Global Terrorism Database
The Global Terrorism Database (GTD) is an open-source repository maintained by the National Consortium for the Study of Terrorism and Responses to Terrorism (START) at the University of Maryland, systematically recording over 200,000 domestic, transnational, and international terrorist incidents worldwide from 1970 to 2020.[1][2] Compiled primarily from open media sources such as news articles, the GTD captures granular details on each event, including dates, locations, weapons used, targets, perpetrators (when identifiable), and casualty figures, with over 45 variables per incident and up to 120 for more recent cases.[1] This methodology, enhanced by machine-assisted coding since 2012, enables longitudinal analysis of terrorism patterns, such as the prevalence of bombings (over 88,000 incidents), assassinations (over 19,000), and kidnappings (over 11,000).[1] The database defines terrorism empirically as the threatened or actual use of illegal force and violence by non-state actors to attain political, economic, religious, or social aims through fear, coercion, or intimidation of non-combatants, excluding state-sponsored actions and emphasizing intentionality over legal judgments.[3] As a foundational resource for researchers, policymakers, and counterterrorism efforts, the GTD has facilitated empirical studies on terrorism's causes, trends, and responses, revealing shifts like the rise in religious-motivated attacks post-1990s and geographic concentrations in regions such as the Middle East and sub-Saharan Africa.[1][4] However, it contends with inherent limitations, including incomplete data for 1993 due to archival loss and potential underreporting biases from reliance on media coverage, which may skew toward high-profile or Western-centric events while undercounting those in remote or censored areas.[1] These challenges underscore the database's strengths in transparency and scalability alongside the difficulties of standardizing subjective classifications of violence amid varying definitional debates in terrorism scholarship.[5]Methodology and Data Collection
Definition of Terrorism
The Global Terrorism Database (GTD) employs a specific working definition of terrorism due to the absence of a universally accepted standard, enabling systematic data collection across diverse incidents. This definition characterizes a terrorist attack as "the threatened or actual use of illegal force and violence by a non-state actor to attain a political, economic, religious, or social goal through fear, coercion, or intimidation."[6][7] The approach prioritizes empirical consistency over philosophical consensus, allowing researchers to apply filters for narrower analyses, such as excluding incidents lacking clear coercive intent.[6] To qualify as a terrorist incident in the GTD, an event must satisfy four core inclusion criteria: (1) it must be an intentional act; (2) it must involve violence or an immediate threat of violence, encompassing property damage, injury, or death; (3) perpetrators must be sub-national (non-state) actors; and (4) the act must pursue a political, economic, religious, or social objective, rather than purely criminal or personal motives like financial gain.[7] Additional considerations refine classification: incidents require evidence of intent to intimidate or communicate to broader audiences beyond immediate victims, and they must occur outside recognized warfare contexts targeting non-combatants.[7] Cases with ambiguity—such as overlap with insurgency, hate crimes, or unverified perpetrator claims—are flagged with a "doubt terrorism proper" indicator, often retaining alternative codings while excluding pure state-sponsored actions.[7] This framework deliberately excludes state terrorism, focusing on non-state actors to align with predominant academic and policy usages, though it acknowledges definitional debates by permitting user-defined subsets.[8] For instance, perpetrator responsibility is coded based on open-source reports, with claims verified through media but noted if speculative, ensuring transparency in uncertain attributions.[7] The definition's breadth facilitates longitudinal tracking of over 200,000 incidents since 1970, but critics argue it may inflate counts by including borderline cases, such as property attacks without casualties, potentially diluting focus on high-impact violence.[2][9]Sources and Coding Procedures
