On Wednesday, a neo-Nazi shot and killed two people attending a synagogue in Halle, Germany. As he did so, he broadcast a 35-minute clip of himself to followers on the live-streaming video platform Twitch. The filming of his horrific act was no doubt inspired by the March attacks in Christchurch, New Zealand, when a gunman killed 49 people at two mosques. His attack was also live-streamed.
But this time there was one big difference. The Christchurch attacker’s video was watched by hundreds live and possibly millions afterwards. Versions of the Christchurch video were still available on Facebook six months later. Facebook was heavily criticized in the aftermath for amplifying the reach of the video and then failing to respond to calls for changes.
This time, only five people were watching the Halle attack as it happened. More important, only about 2,200 people watched the automatically generated video after the attack in the 30 minutes before it was flagged and removed by Twitch. The difference between the two terror attacks seems to show how tech firms are learning to react more effectively to violent extremism and quickly get videos off their platforms.
Twitch removed the Halle shooting video after 30 minutes and then created a hash (a unique cryptographic fingerprint) of the video, which it shared through the Global Internet Forum to Counter Terrorism, a consortium of tech companies and governments that includes YouTube, Facebook, and Twitter. The group has been working together over the last 24 hours to remove versions of the video, using a combination of calls, WhatsApp groups, and Slack messages.
The video is still available online—it’s impossible to scrub it from the internet entirely—but unlike the Christchurch video, it was very quickly removed from all mainstream platforms, says Adam Hadley, director of Tech Against Terrorism, a UN-backed global initiative that works closely with the tech industry.
The two attacks are very similar, suggesting that the Halle shooter took inspiration from Christchurch. In each case the first-person-shooter perspective, familiar from video games, was used to create a “sense of excitement around the attacks,” says Florence Keen, a research fellow at the International Centre for the Study of Radicalisation and Political Violence. “The use of the ‘first-person shooting live-stream’ tactic is increasingly becoming a marker of these kind of attacks,” she says. It is also significant that the attacker spoke in English during the live-stream, indicating a desire to reach an international audience.
It’s almost impossible to prevent an attack like this before it happens. According to Twitch, the perpetrator created an account two months ago, and attempted to live-stream only once. Naturally, neither action raised suspicions. So unfortunately, tech companies are going to have to keep learning how to respond to these sorts of attacks—and quickly.
The Global Internet Forum to Counter Terrorism is building an analytics platform to help smaller (and thus potentially higher-risk) platforms combat terrorist content, but that will take six months to build, according to Hadley.
In the meantime, he says, there are already better processes in place than there were at the start of the year. “This shows how the tech sector has learned from failings over the Christchurch shootings,” he says. “It’s informal now, but there’s a greater recognition of what the process after these attacks needs to look like. We can never respond fast enough.