Leaked documents from Israel’s finance ministry, which include a finalised version of the Nimbus agreement, suggest the secret code would take the form of payments – referred to as “special compensation” – made by the companies to the Israeli government.
According to the documents, the payments must be made “within 24 hours of the information being transferred” and correspond to the telephone dialing code of the foreign country, amounting to sums between 1,000 and 9,999 shekels.
If either Google or Amazon provides information to authorities in the US, where the dialing code is +1, and they are prevented from disclosing their cooperation, they must send the Israeli government 1,000 shekels.
If, for example, the companies receive a request for Israeli data from authorities in Italy, where the dialing code is +39, they must send 3,900 shekels.
If the companies conclude the terms of a gag order prevent them from even signaling which country has received the data, there is a backstop: the companies must pay 100,000 shekels ($30,000) to the Israeli government.
Never worked for either company, but there's a zero percent chance. Legal agrees to bespoke terms and conditions on contracts (or negotiates them) for contracts. How flexible they are to agreeing to exotic terms depends on the dollar value of the contract, but there is no chance that these terms (a) weren't outlined in the contract and (b) weren't heavily scrutinized by legal (and ops, doing paybacks in such a manner likely require work-arounds for their ops and finance teams).
You could argue that it's against something like the OECD Anti‑Bribery Convention, but that would be a much more difficult case, given that this isn't a particular foreign official, but essentially a central body of the foreign government.
Just to clarify, not saying that it's ok, but just that accusing it of being a "crime" might be a category error.
No laws require prosecution and enforcement. Western countries shield Israel from all of that.
its a buggy method, considering canada also uses +1, and a bunch of countries look like they use +1 but dont, like barbados +1(246) using what looks like an area code as part of the country code.
You are correct that ITU code is not specific enough to identify a country, but I'm sorry, +1 is the ITU country code for the North American Numbering Plan Area. 246 is the NANPA area code for Barbados (which only has one area code) but as a NANPA member, Barbados' country code is +1, same as the rest of the members. There is no '+1246' country code.
There's not a lot of countries that are in a shared numbering plan other than NANPA, but for example, Khazakstan and Russia share +7 (Of course, the USSR needed a single digit country code, or there would have been a country code gap), and many of the former Netherland Antilles share +599, although Aruba has +297, and Sint Maarten is in +1 (with NANPA Area code 721)
This is criminal conspiracy. It's fucking insane that they not only did this, but put the crime in writing.;
Uhm doesn't that mean that Google and Amazon can easily comply with US law despite this agreement?
There must be more to it though, otherwise why use this super suss signaling method?
https://www.politico.com/story/2019/09/12/israel-white-house...
> The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge of the matter.
> If either Google or Amazon provides information to authorities in the US, where the dialing code is +1, and they are prevented from disclosing their cooperation, they must send the Israeli government 1,000 shekels.
This sounds like warrant canaries but worse. At least with warrant canaries you argue that you can't compel speech, but in this case it's pretty clear to any judge that such payments constitute disclosure or violation of gag order, because you're taking a specific action that results in the target knowing the request was made.
> This sounds like warrant canaries
A warrant canary works by removing information, not by transmitting it. You put up a sign like "The FBI has not issued a warrant" and then remove it if they do, even if there is a gag order stating you cannot disclose that they issued you a warrant. This only works because you have not told anyone that a warrant has been issued but they must infer that the missing canary implies such a warrant has been dispatched.
> but in this case it's pretty clear to any judge that such payments constitute disclosure
I think what is funniest is that it could have been much more secret. When I saw the reference in the intro to payments I was thinking "don't tell me they're so dumb they're coding info like Costco". That they'd use the cents to detail access. Like .99 for all clear and .98 for access. But that's not "clever" at all lol
You transmit information by changing the content of the transmission, basically just like any communication works
> This only works
do you know that? Haven't heard of it actually working in any high profile case.
> because you have not told anyone that a warrant has been issued
you have told them explicitly by agreeing to a scheme both parties understand and by enacting the message change under said scheme. You basically just used some encoding to hide the plain message
I’ve always wondered. It seems just as easy for authorities to forbid removing canaries as it is to forbid telling someone something.
EDIT: ah, this is explained downthread: https://news.ycombinator.com/item?id=45763032
> Several experts described the mechanism as a “clever” workaround that could comply with the letter of the law but not its spirit.
It's not clear to me how it could comply with the letter of the law, but evidently at least some legal experts think it can? That uncertainty is probably how it made it past the legal teams in the first place.
I mean, why pay the money? Why not just skip the payment and email a contact "1,000"? Or perhaps "Interesting article about in the Times about the USA, wink wink"?
This method is deliberately communicating information in a way that (I assume) is prohibited. It doesn't seem like it would take a judge much time to come to the conclusion that the gag order prohibits communication.
