Joint Tech Innovation

Members

The Hash-Sharing Consortium currently consists of 13 companies: Microsoft, Facebook, Twitter, YouTube, Ask.fm, Cloudinary, Instagram, JustPaste.it, LinkedIn, Verizon Media, Reddit, Snap, and Yellow

No access to non-industry members has been granted. Each consortium member can decide how they would like to use the database based on their own user terms of service, as well as how they operate and how they make use of both technical and human capabilities.

The CIP is a multi-step process, including a decision to activate the CIP, communication of that decision, a review of content assets, and other steps, to inform GIFCT member companies and relevant governments about content from the real-world event that may be manifesting online. A CIP ends with an official “conclusion” determined by impacted GIFCT platforms once the volume of content has noticeably decreased.

The GIFCT CIP is a standalone industry process, but was designed to be easily integrated into external crisis response procedures, including the Christchurch Call Shared Crisis Response Protocol developed in response to the commitments of the Christchurch Call to Action to eliminate terrorist and violent extremist content online and the EU’s Crisis Response Protocol. Platforms that join the GIFCT are dedicated to responsibly addressing terrorist content on their services. 

How did it evolve? 

During the CIP development process, drafts of this protocol were shared and discussed with a range of stakeholders. The CIP was tested in a “controlled” environment in September 2019 during the first multi-stakeholder tabletop exercise at Europol HQ in The Hague, where tech industry representatives, European law enforcement authorities and third-party governments walked through a six-part, real-world scenario to determine applicability of both the CIP and the EU’s Crisis Response Protocol. The CIP was tested a second time in a similarly controlled environment at a workshop in Wellington, New Zealand, in December 2019. The CIP is a dynamic, “living” process that the GIFCT will continue to refine and evolve over time.

CIP Incidents to Date

The GIFCT has initiated the CIP twice in response to two, separate real-world events.

Halle, Germany: The first CIP was activated on 9 October 2019 following the shooting in Halle, Germany when the attacker filmed his attack and the livestream was circulated on GIFCT member platforms. Ultimately, GIFCT shared hashes, or digital “fingerprints”, from 36 visually-distinct videos from the attack so member platforms could detect and remove the content.

As of July 2020, material from this CIP constituted 2% of content in the hash-sharing database.

Glendale, Arizona: The second CIP was activated on 20 May 2020 following the shooting in Glendale, Arizona. The CIP was declared due to:

• The existence of video of the shooting, apparently produced and distributed by the perpetrator
• The video depicts murder and attempted murder, and
• The video spread from its original location and appeared on GIFCT platforms.

As of July 2020, material from this CIP constituted 0.1% of content in the hash-sharing database.

CIP Assessment Process

The CIP assessment process has been initiated 100 separate times between March 2019 and November 2020.

How does it work?

When a GIFCT company receives an indicator that the link leads to terrorist hosted content, the company now has a safe mechanism to share the URL links with the industry partner to whom the content belongs.

The one-to-one sharing allows the notified platform to review the link to decide if the content is violating its terms of service. In GIFCT’s first transparency report, it was reported that GIFCT had shared 9,200 URLs since piloting the project.

In the last year, GIFCT has adapted this program through a 12-month URL sharing pilot with SITE Intelligence, a firm that provides subscription-based monitoring and analysis regarding terrorist content and other online harms. The pilot project gave some of GIFCT’s newer members access to SITE’s SourceFeed, providing access to a dashboard assisting with extra context around a given URL including; organizational affiliation of the terrorist content and translation of content into English and further context support. Through this program, GIFCT has now shared nearly 24K URLs since its launch.