The Global Counterterrorism Forum (GCTF), an informal global governance body created in 2011 by the United States and Turkey, with 28 other members, to establish security policy guidelines and recommendations, adopted its Counterterrorism Watchlisting Toolkit earlier this month. The toolkit is a “best practice” document to assist states to build and implement watchlists and databases of “known and suspected terrorists” (KSTs) and “foreign terrorist fighters” (FTFs). The initiative arose in response to U.N. Security Council Resolution 2396 (2017), which requires states to develop watchlists or databases (at para. 13), and the GCTF’s own desire “to follow up on these developments and … further expand the guidelines” for watchlisting to assist states in their implementation efforts (Toolkit, page. 6). The toolkit initiative was co-led by the United States and the U.N. Office of Counterterrorism, drawing from virtual workshops undertaken in 2020-21 with invited representatives from states and regional and international organizations, academia, and civil society.

Unfortunately, the toolkit is a particularly troubling example of informal international lawmaking and purportedly pre-emptive security governance. It does not question or even outline a need for watchlists in the absolute, let alone a globalized infrastructure. It fails to take seriously the adverse human rights effects of watchlisting and its potential to exacerbate discrimination against Muslims and others targeted as “risky.” It lays the groundwork for a globally interconnected watchlisting infrastructure using biometrics, artificial intelligence (AI), and predictive analytics to spot “unknown” terrorists, but ignores the complexities that AI governance poses. And it uncritically exports the flawed U.S. watchlisting system as a standard for the rest of the world to follow, without recognition of its serious problems.

Furthermore, the process by which this toolkit was produced through the GCTF was extremely problematic. The United States and the U.N. Office of Counterterrorism ultimately ignored critical insights and suggestions that had been made by human rights bodies, civil society organizations (CSOs), academics, and states throughout the toolkit construction process. Instead, they produced a document very much shaped in their own image yet presented as the fruit of global consensus.

This toolkit shows how informal governance forums like the GCTF allow powerful states to set global standards on highly contentious security issues with little debate, reproducing hegemonic power relations. And it offers a troubling blueprint for an expansive global watchlisting architecture that will likely further harm people, erode human rights protections, deepen algorithmic injustices, and expand discrimination in the so-called global war on terror.

  1. Human Rights for the 1 Percent: Citizens, Foreigners, and Jurisdictional Violence  

Watchlisting severely affects the rights of those targeted, and yet its necessity or efficacy has not been reliably established and, in practice, it is extraordinarily difficult to challenge. Rights to freedom of movement, due process, and effective remedy are compromised by digital practices for managing country borders that are disproportionate, that fail to provide targeted people with reasons why they are targeted or offer any meaningful opportunity to challenge their listing. States are implored to share watchlist data transnationally, effectively giving national watchlists extraterritorial force. But listed individuals generally only have remedies in their home country, if at all. This creates an asymmetry that expands state power, weakens human rights, and exacerbates watchlisting’s harmful and discriminatory effects.

Counterterrorism watchlists overwhelmingly target foreign nationals, for example, not the citizens of the countries doing the targeting. Because of the alien/citizen hierarchy embedded into most legal systems, this can have huge adverse consequences for the lives and human rights of listed persons. The U.S. Terrorist Identities Datamart Environment (TIDE) watchlist includes more than 1.6 million people, but only 16,000 are U.S. citizens or residents. The other 99 percent are foreigners who have no practical right of legal challenge or possibility to exercise due process rights in U.S. courts to contest their listing. In contrast, the European Union’s European Travel Information and Authorisation System (ETIAS), to be launched in 2022, allows all listed persons (whether citizens or foreign nationals) to have “access to an effective judicial remedy to ensure that data stored in ETIAS are amended or erased” when found to be unjustified. However, this EU procedure envisages appeals being conducted in the Member State that has taken the listing decision in accordance with the national laws of that country, subject to their various limitations.

This fundamental problem of no effective remedy being available to the vast majority of listed people was emphasized by CSO and academic voices during the GCTF toolkit meetings. Earlier drafts of the toolkit also stressed the importance of giving all targeted persons access to legal remedies to challenge their listing. Yet, the GCTF ultimately adopted the U.S. approach as the global standard to follow, removing all references to the problem of foreign nationals unable to access legal remedies. So, when the toolkit makes vapid claims like “watchlisting system[s] should be designed in a way that safeguards against unlawful interference with human rights” (Recommendation 4) and offers no guidance beyond that, it’s crucial to remember that this means human rights for the 1 percent of those targeted who are citizens or residents. The toolkit is notably silent about whether the other 99 percent of listed people should have the right to have rights, as Hannah Arendt put it, in the states that target them. The practical consequences of this, for the expanding global population of listed persons, are grave. Once listed, you will likely remain preventively targeted as “risky” forever.

For a toolkit purporting to offer guidance on how states can counter terrorism while protecting human rights, such silences are deeply problematic. The toolkit offers governments fine-grained guidance and capacity building support for creating powerful counterterrorism tools, but little guidance on how to comply with human rights law in the process. In 2019, U.N. Special Rapporteur on Counterterrorism and Human Rights Fionnuala Ní Aoláin warned that increased informal international lawmaking through the GCTF coincided with a weakening of human rights norms. The failures and omissions of this watchlisting toolkit show how this fragmentation and erosion of rights works in practice.

