The "Winking Mechanism": How Google and Amazon Allegedly Created a Secret Code to Alert Israel About Data Requests

Breached Company

Breached Company

15 min read
The "Winking Mechanism": How Google and Amazon Allegedly Created a Secret Code to Alert Israel About Data Requests
Photo by Taylor Brandon / Unsplash

A joint investigation reveals troubling details about Project Nimbus and the extraordinary measures tech giants took to secure a $1.2 billion cloud contract

Executive Summary

A bombshell investigation by The Guardian, +972 Magazine, and Local Call has exposed alarming details about Project Nimbus—a $1.2 billion cloud computing contract between the Israeli government and tech giants Google and Amazon. Leaked documents from Israel's Finance Ministry reveal that both companies agreed to implement a covert "winking mechanism" designed to secretly notify Israeli officials whenever foreign governments compel them to hand over Israeli data, even when gag orders explicitly prohibit such disclosure.

This revelation raises serious questions about corporate ethics, legal compliance, and the willingness of major technology companies to accommodate controversial governmental demands in pursuit of lucrative contracts.

What is Project Nimbus?

Project Nimbus is a seven-year cloud computing agreement signed in 2021 between the Israeli government and Amazon Web Services (AWS) and Google Cloud Platform (GCP). The contract was designed to migrate Israeli government, military, and intelligence data to private cloud infrastructure hosted within Israel's borders.

According to the Israeli Finance Ministry, the project aims to provide "the government, the defense establishment, and others with an all-encompassing cloud solution" including:

  • Advanced cloud computing infrastructure
  • Artificial intelligence and machine learning capabilities
  • Data storage and processing services
  • Security and surveillance technologies

While Google and Amazon have publicly claimed the contract serves civilian government ministries for purposes like finance, healthcare, transportation, and education, leaked documents and testimony from Israeli officials tell a different story. Military and intelligence agencies are confirmed users of the platform, and the contract explicitly places no restrictions on the type of data Israel can store—including classified military and intelligence information.

The "Winking Mechanism" Explained

How the Secret Code Works

The investigation uncovered a sophisticated covert notification system embedded within the Project Nimbus contract. Here's how it operates:

Coded Payments Based on Country Dialing Codes: When Google or Amazon are legally compelled to hand over Israeli data to foreign authorities and are simultaneously gagged from disclosing this action, they must send a coded payment to the Israeli government within 24 hours. The payment amount corresponds to the requesting country's international telephone dialing code:

  • United States (+1): 1,000 Israeli shekels (~$307)
  • United Kingdom (+44): 4,400 shekels (~$1,350)
  • Italy (+39): 3,900 shekels (~$1,196)
  • France (+33): 3,300 shekels (~$1,012)

The "Blind Wink": In cases where even identifying the requesting country would violate legal obligations, the companies must send a flat payment of 100,000 shekels (~$30,000) as a generic alert that a data transfer has occurred but the country cannot be disclosed.

According to the leaked documents, these payments are formally designated as "special compensation" in the contract, disguising their true purpose as covert signals.

Former U.S. prosecutors and cybersecurity legal experts have described this mechanism as "awfully cute" and potentially in violation of U.S. law. Many jurisdictions explicitly prohibit companies from revealing the existence of certain subpoenas or national security letters, even through indirect means.

The arrangement appears designed to technically comply with the letter of gag orders while completely undermining their spirit—a practice that could expose both companies to significant legal jeopardy if foreign courts determine they've been evading judicial oversight.

Unprecedented Contract Restrictions

Beyond the winking mechanism, the leaked documents reveal two other extraordinary provisions that Israeli officials demanded—and Google and Amazon accepted:

1. No Service Termination Clause

The contract explicitly prohibits Google and Amazon from:

  • Restricting Israel's access to their cloud platforms
  • Suspending services due to policy changes
  • Taking action if Israel's use violates the companies' own terms of service

This stands in stark contrast to how these companies have handled other controversial contracts. In September 2024, Microsoft terminated a cloud services agreement with an Israeli military unit after an internal review found evidence that it was being used to store surveillance data on Palestinians, including intercepted phone calls. Under the Nimbus contract, Google and Amazon are contractually forbidden from taking similar action, even if they discover human rights violations or breaches of their own ethical guidelines.

