Across the Preventing and Countering Violent Extremism (P/CVE) field, practitioners know that radicalisation processes increasingly unfold online, without face-to-face interactions. Reaching individuals who rarely appear in offline prevention remains a persistent challenge. In response, a range of digital interventions such as counterspeech, nudges, frictions, redirection, and other diversion approaches have emerged to disrupt, redirect, or reframe harmful encounters in digital environments.
Yet, empirical evidence of their long-term effectiveness remains weak. Engagement metrics often capture only short-term behavioural shifts, and it is unclear whether these interventions meaningfully reach at-risk individuals or sustain engagement with violence-prevention efforts. At the same time, automated systems still struggle to detect the full spectrum of extremist content. While text moderation has improved, performance declines sharply for multimodal content like images, memes, and video (p. 76149). More critically, computational identification of individuals at risk remains limited: false positives are common, behavioural signals are sparse, and most models classify posts rather than people (p. 120486). This is problematic because a core P/CVE aim in the online space must be to bridge online encounters with offline support, particularly in the early stages, when little is known about an individual and intervention windows are narrow.
This Insight draws on early observations from an ongoing research programme to explore the potential of artificial intelligence (AI) chatbot interventions, such as dialogue-based agents, to address gaps in the current online intervention landscape. We consider how such tools might help facilitate online–offline diversion and augment the work of practitioners in violence prevention. In particular, we explore the opportunities and the challenges associated with AI chatbots in P/CVE. We do this by offering a glimpse into ongoing work and by examining pathways for the responsible use of chatbots in P/CVE.
Why Existing Online P/CVE Interventions Fall Short
Online platforms have become central to early-stage radicalisation. For most users, they are usually the first touchpoint with violent extremist ideology (p.8), long before potential engagement with support services or practitioners is feasible. The increasingly immersive nature of digital environments further blurs the line between online and offline worlds. This shift to the digital environment makes timely interventions difficult. Because radicalisation now unfolds through continuous online touchpoints, interventions need to move more directly into this digital space.
There is a range of interventions that respond to this shift to the online space. These include hybrid outreach initiatives such as online campaigns, safety-by-design measures, counterspeech and counternarratives, and redirect or diversion approaches. Outreach efforts increasingly blend online and offline engagement. Safety-by-design measures rely on structural or algorithmic interventions such as content removal, de-amplification, or the use of frictions (for example, “Are you sure you want to share this post?”). Counterspeech and counternarratives aim to challenge viewpoints or offer alternatives. Redirect approaches steer users toward safer content or support services through targeted ads. Although many of these interventions show promising engagement indicators, their ability to produce sustained prevention outcomes remains unclear.
The issue is that sustained (human) engagement with interventions remains difficult to achieve. Most interventions in the online space operate at a surface level, focusing on single-touch interactions (for example, clicking on an ad or seeing a prompt) that aim to capture attention or interrupt harmful patterns. They rarely evolve into dynamic, continuous exchanges that adapt over time and sustain engagement through a sequence of subsequent touchpoints. Single-point interactions may be repeated to increase effectiveness (p. 660), but they lack the long-term trust-building and persuasion mechanisms known to support psychological and behavioural change (p. 5). Thus, prevalent interventions identify and create entry points but fall short of establishing the relational continuity needed for meaningful deradicalisation work and for bridging online to offline.
This gap is partly due to the nature of early-stage radicalisation, where individuals may be ambivalent, defensive, or fearful of stigma. Without relational scaffolding, the initial moment of engagement typically dissipates (p.37). Traditional online interventions are typically not designed to maintain motivation, explore concerns gradually, or support behaviour change across touchpoints. This results in a bottleneck: technological systems can identify and redirect individuals on platforms, but P/CVE practitioners must be able to sustain engagement with them, often with limited resources and delayed access.
The Case for AI Chatbots as a Tool in P/CVE
The emergence of generative AI and conversational agents has created new possibilities for developing engaging, conversation-based interventions. In other contexts, such as mental health support, research has shown promising results. For example, chatbots that use cognitive behavioural therapy have shown evidence of reducing barriers to help-seeking behaviour (e.g., by encouraging engagement with offline support services) and sustaining user interaction over time. The advantages of these AI-facilitated interactions include the ability to proactively respond with tailored messages, reduce perceived judgment, and deliver personalised responses at scale. They can offer consistent, non-judgmental points of contact, which can make difficult conversations feel safer. While these possibilities are promising, they remain largely empirically untested in P/CVE.
Co-Designing a Positive Intervention Using AI Chatbots
To address this gap, we have begun a broader research programme that brings together several projects, including work supported by the Austrian Research Promotion Agency (FFG) and the Austrian Science Fund (FWF). The programme involves collaboration with NGOs in violence prevention, youth work, and deradicalisation. Across these projects, our research team engages practitioners through multi-stakeholder workshops and ongoing dialogue to understand their needs, expectations, and concerns regarding dialogue-based AI tools in P/CVE. One of the contributing projects is the FWF-funded initiative Can AI Build Mental Immunity? Countering Indoctrination. The programme uses an ethically grounded framework to explore where AI chatbots can support prevention practice and where risks and limitations arise in real-world settings. The work is still ongoing, but several early insights are already emerging and can help guide current discussions.