The Global Terrorism Database (GTD) draws from publicly available, unclassified open-source materials, including media articles, electronic news archives, books, journals, and legal documents.[7] For contemporary data collection since 2012, the process incorporates automated ingestion from the Lexis-Nexis Metabase API, which scans over one million articles daily, alongside BBC Monitoring services providing translations from more than 150 countries; this yields approximately 400,000 filtered articles monthly, of which 8,000 to 16,000 undergo detailed review.[7] Historical data for 1970–1997 originated from the Pinkerton Global Intelligence Service (PGIS) index cards, digitized under National Institute of Justice funding, while 1998–2007 data came from the Center for Terrorism and Intelligence Studies (CETIS), with subsequent synthesis and ongoing collection managed by the University of Maryland's START consortium.[6] [8] Data identification combines automated and manual workflows within a proprietary Data Management System (DMS). Automated stages employ Boolean keyword filters, natural language processing for tasks like deduplication and location extraction, and machine learning models trained on analyst feedback to prioritize relevant reports and cluster potential incidents.[2] [7] Research analysts then manually assess source credibility—favoring high-quality, independent outlets—verify incidents against GTD inclusion criteria, and code attributes only if supported by at least one reliable source; conflicting reports on details such as casualty figures are resolved by majority consensus or the lowest verifiable number, with discrepancies noted in auxiliary fields.[7] [8] Coding involves over 100 structured variables across categories like date, location, attack type, weapons, perpetrators, targets, and outcomes, plus unstructured summaries and motives, assigned via a 12-digit unique Event ID (formatted as yyyymmdd-sequence).[6] Six domain-specific teams, supervised by research assistants, handle specialized aspects such as perpetrator profiles or target types, ensuring consistency through standardized rules developed by the GTD Advisory Board; complex or ambiguous cases are escalated for resolution.[7] Post-1997 incidents include a "Doubt Terrorism Proper" flag for uncertain classifications, allowing users to filter based on alternative designations like insurgency, while pre-1997 data receives retroactive verification where feasible.[8] Reliability is maintained through supervisory review, multiple-source cross-checking, and periodic updates with emerging information, though retrospective versus real-time collection can introduce variability in completeness.[6] [8]Incident Variables and Reliability Measures
The Global Terrorism Database (GTD) records incidents at the event level, capturing detailed attributes for each terrorist attack documented since 1970. Core incident variables include temporal elements such as year (iyear), month (imonth), day (iday), with flags for approximate dates (approxdate) and extended events spanning over 24 hours (extended). Geographic data encompasses country code, region, province/state (provstate), city, latitude/longitude coordinates, and a specificity scale from 1 (exact location) to 5 (vague).[7]
Target-related variables specify the primary target type (targtype1, e.g., 1 for business, 14 for private citizens & property) and subtype (targsubtype1), along with a textual description (target1) and nationality (natlty1). Weapon details cover up to four types (weaptype1 through weaptype4, e.g., 6 for explosives) with subtypes (e.g., 7 for grenades). Perpetrator information includes group name (gname), uncertainty about attribution (guncertain1), and indicators for unaffiliated individuals (individual). Casualty counts provide total killed (nkill) and wounded (nwound), reported as whole numbers excluding unknowns. Additional flags denote uncertainty in classification, such as doubtterr (1 if doubt exists about terrorist intent) and alternative (e.g., coding as insurgency if applicable).[7]
Reliability is maintained through structured coding procedures involving specialized teams for location, targets, weapons, perpetrators, and casualties, overseen by team leaders for quality control. Each incident requires at least one high-quality, independent source, with data cross-verified against multiple reports; natural language processing aids initial screening of 8,000–16,000 articles monthly, followed by manual review. Discrepancies are resolved by preferring majority consensus or the lowest verifiable figure, with unresolved issues noted in event summaries. Users can submit corrections via [email protected], enabling ongoing validation.[7]