Violation of this clause would trigger:

  • Financial penalties
  • Legal action for breach of contract
  • Potential loss of the entire $1.2 billion contract

2. Unrestricted Data Storage Rights

According to Israeli officials quoted in the investigation, there are "no restrictions" on the type of information Israel may store within Google and Amazon's cloud systems. The contract states that "Israel is entitled to migrate to the cloud or generate in the cloud any content data they wish."

This means:

  • Military intelligence data
  • Surveillance information
  • Classified national security materials
  • Intercepted communications

All of this can be stored without the companies having the right to object or suspend service.

The Microsoft Comparison

Microsoft was originally in the running for the Nimbus contract but reportedly lost out because the company refused to accept some of Israel's most controversial terms, particularly the winking mechanism and the unrestricted service guarantee.

Microsoft's position proved prescient. In September 2024, the company faced significant backlash when +972 Magazine revealed that Israeli military Unit 8200 was using Microsoft Azure to store a massive database of intercepted Palestinian phone calls. After an internal investigation, Microsoft revoked the military unit's access to certain services—an action that would be impossible under the Nimbus contract terms. Read our detailed analysis: Microsoft Terminates Israeli Military Access Over Mass Surveillance

This contrast raises uncomfortable questions: Did Google and Amazon's willingness to accept more permissive terms help them win the contract? And what does this say about corporate values when lucrative government contracts are at stake?

The Human Cost: Employee Protests and Mass Firings

Project Nimbus has sparked unprecedented internal dissent at both Google and Amazon, leading to one of tech's largest employee protest movements and mass terminations.

Timeline of Employee Activism

2021-2022: Following the contract signing, over 1,700 employees from both companies signed petitions demanding cancellation of Project Nimbus, citing concerns about enabling human rights violations against Palestinians.

March 2024: Google employee Eddie Hatfield was fired after interrupting a company event featuring Google Israel's managing director, shouting "I refuse to build technology that empowers genocide."

April 2024: The situation escalated dramatically when employees organized sit-in protests at Google offices in:

  • Sunnyvale, California (including Cloud CEO Thomas Kurian's office)
  • New York City
  • Seattle

Over 100 protesters participated, with nine arrested after refusing to leave. The protesters wore shirts and displayed banners reading "No more genocide for profit."

The Mass Terminations: Google's response was swift and severe:

  • Initial wave: 28 employees fired immediately following the protests
  • Second wave: An additional 20+ employees terminated after internal investigations
  • Total: Approximately 50 employees fired for their involvement in or association with the protests

Notably, several of those fired were not direct participants in the sit-ins but were identified through internal investigations, security badge scans, and coworker reports. Some employees claim they were terminated simply for being present at the protests or taking photographs.

Corporate Retaliation Concerns

The mass firings have raised serious concerns about:

Chilling Effect on Dissent: Google CEO Sundar Pichai sent a company-wide memo stating employees should not "fight over disruptive issues" or "debate politics," emphasizing that Google "is a business, and not a place to act in a way that disrupts coworkers."

Selective Enforcement: Critics point out that Google has historically encouraged open debate and employee activism on various issues, making the aggressive response to Project Nimbus protests appear selective.

Labor Law Violations: Some terminated employees have filed complaints with the National Labor Relations Board (NLRB), arguing that the firings constitute illegal retaliation for protected labor organizing.

Pattern of Suppression: Former Google employee Ariel Koren, who resigned in 2022 after being given an ultimatum to relocate to Brazil within 17 days or lose her job, stated that Google "systematically silences Palestinian, Jewish, Arab and Muslim voices concerned about Google's complicity in violations of Palestinian human rights."