Creating a secret code is still communication, whether that's converting letters A=1, B=2, sending a video of someone communicating it in sign language, a painting of the country, writing an ethereum contract, everyday sending a voicemail with a list of all the countries in the world from A to Z, but omitting the one(s) that have the gag / warrant...
Wouldn't those involved be liable to years in prison?
I find it hard to imagine a federal US order wouldn’t proscribe this cute “wink” payment. (Although who knows? If a state or locality takes it upon themselves to raid a bit barn, can their local courts bind transnational payments or is that federal jurisdiction?)
But from the way it’s structured—around a specific amount of currency corresponding to a dialing code of the requesting nation—it sure sounds like they’re thinking more broadly.
I could more easily imagine an opportunistic order—say, from a small neighboring state compelling a local contractor to tap an international cable as it crosses their territory—to accommodate the “winking” disclosure: by being either so loosely drafted or so far removed from the parent company’s jurisdiction as to make the $billions contract worth preserving this way.
In my opinion that's extremely unlikely. This was probably set up for other kinds of countries
This means that they can read even the personal email of Supreme Court justices, congressmen and senators.
However they have a gentleman’s agreement to not do that.
“Wink”
Trying to remember back to Snowden, I think I recall that not only DON'T they have such an agreement, but the intelligence folks consider this a feature. The US government is Constitutionally forbidden from reading "US persons" communications, but our Constitution has no such restriction on third parties. So if those third parties do the spying for us, and then tell our intelligence folks about it, everybody wins. Well, except for the people.
Spy on, insert or recruit an asset from the pool of employees who are involved in any "Should we tell Israel?" discussion. That way, even if an answer is "No, don't alert them", the mere existence of the mechanism provides an actionable intelligence signal.
Either Israel already knows about the subpoena, in which case the discussion doesn't matter, or they don't, in which case their asset wouldn't be in on the discussion.
But is there an Israeli law that states contracts must be in concordance with foreign law... When the damages of an Israeli contract get evaluated in an Israeli court and they include the loss of Israeli intelligence assets will the costs not be significant? Yes google can pull out of Israel but they literally built datacentres there for these contracts so there are sizeable seizable assets.
And yes google may also get fined for breaking foreign law by foreign courts. The question is if the architecture of the system is set up so the only way data can be "secretly" exfiltrated by other governments is to go through local Israeli employees and they're the one's breaking the foreign law (and they were told explicitly by foreign bosses that they can't share this information wink) is there any punishment for google other than fines dwarfed by the contract and having to fire an employee who is strangely ok with that, who is replaced by a equally helpful local employee.
Also, I can't believe that Google or Amazon would sign a contract that doesn't specify the judicial jurisdiction. If the contract says "this contract will be governed by the courts of Santa Clara County California" and the Israelis agreed to that, then they won't have a claim in Israeli courts. If an Israeli court concluded that they have jurisdiction when both parties agreed they don't have jurisdiction, it'd create a very problematic precedent for doing business with Israeli companies.
Even if an Israeli court would ignore all that, what would Israel get? Maybe it could seize a billion in assets within Israel, but would that be worth it? For Google or Amazon, they face steeper penalties in the US and Europe for various things. For Israel, maybe they'd be able to seize an amount of assets equivalent to 10% of their annual military budget. So while it's not a small sum, it is a small sum relative to the parties' sizes. Neither would really win or lose from the amount of money in play.
But Israel would lose big time if it went that route. It would guarantee that no one would sign another cloud deal with them once the existing contracts expired. Investment in Israel would fall off a cliff as companies worried that Israeli courts would simply ignore anything they didn't like.
The point of these agreements is that Israel needs access to cloud resources. The primary objective is probably to avoid getting cut off like Microsoft did to them. That part of the contract is likely enforceable (IANAL): Israel does something against the ToS, but they can't be cut off. I'd guess that's the thing that Israel really wanted out of these deals.
The "wink" was probably a hopeful long shot that they never expected to work. But they got what they needed: Amazon and Google can't cut them off regardless of shareholder pressure or what they're doing with the cloud no matter what anyone thinks of it. Suing Amazon or Google over a part of the contract that they knew was never going to happen would jeopardize their actual objective: stable, continued access to cloud resources.
For example a tennant can sign a lease that says they have no notice period before eviction. If they’re in a state with a 30 day minimum notice period then the notice period is 30 days. It doesn’t matter what the contract says.
Google would comply with the US court order and ignore the contract it signed with Israel.
That does not help
Signing the contract was a criminal conspiracy
I am not holding my breath for prosecution, though.
If it wasn't Amazon, Google and Israel government, there wouldn't be people pretending it comply with the 'letter of the law'. It is simple treason, selling your own country secret to another.
