos to proliferate across the Internet—unfettered and readily accessible—therefore contributes to the violent extremist culture of citation and heightens the risk of future attacks,” according to a GIFCT report on its taxonomy review.

The GIFCT’s database is organized into four main tiers of content:

  1. Content depicting or coordinating terrorist or extremist violence,
  2. Content promoting or calling for terrorist or extremist violence,
  3. Content promoting terrorist or extremist ideologies, and
  4. Content promoting hateful or dehumanizing ideas.

For the first two tiers, evaluating the context of the post is required before adding it to the database, because some calls for violence may be satirical, newsworthy, have legal value, or look similar to criminal violence—not fitting into the category of terrorism or extremism. For the second two tiers, context is required when evaluating whether to include the content in the hash database due to free speech concerns, overlap with mainstream public ideals, variance in cultural norms worldwide about certain topics, or potential academic or public value.

The shift to include not just Islamist extremist content but white supremacist and domestic extremist content in the database was meant to address broader discrimination and bias in the terrorism field, the report said.