Military and Surveillance Applications

Despite public assurances that Nimbus serves only civilian purposes, multiple sources confirm the contract's military and intelligence applications:

Confirmed Military Uses

AI-Assisted Targeting Systems: Reporting from +972 Magazine revealed that Israel has deployed AI systems for target selection in Gaza, including:

  • "The Gospel": Categorizes buildings as potential military targets
  • "Lavender": Identifies individuals for targeting (with documented false positives)
  • "Where's Daddy": Tracks movements of targeted individuals

These systems reportedly rely on cloud computing infrastructure that may be supported by Project Nimbus. The intersection of surveillance technology, psychological operations, and state-sponsored influence campaigns represents a broader pattern of modern information warfare. Read more about how governments weaponize social media and surveillance from the KGB to contemporary operations.

Surveillance Database: Israeli intelligence planned to migrate a vast database of intercepted Palestinian phone calls from Microsoft Azure to Amazon Web Services after Microsoft terminated access. Amazon has declined to comment on whether this transfer occurred.

Facial Recognition: Israel has utilized Google Photos facial recognition technology to create targeting databases of Palestinians in occupied territories.

UN Findings

A United Nations commission investigating Israel's conduct in Gaza found evidence of acts potentially amounting to genocide, with advanced cloud computing and AI systems playing a central role in military operations. The commission specifically noted Israel's reliance on sophisticated data analysis and surveillance technologies.

Corporate Responses and Denials

Both Google and Amazon have issued strong denials regarding the investigation's findings:

Google's Statement

"The idea that we would evade our legal obligations to the US government as a US company, or in any other country, is categorically wrong. This appears to be yet another attempt to falsely imply otherwise... We've been very clear about the Nimbus contract, what it's directed to, and the Terms of Service and Acceptable Use Policy that govern it. Nothing has changed."

Amazon's Statement

"We respect the privacy of our customers, and we do not discuss our relationship without their consent, or have visibility into their workloads... We have a rigorous global process for responding to lawful and binding orders for requests related to customer data. AWS carefully reviews each request to assess any non-disclosure obligations, and we maintain confidentiality in accordance with applicable laws and regulations."

What the Companies Didn't Deny

Notably, neither company explicitly denied:

  • The existence of the contract clauses described in the leaked documents
  • The winking mechanism itself
  • The prohibition on service termination
  • The unrestricted data storage provisions

Instead, their responses focused on general denials about evading legal obligations without addressing the specific mechanisms revealed in the investigation.

The Israeli Government's Position

The Israeli Finance Ministry defended the contract terms, stating:

"Google and Amazon are bound by stringent contractual obligations that safeguard Israel's vital interests. These agreements are confidential and we will not discuss specific terms."

An Israeli official familiar with the project told investigators: "No company should be allowed to stop providing services to Israel for political or social reasons. This contract was designed to protect our national interests."

Internal Finance Ministry documents praised the outcome, noting that the companies "understand the sensitivities of the Israeli government and are willing to accept our requirements."

Israel's use of these contractual provisions exists within a broader context of sophisticated influence operations targeting American public opinion. The Israeli government has invested millions in paying U.S. social media influencers to shape narratives, operating what amounts to foreign influence campaigns targeting American audiences. These parallel efforts—securing unfettered access to cloud infrastructure while simultaneously manipulating the information ecosystem—represent a coordinated strategy to maintain control over both data and narrative.

Privacy and Security Implications

The revelations raise critical questions for cybersecurity professionals and privacy advocates:

Data Sovereignty Concerns

Undermining Legal Protections: If the winking mechanism is real and operational, it represents a fundamental breach of the principle that companies must respect local legal processes. This sets a dangerous precedent—if Google and Amazon will create workarounds for Israel, what's to stop them from doing the same for other governments?

The Israeli technology sector's reach extends far beyond cloud computing into identity verification and surveillance systems used globally. Learn more about Israel's role in digital identity systems and how companies like AU10TIX create "digital twins" that raise similar data sovereignty concerns.