Uncertainty flags like doubtterr serve as built-in reliability indicators, applied when evidence of subnational perpetrator intent, non-combatant targeting, or illegitimacy is inconclusive, ensuring transparency about borderline cases. While these measures promote consistency, some analyses critique potential inconsistencies in applying inclusion criteria, potentially affecting classification accuracy for ambiguous events. Multiple coders and source triangulation mitigate bias, though reliance on open-source media introduces risks of underreporting in censored regions.[7][10]
Content Overview
Temporal and Geographic Scope
The Global Terrorism Database (GTD) documents terrorist incidents occurring worldwide from January 1, 1970, to December 31, 2020, encompassing more than 200,000 cases of domestic, transnational, and international attacks.[11] This temporal range was established to provide a comprehensive longitudinal record beginning with the modern surge in such violence during the late 1960s and extending through recent decades, with data collection methods evolving from real-time monitoring for 1970–1997 to retrospective coding post-1998.[1] A notable gap exists for 1993, where records were lost during an office relocation and remain partially unrecovered, potentially undercounting incidents from that year; additionally, some pre-1997 events may be underrepresented due to limited access to contemporaneous media sources at the time of initial compilation.[6] Geographically, the GTD aims for universal coverage, recording attacks across all continents and territories without predefined exclusions, though reporting density correlates with media availability and open-source documentation quality, which can vary by region—such as denser data from Western Europe and North America compared to underreported areas in parts of Africa or Asia prior to the digital era.[11] Incidents are geocoded to specific cities or provinces where possible, enabling granular analysis of hotspots like the Middle East, South Asia, and sub-Saharan Africa, which together account for a majority of post-2000 entries.[1] The database's global ambition stems from its reliance on over 4 million news articles and 25,000+ sources, prioritizing verifiable reports over anecdotal or state-controlled narratives to mitigate biases in coverage.[6] While the GTD's scope facilitates cross-regional comparisons, users must account for methodological shifts—such as enhanced real-time collection after 2011—which may introduce discontinuities in trend analysis, particularly for geographic patterns influenced by varying conflict intensities.[1] As an open-source academic resource maintained by the University of Maryland's START consortium, it emphasizes empirical consistency over political framing, though completeness post-2020 remains subject to ongoing updates not yet publicly integrated as of the latest releases.[11]Incident Types and Perpetrator Profiles
The Global Terrorism Database (GTD) categorizes terrorist incidents by attack type, target type, and weapon type to facilitate analysis of tactical patterns. Attack types are coded using a hierarchical system with up to three entries per incident, prioritizing the primary method; categories include assassination (targeted killing of prominent individuals), armed assault (indiscriminate attacks with firearms or melee weapons), bombing/explosion (detonation of explosives, the most prevalent type accounting for over 50% of incidents in many analyses), hijacking (seizure of vehicles or vessels), hostage taking (barricade or kidnapping variants), facility/infrastructure attack (damage to physical structures without direct casualties), unarmed assault (non-lethal physical attacks), and unknown.[7] Target types encompass 22 broad classes, such as business, government (general), police, military, private citizens, and educational institutions, with subtypes for specificity (e.g., airlines under transportation); both intended and incidental victims are noted to capture broader impacts.[7] Weapon types allow up to four codes per incident, spanning 13 categories like firearms, explosives (including subtypes such as grenades or vehicle-borne improvised explosive devices), incendiary devices, and rare chemical/biological agents, enabling cross-tabulation with attack methods for tactical profiling.[7] These classifications derive from open-source reports, prioritizing empirical verification over speculative intent, though intercoder reliability measures (e.g., kappa statistics above 0.7 for key variables) underscore methodological rigor.[7] For instance, suicide bombings fall under explosives with a subtype flag, distinguishing them from remote-detonated variants, while extended hostage events track duration in hours or days. Property damage extent (catastrophic total loss to minor) and suicide indicators further refine incident severity, avoiding conflation with non-terrorist violence like pure criminality.