And the way it's done isn't that 'brilliant'. Oh yes they aren't writing on paper that x country asked for Israel data, they are instead using the country phone index and making payment based on that...
> The terms of the Nimbus deal would appear to prohibit Google and Amazon from the kind of unilateral action taken by Microsoft last month, when it disabled the Israeli military’s access to technology used to operate an indiscriminate surveillance system monitoring Palestinian phone calls.
I don’t understand the connection between these two things. The article seems all over the place.
It is like if it is illegal to import more then $1000 into the country without declaring, and you (clever) give $900 each to 4 of your friends who are conveniently traveling with you, so you only walk across the border with remaining $400, not breaking any laws. Then when inside the country, your friends give you back the $900 each, meaning you just de-facto imported $4000 while technically crossing the border with less then $1000, as legally required.
If normal people tried to do this they would obviously be charged with the crime of illegally importing money, but also with something like a conspiracy to evade the law.
At least for us. For the more fortunate, maybe it’s just a “creative interpretation of law.”
If for some reason the US were storing sensitive data in US-based datacenters operated by a foreign corporation, don't you think they would try to take measures to prevent that data from being exfiltrated? It would be idiotic for Israel not to take what measures it could.
As for the idea that Amazon is acting treasonously - is warning someone that your country is spying on them treasonous? I think they should warn anyone and everyone whose data is being shared with any government, as long as they stay within the letter of the law in the places they operate.
Yes it is if you are American. Snowden revealed that the American government was spying on every single American, now he is forced to live hidden in Russia.
Expecting there to be law abidance and so on when dealing with Israel or israelis is a mistake that'll make you the 'freier' in that relationship. This is why Israel and israeli corporations commonly use usian and european fronts when they do business with more discerning customers than the most obvious tyrants of the world.
But could it instead/also be for international spy operations, like surveillance, propaganda, and cyber attacks? A major cloud provider has fast access at scale in multiple regions, is less likely to be blocked than certain countries, and can hide which customer the traffic is for.
If it were for international operations, two questions:
1. How complicit would the cloud providers be?
2. For US-based providers, how likely that US spy agencies would be consulted before signing the contracts, and consciously allow it to proceed (i.e., let US cloud providers facilitate the foreign spy activity), so that US can monitor the activity?
E.g. you will find references in AWS docs to Bureau of Industry/Security rulings.
https://www.theguardian.com/world/2025/aug/06/microsoft-isra...
I don't imagine Google and Amazon are any better. I.e. take boatloads of money, while sticking the head into sand and pretend it's not likely used to help the illegal occupation of Palestinians, to persecute and harm them.
Apparently, US aid to a country is usually spent on US companies; Israel is no exception: https://theintercept.com/2024/05/01/google-amazon-nimbus-isr...
That’s not “cloud > onprem always”, that’s “even given cloud providers’ many faults governments are so terrible at managing and securing infrastructure today that the cloud is preferable for them”. Whether you anre pro- or anti-particular-government, you should still support gov-moves-to-cloud. The alternative is proven unbelievably worse on every possible axis.
Insane. Obeying the law or ToS, apparently, is discriminatory when it comes to Israel.
Google/Amazon could just say yes until the contract is signed, and then just not comply. Israeli government would have no recourse since they can’t go to a US court, and file charges for a US company NOT breaking the law or for complying with a court order. Israel also would not want this to come to light.
It’s like a criminal’s promise. The only recourse is taking your business elsewhere, which Israel would do when they’re tipped off anyways. But at least if Google/Amazon fail to wink, contract lasts a little longer.
So Microsoft is now more ethical than Google and Amazon? What times we live in!
There is certainty they broke the law. Both federally and, in all likelihood, in most states.
I wonder if there's a national security aspect here, in that knowing the country would prompt some form of country-specific espionage (signals intelligence, local agents on the inside at these service providers, etc.) to discover what the targeted data might be.
Knowing the country allows an immediate diplomatic protest, threats to withdraw business, and investigation.
The payment is to be within 24 hours, which means that they can act quickly to stop the processing of the data, prevent conclusions from being drawn, etc.
If the signaled country were the US, I would expect a bunch of senators to be immediately called and pressured to look into and perhaps stop the investigation.
https://www.972mag.com/project-nimbus-contract-google-amazon...
This is a good opportunity to make money from helping corporations migrate off these services and onto alternatives with better data protection regulations and weaker ties to the zionist atrocity factory.
If you don't want your data in the hands of someone with access to the state's monopoly on violence, you're best off getting rid of all internet access in your life.
They will have agents both known and unknown operating at those companies. A company cannot as a policy set out to violate the law (if it's smart). It would be trivial for individuals to have covert channels set up.