Cloud Trust Erosion: Organizations worldwide entrust sensitive data to cloud providers based on assurances about legal compliance and data protection. The Nimbus revelations suggest these assurances may be negotiable for sufficiently valuable contracts.

Broader Industry Impact

Competitive Disadvantage for Ethical Companies: Microsoft's refusal to accept certain terms cost them the Nimbus contract. This creates a perverse incentive structure where companies willing to compromise ethical standards gain competitive advantages.

Precedent for Other Nations: If the "winking mechanism" becomes standard practice, other governments may demand similar arrangements, further complicating the global legal landscape for data protection.

Questions for Cloud Customers

Organizations using Google Cloud Platform or Amazon Web Services should consider:

  1. Are similar arrangements in place with other governments?
  2. What recourse do customers have if their data is subject to secret surveillance or sharing?
  3. How can companies verify that their data isn't being used for purposes they oppose?
  4. What due diligence is required when selecting cloud providers for sensitive data?

U.S. Law: Federal law prohibits companies from revealing certain types of legal requests, including national security letters and some subpoenas. Creating a coded notification system could violate these statutes, potentially exposing Google and Amazon to:

  • Criminal liability
  • Civil penalties
  • Loss of government contracts
  • Congressional investigation

International Jurisdiction: The mechanism may violate laws in multiple countries where Google and Amazon operate, creating a complex web of conflicting legal obligations.

Ethical Concerns

Corporate Social Responsibility: The revelations highlight the tension between corporate profits and ethical obligations. Key questions include:

  • Do tech companies have a responsibility to refuse contracts that may facilitate human rights violations?
  • Should shareholder value take precedence over ethical considerations?
  • What duty do companies owe to their employees who object to controversial contracts?

Transparency and Accountability: The secret nature of these arrangements prevents meaningful public oversight and accountability, allowing governments and corporations to operate without democratic scrutiny.

Employee Rights: The mass terminations raise questions about:

  • The right of workers to speak out on ethical issues
  • The limits of corporate control over employee speech
  • Whether companies can suppress internal dissent while claiming to value open dialogue

Historical Context: Tech and Military Contracts

The Nimbus controversy is part of a broader pattern of tension between tech workers and military/government contracts:

Google Maven (2018): Google employees successfully pressured the company to abandon a Pentagon contract for AI-powered drone targeting systems, with over 4,000 employees signing a petition and dozens resigning.

Microsoft HoloLens (2019): Employees protested a $480 million contract to provide augmented reality headsets to the U.S. Army, though Microsoft ultimately maintained the contract.

Amazon Rekognition (2018-2020): The company faced backlash over selling facial recognition technology to law enforcement, with employees and civil rights groups demanding the company stop the practice.

Palantir: The data analytics company built its business model around controversial government contracts, including ICE and military applications, despite sustained criticism.

What Makes Nimbus Different: The scale of the employee response (50+ terminations), the contractual prohibitions on service termination, and the alleged secret notification system make Project Nimbus unprecedented in tech industry history.

Impact on the Israeli-Palestinian Conflict

The use of advanced technology in the Israeli-Palestinian conflict has become increasingly controversial:

Technology-Enabled Surveillance State

Scope of Surveillance: Palestinians in the occupied West Bank and Gaza are subject to extensive surveillance including:

  • Facial recognition at checkpoints
  • Phone call interception
  • Social media monitoring
  • Movement tracking
  • Biometric databases

Human Rights Concerns: Organizations including Human Rights Watch, Amnesty International, and B'Tselem have documented how surveillance technologies contribute to the systematic oppression of Palestinians, with some describing it as apartheid.

The Gaza Campaign

Since October 2023, Israel's military operations in Gaza have killed over 43,000 Palestinians (as of late 2024), the majority civilians. The military has acknowledged heavy reliance on AI-assisted targeting and cloud computing for:

  • Target identification
  • Strike planning
  • Intelligence analysis
  • Surveillance operations

The role of American technology companies in enabling these operations has become a flashpoint for controversy.

