Click here to read GNET's latest report Emergent Technologies and Extremists: The DWeb as a New Internet Reality?



1. What is the hash sharing consortium and how does it work?

In 2016, the founding member companies of the GIFCT (Facebook, Microsoft, Twitter, and YouTube), created a shared industry database of “hashes” — unique digital “fingerprints” — of known violent terrorist imagery or terrorist recruitment videos that had been removed from their services. The image or video is “hashed” in its raw form and is not linked to any original platform or user data. Hashes appear as a numerical representation of the original content and can’t be reverse engineered to create the image and/or video. A platform needs to find a match with a given hash on their platform in order to see what the hash corresponds with. The Hash Sharing Consortium currently consists of 13 companies who have access to the shared industry database. This includes, Microsoft, Facebook, Twitter, YouTube,, Cloudinary, Instagram,, LinkedIn, Verizon Media, Reddit, Snap, and Yellow. No access to non-industry members has been granted. Each consortium member can decide how they would like to use the database, keeping in mind their own user terms of service, as well as how they operate and how they make use of both technical and human capabilities.

2. What is the Content Incident Protocol?

The Content Incident Protocol (CIP) was developed by the GIFCT to respond to emerging and active terrorist events and assess any potential online content produced and disseminated by those involved in the planning or conducting of the attack. By declaring a CIP, all hashes of an attacker’s video, and other related content is shared in the GIFCT hash database with other GIFCT member platforms. Furthermore, a continuous stream of communication is established among all GIFCT members to identify and address risks and needs during an active CIP. Although each platform is encouraged to remove content in a CIP, they apply their own policies and standards in all such instances. The first CIP was activated on 9 October 2019 following the shooting in Halle, Germany when the attacker filmed his attack and the livestream was circulated on a GIFCT member platform. Ultimately, GIFCT shared hashes, or digital “fingerprints”, from 36 visually distinct videos from the attack so member platforms could detect and remove the content.

3. What is the Christchurch Call?

The Christchurch Call is a political summit started by New Zealand Prime Minister Jacinda Ardern following the 15 March 2019 attack in Christchurch, New Zealand in which 51 Muslims were killed in a livestreamed terrorist attack. The Christchurch Call is an action plan that involves numerous governments and international organisations, including the European Commission, Council of Europe, and UNESCO, as well as major players in the digital sector, such as Amazon, Facebook, Twitter, YouTube and Google, who have all pledged to take collective action to eliminate online violent extremist content. To that end, this plan commits its member organisations to take a series of measures, such as: developing tools to prevent the downloading of terrorist and violent extremist material; combating the causes of violent extremism; improving transparency in the detection and removal of content; and ensuring that the algorithms designed and used by online platforms do not direct users towards violent extremist content.

4. What is TCAP?

The Terrorist Content Analytics Platform (TCAP) will be an online platform launched by Tech Against Terrorism that automates the detection and analysis of terrorist content. The TCAP will accept submissions and reports from individuals who identify extremist content online, while also automatically scraping content from known terrorist sources and platforms. It will support small tech companies in improving content moderation decisions where often the smallest platforms have limited resources to do this on their own. The TCAP will scrape for all multimedia files that should be moderated by tech platforms or that could be useful for academics and researchers in this space. The platform will be available for use by vetted tech companies and academics, and will include oversight mechanisms to ensure content accuracy. This will help increase understanding of the threat and identify ways to improve the global response. Tech Against Terrorism is developing the TCAP with support from Public Safety Canada.