  1. Watchlists, AI and Identifying “Unknown” Terrorists 

Watchlisting, its proponents claim, is not only about identifying known bad actors deemed to pose a current threat. It is also about identifying as yet “unknown” terrorists who might pose such a threat in the future. Counterterrorism watchlists are now fused together with travel and biometric data and other data sources, and analyzed using machine learning tools and advanced data analytics systems to flag potentially “risky” individuals. When watchlisting is augmented with AI decision-making in this way, the human rights accountability and rule of law challenges become even more pronounced.

How are persons of interest flagged through risk analytics tools like automated pattern recognition systems? If a machine learning algorithm is used for listing and the person challenges that decision, how can the chain of inferences leading to the targeting decision be explained and legally justified? A recent report from the British intelligence and security agency GCHQ warned that, with advanced AI methods, “it will not always be possible for a human to fully assess the factors that the software took into account to form its conclusions.” How then can security governance by algorithms be subjected to meaningful review – either by individuals seeking to challenge their listing or by oversight bodies tasked with ensuring that the listing is lawful? And how can we ensure that the racial bias and discrimination that both predated and shaped the post-9/11 security landscape aren’t embedded into technical processes and infrastructures for governing global threats via machine learning?

These problems are currently subject to heated regulatory and political debate in other areas where datafication is transforming how knowledge is generated for governance. As an example, the final report of the U.S. National Security Commission on AI, issued earlier this year, calls on the Department of Homeland Security and the FBI to review their policies and practices “to ensure that parties aggrieved by government action involving AI technology,” including in the area of no-fly lists, “can seek redress and clearly know how to do so.” But it also acknowledges that because machine-learning systems are dynamic, ongoing compliance with legal norms “is not a given once the system is operational” (page 147). But these issues aren’t something that global security practitioners, international lawyers, and counterterrorism researchers have so far said much about.

U.N. Security Council Resolution 2396 (2017), for example, says traveler screening systems mustn’t use profiling based on discriminatory grounds such as race and religion. But how can this be realized with listing systems that use AI tools to spot potentially dangerous people? You can’t simply delete the risk of discrimination by removing “sensitive” data from machine learning, because other data can readily serve as proxies for this information. And putting a “human in the loop” won’t help either if the processes by which machine learning leads to specific targeting decisions cannot be humanly articulated and understood.

The GCTF toolkit acknowledges that watchlisting is now part of a far more complex data analytics ecology involving the ingestion of large quantities of diverse data and use of AI. But it is completely silent about the specific problems this poses for human rights compliance and oversight. Standard clichés like “effective measures should be taken to avoid … discrimination and to ensure respect for human rights” are liberally repeated throughout the text. Yet states are required to ensure their counterterrorism measures comply with international human rights law. In the area of algorithmic security, this means confronting particularly complex problems and offering effective guidance as a sine qua non (even if we were to assume the necessity and efficacy of watchlisting), not reproducing empty platitudes, dodging the core issues, or projecting wishful human rights thinking.

  1. Exporting the U.S. Watchlist to the World 

The United States is scarcely named in the toolkit, but its watchlisting fingerprint is evident throughout the document. With that come the considerable dangers of globalizing the more problematic hallmarks of U.S. watchlisting practices.

Secrecy and opacity — The U.S. watchlist system is opaque by design. Listed individuals receive no notice of their addition to a list, let alone an opportunity to contest it before a neutral arbiter. Until relatively recently, even U.S. persons on the draconian No-Fly List received no official confirmation or denial of their status. Notwithstanding the safeguards and principled commitments to rights that it dutifully parrots, the GCTF toolkit does not disclaim secrecy, which has been a structural feature of U.S. watchlisting, and indeed of virtually any conceivable watchlisting scheme. The toolkit will therefore most likely contribute to the replication of the secretive U.S. model on a global scale.

One-way ratchet — Because the standards and mechanisms for nomination and inclusion are permissive, and because it then becomes exceedingly difficult in practice for a listed person to get delisted, U.S. watchlists operate as a one-way ratchet. By repeatedly referring its consumers to countries “experienced” in watchlisting — read: the United States — the GCTF toolkit virtually guarantees the worldwide duplication of that template. This includes an already low “reasonable suspicion” standard, even further diluted in practice through a construction and application by U.S. agencies that permits the watchlisting of relatives of persons of interest and even dispenses with the need for concrete derogatory information justifying a listing. The upshot is that people can end up on U.S. watchlists based on little more than a hunch, or on poorly vetted information.

Ripeness for abuse — The uniquely toxic combination of unchecked power and secrecy found in the U.S. watchlisting system naturally lends itself to official abuse. For example, federal agents have used their watchlisting authority to pressure U.S. Muslims into working as government informants within their faith communities in exchange for delisting. And while creating a threat to then charge for its reduction may be the definition of racketeering, U.S. officials have been shielded by the lack of transparency and accountability that characterizes the watchlisting system.