[7] This structure supports queries revealing trends, such as the dominance of bombings in regions like the Middle East and South Asia, where over 60% of attacks since 2000 involved explosives against government or military targets.[9] Perpetrator profiles in the GTD emphasize organizational attribution over individual demographics, coding primary group names (gname) from a standardized list of over 3,000 entities, with fields for sub-groups, multiple perpetrators (up to three), and uncertainty flags (e.g., "suspected" if attribution relies on unverified claims).[7] Unknown perpetrators are flagged explicitly (-99 code), comprising a significant portion of records (historically 40-50% globally due to underreporting in conflict zones), while unaffiliated individuals are distinguished post-1997 via a binary variable. Quantitative elements include estimated perpetrator count (nperps, using lowest reported figure for vagueness like "several") and captures (nperpcap), but no routine data on age, gender, or nationality exists, limiting granular profiling to group-level analysis.[7] Claim-of-responsibility modes (e.g., calls, videos) and competing claims aid validation, though reliance on media and official reports introduces potential biases toward claimed rather than covert actors.[7] Profiles highlight diverse actors, from ideological clusters like Islamist extremists (e.g., ISIS affiliates responsible for peaks in fatalities post-2010) to separatist groups and unknown lone actors, without inferring motives unless explicitly linked via claims.[12] This approach privileges verifiable attributions, noting that over 70% of U.S.-targeted incidents involved identifiable domestic groups historically, but global opacity persists in anonymous attacks.Statistical Trends and Empirical Insights
The Global Terrorism Database (GTD) documents over 200,000 terrorist incidents occurring worldwide from 1970 through 2020, encompassing both domestic and international attacks that resulted in approximately 280,000 deaths and 360,000 injuries.09835-9) [2] Incidents remained relatively low and stable in the 1970s and 1980s, averaging fewer than 2,000 per year, before rising sharply in the 1990s and accelerating post-2001, driven by conflicts in Iraq, Afghanistan, and the emergence of jihadist networks.[13] The database reveals a pronounced peak in 2014, with around 17,000 attacks causing over 44,000 deaths, followed by a sustained decline: by 2019, global attacks had fallen 50% and deaths 54% from that apex, reflecting territorial losses by groups like the Islamic State and intensified counterterrorism operations.[14] [13] Geographically, the GTD data indicate a concentration of activity in conflict-prone regions, with South Asia, the Middle East and North Africa, and Sub-Saharan Africa accounting for the majority of incidents and fatalities since 2000.[13] For example, in 2019, Afghanistan hosted 21% of worldwide attacks (1,804 incidents) and 41% of deaths (8,249), while Nigeria, Iraq, India, and Yemen together saw over 30% of attacks.[14] This distribution underscores patterns where terrorism correlates strongly with ongoing insurgencies and state weakness, as evidenced by over 90% of attacks in these years targeting military or police targets in asymmetric warfare contexts.[14] Empirical analysis of GTD entries further shows that bombings and explosions constituted the most common tactics, involved in over 50% of incidents, with unarmed assaults and armed assaults following.09835-9) Perpetrator profiles from the GTD highlight the dominance of organized Islamist groups in driving lethality, particularly since the early 2000s, where they accounted for the bulk of fatalities amid intra-Muslim sectarian violence and expansions into fragile states.[13] In 2019, the Taliban perpetrated 1,375 attacks causing 7,531 deaths, the Islamic State 461 attacks with 1,252 deaths, and affiliates like Boko Haram and Al-Shabaab contributed significantly to regional spikes in Sub-Saharan Africa.[14] Unknown actors were linked to about 20% of incidents, but claimed attacks by ideological extremists—predominantly religious—far outpaced separatist or left-wing motives in scale and impact during peak periods.[14] These trends empirically link surges to specific organizational capacities and safe havens rather than diffuse grievances, with declines tied to kinetic disruptions of command structures.[13]| Year | Approximate Attacks | Approximate Deaths (Total, incl. Perpetrators) |
|---|---|---|
| 2014 | 17,000 | 44,000 |
| 2019 | 8,473 | 20,309 |