Israel Demanded Google and Amazon Use Secret 'Wink' To Sidestep Legal Orders (theguardian.com)
- Reference: 0179918230
- News link: https://tech.slashdot.org/story/25/10/30/225232/israel-demanded-google-and-amazon-use-secret-wink-to-sidestep-legal-orders
- Source link: https://www.theguardian.com/us-news/2025/oct/29/google-amazon-israel-contract-secret-code
> When Google and Amazon negotiated a major $1.2 billion cloud-computing deal in 2021, their customer -- the Israeli government -- had an unusual demand: [1]agree to use a secret code as part of an arrangement that would become known as the "winking mechanism ." The demand, which would require Google and Amazon to effectively sidestep legal obligations in countries around the world, was born out of Israel's concerns that data it moves into the global corporations' cloud platforms could end up in the hands of foreign law enforcement authorities.
>
> Like other big tech companies, Google and Amazon's cloud businesses routinely comply with requests from police, prosecutors and security services to hand over customer data to assist investigations. This process is often cloaked in secrecy. The companies are frequently gagged from alerting the affected customer their information has been turned over. This is either because the law enforcement agency has the power to demand this or a court has ordered them to stay silent. For Israel, losing control of its data to authorities overseas was a significant concern. So to deal with the threat, officials created a secret warning system: the companies must send signals hidden in payments to the Israeli government, tipping it off when it has disclosed Israeli data to foreign courts or investigators.
>
> To clinch the lucrative contract, Google and Amazon agreed to the so-called winking mechanism, according to leaked documents seen by the Guardian, as part of a joint investigation with Israeli-Palestinian publication [2]+972 Magazine and Hebrew-language outlet [3]Local Call . Based on the documents and descriptions of the contract by Israeli officials, the investigation reveals how the companies bowed to a series of stringent and unorthodox "controls" contained within the 2021 deal, known as [4]Project Nimbus . Both Google and Amazon's cloud businesses have denied evading any legal obligations.
[1] https://www.theguardian.com/us-news/2025/oct/29/google-amazon-israel-contract-secret-code
[2] https://www.972mag.com/project-nimbus-contract-google-amazon-israel/
[3] https://www.mekomit.co.il/ps/157869/
[4] https://tech.slashdot.org/story/24/04/17/0014253/google-workers-protest-cloud-contract-with-israels-government
A warranty canary would make more sense (Score:4, Insightful)
In countries that can't make you lie but can make you not tell others about their warrants, a warranty canary is a good, legal way to communicate that a court or police force has seized data and put you under a gag order.
In countries where the government can "make you lie" by making you continue to say that there has been no government data-seizure, warranty canaries are useless - "killing the canary" will get you in the same legal hot water as announcing "the government took your data."
I wouldn't be surprised if some of the countries whose police or court actions were leaked to Israel take whatever legal action they can against Google and Amazon.
Why trust? (Score:3)
Surely the Israel government has the resources to self host? If the information is so important that they want know if a third party has been given it then why trust it with someone they do not have 100% control of in the first place?
More generally any country trusting Google or Amazon to keep their data secure has not got the memo that the USA is not a trusted partner anymore. trump can ask for anything you save with USA companies and they will answer "Would you like that emailed to you or on a gold plated HDD?".
Re: (Score:2)
You must be young,
"It may be dangerous to be America's enemy, but to be America's friend is fatal.”
Or
'America has no permanent friends or enemies, only interests'
Henry Kissinger
And those were when I was a kid. Trusted partner? Snort snicker tee-hee.
Re: (Score:2)
They might have been using cloud services as part of a covert operation. One where hosting data on internal Israeli systems might have been a rip-off to foreign actors of Israeli involvement. Parties using American cloud services couldbr anybody.
Re: (Score:2)
Rip-off = tip-off
Re: (Score:3)
I just hope AWS wasn't hosting Israel's "Where's Daddy" AI project. In an industry full of disgusting proposals the idea of an AI which would predict when a target would be at home so that they could be murdered along with their entire family is the worst I've ever heard of.
Re: (Score:2)
Probably not. That's something they could do in-house.
Re: (Score:2)
It seems like the Israeli management is ignorant of basic cloud security, hopefully their staff isn't. I don't know about Google, but every volume in the AWS cloud can be encrypted, and Amazon does not hold the keys. Unless the customer gives AWS the key for some reason all they see is a blob of encrypted bits X-many bytes long (the data techs even refer to it as a 'blob'). They can move the blob from one place to another, back it up, restore it, etc. but have no idea what is in it. This is not like a W
Re: (Score:2)
For a nation with the resources Israel has, if they really wanted GCP or AWS for the platform, they could afford to have them build isolated, dedicated datacenters in Israel and run it for them. The US DOD does this with Azure and I think AWS.
You know I just want to say it's perfectly normal (Score:2)
For a nation state to be worried about law enforcement on the part of other Nation states. Nothing bad has ever happened when a nation state goes out of its way to prevent international law from being enforced right?
Re: (Score:2)
That's true, but it goes even further. There's no such thing as international law. There is only other countries' laws, treaties, and conventions. No sovereign nation willingly subjects itself to another nation's laws, for that is giving up some of its sovereignty.
Convoluted (Score:2)
Surely it would have been so much easier to stipulate someone was to be given employment in the legal team that deals with such requests.
Re: (Score:2)
AWS has a legal representative in every country where they have data centers, it's pretty much a necessity. If a court order is issued in Ireland or Holland it's unlikely that Seattle will even be aware of it for a couple of days, and it may have been already carried out.
Slippery slope is the goal. (Score:1)
If you can force a company to agree to and normalize such winks, then the next step is to expand the protocol to communicate additional information. It's basically a step towards forcing companies to provide intelligence.
This seems like it will go poorly. (Score:2)
I'm a little unclear on what anyone thought this elaboration was getting them; unless it was purely pessimism about the existence of any sort of untapped channel where cute but relatively crude steganography wouldn't be necessary or could be better-handled by any of the myriad excuses to send bits of encrypted information(altering the agreed-upon portions of encrypted JWTs returned by some auth endpoint or the like).
There's the very specific case of 'warrant canaries', for which there's some US case law a
Stop Supporting Pro-Israel Businesses Like Google (Score:1)
Israel would not have asked Google and Amazon to send a secret code unless Israel already believed that it could trust Google and Amazon. I suppose that anyone should be free to support whatever they wish with their business operations, but I am also free to not want to support businesses that support baby-starving and child-murdering Israel. I've already deleted my Facebook account, and I have signed up for Proton email to transition away from Gmail, and I think that I may have to avoid Amazon as well. Mic
Re: (Score:1)
I wonder at what point your average person will realized that the Israeli government operates like the ThirdReich in some important ways.