Preliminary Insights: Opportunities, Tensions, and Unresolved Questions
Fragmented Realities and Sociotechnical Complexity
Co-designing workshops with practitioners showed that P/CVE practice is far from uniform, even in comparatively homogenous contexts. Intervention pathways differ across organisations and regions, and practitioners emphasised that the field still lacks uniform, shared approaches for early-stage engagement, assessment, or escalation. This lack of common standards limits the effectiveness and scalability of current interventions. For instance, in Germany, practitioners in our study described marked regional differences in local extremist landscapes (similar patterns of regional variation in extremism have also been observed in the Netherlands). Practitioners noted that in some Western regions, far-right milieus increasingly take the form of more networked, online and transnational scenes, shaped by post-organisational digital cultures. At the same time, they perceived eastern German contexts as still characterised by more locally rooted and traditional far-right structures. These practitioner perceptions highlight how varied prevention contexts remain. This variation complicates the design of chatbot-supported prevention workflows because there is no clear agreement on the values, procedural steps, or intervention thresholds that a chatbot should represent.
Ethical Boundaries, Power Dynamics, and the Fragility of Trust
Across several practitioner workshops and interviews conducted in 2025 as part of two ongoing research projects on AI support tools in P/CVE, practitioners emphasised the ethical tensions of deploying chatbots in sensitive contexts such as P/CVE. Concerns centred on accountability, transparency, and data governance. In particular, who would operate, monitor, and safeguard such systems, and how disclosures would be handled. Participants were unanimous that chatbots should facilitate, not replace, human relationships, and cautioned against covert or overly assertive use, which could be experienced and perceived as manipulative or surveillance-adjacent. Some participants also highlighted global power asymmetries: if chatbots are built on datasets and norms shaped in Global North institutions, they risk imposing external values or contributing to perceptions of digital imperialism. Trust emerged as a fragile resource: a single misinterpretation, a poorly timed message, or an unclear disclosure that a “person” was in fact an AI chatbot could permanently undermine one’s willingness to seek help. These concerns collectively define the ethical boundaries of experimentation with AI chatbots, because dialogue with an AI agent entails socio-technical interaction patterns that differ fundamentally from clicking on a personalised ad or contacting a support service. Research in human–computer interaction shows that users often attribute social agency to conversational systems, which can blur the boundary between human and machine and amplify relational risks.
Risks, Unknowns, and Preconditions for Responsible Use
Drawing on perspectives from AI safety and human–AI interaction research, our analysis suggests that the risks of long-term human–AI interaction remain poorly understood. We still lack evidence on how sustained dialogue with conversational agents might shape dependency, relational expectations, or trust in human support systems, particularly in sensitive prevention contexts. Emerging research on interaction harms indicates that such risks accumulate over time and can arise from the social responses users direct toward AI systems rather than from single outputs (p. 1308). These dynamics are likely amplified in P/CVE settings, where emotional volatility and identity negotiation are common, raising questions about how chatbots should be bounded and when escalation to human support is necessary. We also found that sociotechnical literacy (that is, the ability to critically understand how social and technical arrangements co-produce outcomes) in this area is still emerging, occasionally resulting in expectations about AI capabilities that are either overly optimistic or simplified. Responsible deployment would require high-quality and contextually appropriate training data, culturally sensitive and multilingual responses, robust safety and escalation mechanisms, and clearly bounded intervention points restricted to low-risk, early-stage contexts. These requirements reflect broader challenges identified in AI safety research, particularly the difficulty of ensuring predictable behaviour, alignment with human intent, and reliable performance across diverse real-world scenarios. Organisationally, new workflows, role definitions, and safeguards would be needed to ensure that chatbots complement rather than destabilise established prevention practices. These uncertainties underline the need for cautious, iterative experimentation and continuous evaluation.
Conclusion: A Way Forward for AI Chatbot Mediated P/CVE Interventions
A constructive way forward for the use of AI chatbots in P/CVE lies in continued exploratory collaboration between practitioners, civil society, government actors, and, where appropriate, platforms. Our work continues controlled experimentation with early chatbot artefacts to examine feasibility, trust dynamics, and the ethical boundaries of AI-supported engagement. More broadly, the progress of AI interventions in P/CVE will depend on sociotechnical literacy, practitioner-led insight, and transparent governance to ensure that any future chatbot intervention remains tightly controlled, culturally sensitive, and grounded in user agency. Our observations point to several implications. This includes the need for clear guidelines for the use of AI in sensitive/high-risk prevention contexts because misuse risks undermining trust or causing harm. Moreover, we see potential value in establishing baseline standards for data handling, privacy, transparency, and civil-society-anchored oversight to support trust in P/CVE efforts. These standards would build on and help to advance the safeguards set out in frameworks like the EU’s AI Act.
–
Kevin Marc Blasiak is a Postdoctoral Researcher at TU Vienna’s Faculty of Informatics, where he leads the Responsible Computing Circle at the Center for Technology & Society (CTS). He is also a member of the Trust & Safety Teaching Consortium. His research focuses on technology governance, trust and safety, and persuasive technologies, with a focus on ethical chatbots designed for countering violent extremism across online–offline prevention pipelines, including correctional and rehabilitation contexts. He collaborates with violence prevention NGOs and international organizations on responsible technology use, including initiatives on AI and law enforcement. He holds a PhD in Information Systems from the University of Queensland.
Website: https://www.kevinmarc.org/
–
Are you a tech company interested in strengthening your capacity to counter terrorist and violent extremist activity online? Apply for GIFCT membership to join over 30 other tech platforms working together to prevent terrorists and violent extremists from exploiting online platforms by leveraging technology, expertise, and cross-sector partnerships.