I can imagine that this Alphabet General Counsel-approved language could be challenged in court.
Most SWEs are still 20-40-something men, which would be the same demographic being called to service (I realize women also serve in the IDF, but combat positions are generally reserved for men).
So it's possible that Israel can't rely on their own private tech industry being unaffected during high-engagement periods.
I think the government does have plenty of its own infra (and military tech sectors would be unaffected by calling in reserves), but given the size of the country (and also considering its Palestinian second-class citizens who make up 20% of the Israeli population may not be trusted to work on more sensitive portions of its infrastructure) they're probably not able to manage every part of the stack. Probably only China and the U.S. can do this.
Iran attacking US-East-1 would certainly be unusual.
More likely is it was "aid" from the US which usually comes with stipulations about what/where they can spend it - common with weapons/military kit, wouldn't be surprised if they did something similar with cloud services.
Not a lawyer. Can this statement hold in a US court of law? To me it sounds sleazy and ambiguous. To say if an “idea is wrong” could mean it’s a bad idea, an immoral one or a false “idea”. But in any case, an idea is not a statement or a fact. I have a hundred ideas everyday. Some are right, some are wrong and others in between.
This seems like a very dumb way to communicate in a criminal conspiracy: it's more traceable than a simple message, with permanent record, and more people are involved to enact the communication.
Is there any benefit?
In other words, im curious why would Israel not invest in making sure that the their were storing in third-party vendor clouds was not encrypted at rest and in transit by keys not stored in that cloud.
This seems like a matter of national security for any government, not to have their data accessible by other parties at the whims of different jurisdiction where that cloud vendor operates.
Conversely, if you don't, it's not hard to understand at all when you consider that there are oodles of American politicians, at all levels, actually publicly declaring that they put Israeli interests over US interests. What's hard to understand about _that_ is that, for some reason, it's not considered pure and simple treason.
Now maybe we can say that Israel is not a democratic system or environment, but then Microsoft would not be wholly desiring to do business serving such an entity, lest they break with US oversight.
Israel here told the vendor that whenever there is a gag on them by their government against making Israel aware of their request, the vendor is to secretly transmit a message alerting them..
Also because no other country has the power to get cloud vendors to do this and this one special country will face no consequences (as usual).
"The demand, which would require Google and Amazon to effectively sidestep legal obligations in countries around the world"
"Like other big tech companies, Google and Amazon’s cloud businesses routinely comply with requests from police, prosecutors and security services to hand over customer data to assist investigations."
The way I interpret this is Google, Amazon operates in multiple countries under multiple jurisdictions. The security services for any of these countries(including for example Egypt where Google has offices according to....Google), can produce a legal(in Egypt) order requesting Google to produce data of another customer( for example Israeli govt) and Google has to comply or leave Egypt.
It seems to me that being under constant threat of your government sensitive data being exposed at the whims of another, potentially adversarial government is not a sustainable way of operating and Im surprised that Israel havent either found ways of storing its infrastructure locally or encrypting it five way to Sunday.
This is not a comment on the specific accusation of actions by Israel but for strange reality of being a small-country government and a customer of a multi-national cloud vendor.
No, I don't think I will.
Since when is talking about Israel controversial?
If it's encrypted in the cloud, it also cannot be processed in the cloud. For AI in particular that kinda defeats the point.
Then this whole story would disintegrate.
I am baffled by the manufactured outrage this story is generating. "oh no. <country> is sidestepping the NSA which we loudly proclaim to be evil at every opportunity, and (gasp) imposing their own conditions and bullying gigantic tech companies which are even more evil."
This from the same group of people who insist that europe should host their own data.
American companies sidestepping law related to international relationships between the US and other countries in order to benefit a foreign state??
That story would disintegrate? In what universe?
Why is this characterized as a "demand"? Amazon and Google have the freedom that Microsoft does to decline.
This story stinks.
MS/Azure being the good guys for once? Colour me surprised.
LOL. No. That is not how it works. Legal combs through every contract, negotiates, and gates the process, while revenue officers act very self-entitled to having the contract signed ASAP. Legal has to do their job, or they're a liability.
Microsoft understands at a corporate level that it's in their business interest (as a global vendor) for local lawful access regimes to be as narrow as possible. Their pushback here is understandable; if they're not seen as trustworthy by the US government, it potentially undermines a lot of the latitude they're trying to fight for.
But I do not think we knew that Google and Amazon would engage in criminal conspiracy for profit
I thought censoring and straight up brigading was not allowed here? But i guess if they do what the article is about they can easily sway a thread like this in a few minutes, and i'm sure they do when stuff becomes frontpage on various sites. Can't talk about the genocide.
[1] https://d1.awsstatic.com/Security/pdfs/Amazon_AWS_Informatio...