What Happens Next?

Potential Investigations

U.S. Congress: The revelations may trigger congressional investigations into whether Google and Amazon violated U.S. law or misled investors about their contractual obligations.

SEC Inquiry: If the companies failed to adequately disclose material risks associated with the contract, the Securities and Exchange Commission could investigate potential securities violations.

Department of Justice: Criminal violations of gag order laws could prompt DOJ action, though political considerations make this uncertain.

International Bodies: The International Court of Justice is already reviewing allegations of genocide against Israel. These revelations could factor into those proceedings and potentially implicate the tech companies.

Corporate Accountability

Shareholder Pressure: Institutional investors may push for greater oversight of controversial government contracts, particularly those that create legal and reputational risks.

Employee Organizing: The mass firings may galvanize further worker organizing across the tech industry, with employees demanding ethical AI policies and the right to refuse work on controversial projects.

Customer Backlash: Organizations concerned about their own ethical standards may reconsider their use of Google Cloud Platform or Amazon Web Services, potentially impacting the companies' bottom lines.

Recommendations for Cybersecurity Professionals

Due Diligence for Cloud Migrations

The Project Nimbus revelations underscore the critical importance of vendor risk management and third-party oversight. Organizations must recognize that cloud provider relationships represent significant compliance and operational risks.

  1. Review Vendor Policies: Understand how your cloud provider responds to government data requests
  2. Assess Geopolitical Risks: Consider whether vendor relationships with controversial governments create supply chain risks
  3. Evaluate Transparency Reports: Analyze providers' transparency reporting on government requests
  4. Consider Data Localization: Explore options for keeping sensitive data within specific jurisdictions
  5. Implement Zero-Knowledge Encryption: Use encryption methods where providers cannot access decrypted data

Questions to Ask Cloud Providers

When evaluating cloud service providers, especially in light of the Nimbus revelations, organizations should ask:

  • What special arrangements, if any, exist with government customers?
  • Under what circumstances can service be terminated for Terms of Service violations?
  • How do you handle conflicts between different countries' legal requirements?
  • What safeguards prevent your government contracts from compromising customer data?
  • How do you ensure GDPR compliance for international data transfers?
  • What contractual provisions protect customers if government contracts create conflicts of interest?

Alternative Approaches

  • Multi-cloud Strategy: Distribute workloads across multiple providers to reduce dependence on any single vendor
  • Private Cloud: Consider on-premises or hosted private cloud for sensitive workloads
  • Regional Providers: Explore smaller, specialized cloud providers with clearer ethical commitments
  • Open Source Solutions: Implement open-source cloud platforms with full transparency

Broader Implications for Tech Ethics

The Project Nimbus revelations crystallize several critical issues facing the technology industry:

The Myth of Neutrality

Tech companies often claim their tools are neutral and that they bear no responsibility for how customers use them. The Nimbus contract shows that this neutrality is selective—companies make active choices about which governments to serve and under what terms.

Israel's Multi-Front Information War

The Project Nimbus contract must be understood as one component of Israel's comprehensive information warfare strategy. While securing privileged access to Google and Amazon's cloud infrastructure through the "winking mechanism," Israel simultaneously launched expensive influence operations targeting American public opinion:

$6 Million Influencer Campaign: Israeli Prime Minister Benjamin Netanyahu has described social media as "the most important weapon" and the "eighth front" in Israel's conflicts. The Israeli government contracted Brad Parscale (Trump's former campaign manager) for $6 million to target Gen Z audiences across TikTok, Instagram, and YouTube, while simultaneously manipulating AI training data to influence how ChatGPT responds to Israel-related queries.

The Esther Project: An additional $900,000 campaign paying American influencers up to $7,372 per post to create pro-Israel content, often without disclosing the foreign government funding to their audiences.