Proliferation — In the United States, watchlist information has seeped out beyond its original federal boundaries. While information derived from U.S. watchlists is already known to be shared with airlines (for the stated purpose of ensuring aviation safety) and with some foreign governments, it has also surfaced in state-issued records of arrest and prosecution (known as rap sheets), warping the normal operation of the criminal justice system in matters unrelated to “national security.” What is more, watchlisting information is disseminated in some form to private entities such as banks, money transfer agents, universities, hospitals, and others, resulting in bank account closures, blocked remittances, and denied employment opportunities, among other consequences.

Disparate impact — Inherent to U.S. watchlisting practice — and, arguably, to any possible watchlisting practice — has been the absence of meaningful oversight and transparency to constrain largely unchecked and arbitrary power, giving free reign to individual, systemic, and societal biases against particular groups to find their expression in watchlisting outcomes. Muslims have disproportionately borne the brunt of the punitive impact of U.S. watchlisting practices. There is little reason to expect that a further generalization of the U.S. model would spare demonized, marginalized, or targeted groups elsewhere.

  1. GCTF, Informality, and Hegemonic International Law 

All GCTF documents are allegedly consensus-based. The GCTF terms of reference state that the Coordinating Committee and Working Groups “will make every effort to operate by consensus” (§IV, B). The newly adopted GCTF Strategic Vision for the Next Decade 2021-2031 also recommends to “preserve the existing consensus-based approval of GCTF outputs,” implying that consensus is already the rule. This suggests that all actors invited to participate in the process are given a proper opportunity to comment on the draft and express (dis)agreements. But that isn’t what happened here. The group of actors who took charge to build this global standard was incredibly small.

Neither the toolkit nor the GCTF website indicate the procedure for adopting this document, and only partial information about the review process in general appears on the website. The website states that the review process of a document can involve “one or more comment periods” and that input from non-members can be sought. In practice, this means that only the GCTF member governments review the document, and nothing specifies what certifies their “endorsement.”

Through exchanges that two of the authors had with anonymous participants and the GCTF Administrative Unit, we understand that only GCTF members were invited to comment on the draft toolkit prior to its adoption. This “participation” was forced into a short 10-day period at the end of the summer when few people were available. In this way, the more complex problems about fairness and human rights and disagreements about the need for watchlisting, appropriate safeguards, and forms of redress could be readily disregarded by the toolkit co-leads. This resulted in a document that nominally bears the imprint of global “consensus,” but that is stripped of the political disagreements raised throughout the toolkit construction process and the concerns those targeted by lists have long raised about the serious risks and problems of watchlisting the world.

Bypassing protracted political debate has always been the raison d’être of the GCTF. It was created as a flexible, “apolitical,” and action-orientated platform capable of short-circuiting the political deadlocks that have slowed down formal U.N. policymaking. But building global security governance on toolkits designed as “practical, user-friendly resources for practitioners” by clubs of powerful states and institutions — what Alejandro Rodiles describes as “coalitions of the willing — comes with political and normative costs. It instrumentalizes international law and expands hegemonic power by shrinking the space for friction and debate that multilateralism at least tries to bring to the table.

The informality of the GCTF’s non-binding toolkits and “best practice” policy guidelines should not be underestimated. Both the GCTF Political Declaration and the 2018 Joint U.N.-GCTF Ministerial Statement state that the GCTF entertains “a close and mutually reinforcing relationship” with the U.N. In practice, this means that the Security Council increasingly cross-references GCTF documents in its resolutions, thickening GCTF “soft” law into something more “hard,” and U.N. counterterrorism bodies are linking state capacity-building efforts to GCTF outputs. In this way, best practice documents like this toolkit can quickly become powerful mechanisms for setting global standards on contentious issues and given the force of global law.


The informal lawmaking processes unfolding at the GCTF increasingly and dangerously appear to be interconnected with — if not essential to — formal international lawmaking processes. This synergy entrenches and normalizes the severe pressures put on the lives of people and on human rights norms by counterterrorism practices. Furthermore, the GCTF exacerbates the erosion of human rights law’s potentially constraining function by systematically using it as a vague vocabulary to give a progressive tint and flavor to its documents, and to pacify anxieties.

But watch this space: despite its flaws, we expect this GCTF watchlisting toolkit to soon be referenced by the Security Council, tied to far-reaching global capacity-building programs, and embedded into the sprawling U.N. counterterrorism architecture as reflecting global consensus. The global population of watchlisted people will swell in size, as watchlists are combined with AI tools and other data sources to target “known” and “unknown terrorists,” “violent extremists,” and others deemed “risky,” affecting Muslims the most (at first). The end result: a significant expansion of the opaque and unaccountable global security infrastructure that reflects little learning from the bitter experience of the last 20 years since 9/11 and that fails to adequately grapple with the injustices that it will undoubtedly carry into the future.

IMAGE: Dutch Minister of Foreign Affairs Bert Koenders hosts an international consultations with representatives of the Global Counterterrorism Forum (GCTF) and the Anti ISIS coalition in the fight against terror In The Hague, Jan. 11, 2016. (Photo JERRY LAMPEN/AFP via Getty Images)