Targeting U.S. Lawmakers: Reports revealed Israel's Ministry of Diaspora Affairs funded covert campaigns targeting U.S. lawmakers over Gaza policy, using fake social media accounts and AI-generated content.

Detailed investigation: How Israel weaponizes influencer marketing and psychological operations

This parallel strategy—ensuring unrestricted cloud access while manipulating the information landscape—reveals a sophisticated approach where technical infrastructure and narrative control reinforce each other. Google and Amazon's contractual agreements prevent them from cutting off services even if used for surveillance or military operations, while Israel's influence campaigns shape how those operations are perceived by American audiences.

Profit vs. Principles

When a $1.2 billion contract is at stake, corporate principles become negotiable. This raises fundamental questions about whether meaningful ethical constraints can exist in a capitalist system that prioritizes shareholder value above all else.

The Limits of Employee Power

Despite widespread internal opposition and years of organizing, Google and Amazon employees could not stop Project Nimbus. The mass firings send a clear message: dissent will not be tolerated when major revenue is involved.

Regulatory Gaps

Current laws fail to adequately govern the relationship between tech companies and governments, particularly for controversial uses of technology. New regulatory frameworks are needed to ensure democratic oversight and accountability.

The enforcement landscape is evolving rapidly, with regulatory fines and compliance requirements intensifying across all sectors. The Nimbus controversy may accelerate calls for specific regulations governing cloud provider relationships with government entities, particularly when those relationships involve surveillance or military applications.

Conclusion

The Project Nimbus "winking mechanism" represents more than just a controversial business arrangement—it's a watershed moment that exposes the willingness of major technology companies to compromise their stated principles, potentially violate laws, and suppress employee dissent in pursuit of lucrative government contracts.

For cybersecurity professionals, the revelations serve as a stark reminder that cloud providers are not neutral arbiters of technology but political actors whose business decisions have profound implications for privacy, security, and human rights.

As our critical infrastructure and sensitive data increasingly migrate to cloud platforms, we must demand greater transparency, accountability, and ethical standards from the companies we entrust with our most valuable digital assets.

The question is no longer whether tech companies will do business with controversial governments—clearly they will. The question is whether we, as customers, employees, and citizens, will accept these arrangements without demanding meaningful oversight, ethical constraints, and the right to know when our tools are being used for purposes we oppose.

The winking mechanism may be secret, but the choice before us is not: Will we continue entrusting our data to companies that treat ethical obligations as optional, or will we demand better?

Sources and Further Reading

  • The Guardian, +972 Magazine, and Local Call joint investigation (October 29, 2025)
  • Project Nimbus contract documents (leaked)
  • Israeli Finance Ministry documents (leaked)
  • Time Magazine investigation into Project Nimbus military applications
  • UN Human Rights Commission reports on Israel-Palestine
  • No Tech For Apartheid campaign materials
  • Microsoft Azure termination statements
  • Employee testimony from fired Google workers
  • Human Rights Watch and Amnesty International reports on surveillance in occupied territories

About the Author: This article is published on CISO Marketplace as part of our ongoing coverage of critical cybersecurity issues, vendor risk management, and the intersection of technology and ethics. We believe cybersecurity professionals have a responsibility to understand not just the technical capabilities of our tools, but their broader implications for society and human rights.

Understanding Israel's Information Warfare Strategy:

From Breached.Company:

From MyPrivacy.Blog:

From ComplianceHub.Wiki:

Read more

Israeli Defense Contractor Maya Suffers Devastating Breach: 18 Months of Surveillance Exposed

Israeli Defense Contractor Maya Suffers Devastating Breach: 18 Months of Surveillance Exposed

Critical Infrastructure Alert: Iranian-linked threat actors demonstrate unprecedented access to sensitive defense systems Executive Summary A sophisticated cyber operation targeting Israeli defense contractor Maya has exposed classified weapons development programs, including surveillance camera footage from meeting rooms and workshops captured over an 18-month period. The breach, attributed to the Cyber

By Breached Company