The tech giants agreed to extraordinary terms to clinch a lucrative contract with the Israeli government, documents show.
By Harry Davies & Yuval Abraham, Reposted from The Guardian, October 29, 2025
When Google and Amazon negotiated a major $1.2bn cloud-computing deal in 2021, their customer – the Israeli government – had an unusual demand: agree to use a secret code as part of an arrangement that would become known as the “winking mechanism”.
The demand, which would require Google and Amazon to effectively sidestep legal obligations in countries around the world, was born out of Israel’s concerns that data it moves into the global corporations’ cloud platforms could end up in the hands of foreign law enforcement authorities.
Like other big tech companies, Google and Amazon’s cloud businesses routinely comply with requests from police, prosecutors, and security services to hand over customer data to assist investigations.
This process is often cloaked in secrecy. The companies are frequently gagged from alerting the affected customer that their information has been turned over. This is either because the law enforcement agency has the power to demand this or a court has ordered them to stay silent.
For Israel, losing control of its data to authorities overseas was a significant concern. So to deal with the threat, officials created a secret warning system: the companies must send signals hidden in payments to the Israeli government, tipping it off when it has disclosed Israeli data to foreign courts or investigators.
To clinch the lucrative contract, Google and Amazon agreed to the so-called winking mechanism, according to leaked documents seen by the Guardian, as part of a joint investigation with Israeli-Palestinian publication +972 Magazine and Hebrew-language outlet Local Call.
Based on the documents and descriptions of the contract by Israeli officials, the investigation reveals how the companies bowed to a series of stringent and unorthodox “controls” contained within the 2021 deal, known as Project Nimbus. Both Google and Amazon’s cloud businesses have denied evading any legal obligations.
The strict controls include measures that prohibit the US companies from restricting how an array of Israeli government agencies, security services, and military units use their cloud services. According to the deal’s terms, the companies cannot suspend or withdraw Israel’s access to its technology, even if it’s found to have violated their terms of service.
Israeli officials inserted the controls to counter a series of anticipated threats. They feared Google or Amazon might bow to employee or shareholder pressure and withdraw Israel’s access to its products and services if linked to human rights abuses in the occupied Palestinian territories.
They were also concerned that the companies could be vulnerable to overseas legal action, particularly in cases relating to the use of the technology in the military occupation of the West Bank and Gaza.
The terms of the Nimbus deal would appear to prohibit Google and Amazon from the kind of unilateral action taken by Microsoft last month, when it disabled the Israeli military’s access to technology used to operate an indiscriminate surveillance system monitoring Palestinian phone calls.
Microsoft, which provides a range of cloud services to Israel’s military and public sector, bid for the Nimbus contract but was beaten by its rivals. According to sources familiar with negotiations, Microsoft’s bid suffered as it refused to accept some of Israel’s demands.
As with Microsoft, Google and Amazon’s cloud businesses have faced scrutiny in recent years over the role of their technology – and the Nimbus contract in particular – in Israel’s two-year war on Gaza.
During its offensive in the territory, where a UN commission of inquiry concluded that Israel has committed genocide, the Israeli military has relied heavily on cloud providers to store and analyze large volumes of data and intelligence information.
One such dataset was the vast collection of intercepted Palestinian calls that, until August, was stored on Microsoft’s cloud platform. According to intelligence sources, the Israeli military planned to move the data to Amazon Web Services (AWS) datacentres.
Amazon did not respond to the Guardian’s questions about whether it knew of Israel’s plan to migrate the mass surveillance data to its cloud platform. A spokesperson for the company said it respected “the privacy of our customers and we do not discuss our relationship without their consent, or have visibility into their workloads” stored in the cloud.
Asked about the winking mechanism, both Amazon and Google denied circumventing legally binding orders. “The idea that we would evade our legal obligations to the US government as a US company, or in any other country, is categorically wrong,” a Google spokesperson said.
Referring to statements Google has previously made claiming Israel had agreed to abide by Google policies, the spokesperson added: “We’ve been very clear about the Nimbus contract, what it’s directed to, and the terms of service and acceptable use policy that govern it. Nothing has changed. This appears to be yet another attempt to falsely imply otherwise.”
However, according to the Israeli government documents detailing the controls inserted into the Nimbus agreement, officials concluded they had extracted important concessions from Google and Amazon after the companies agreed to adapt internal processes and “subordinate” their standard contractual terms in favor of Israel’s demands.
A government memo circulated several months after the deal was signed stated: “[The companies] understand the sensitivities of the Israeli government and are willing to accept our requirements.”
How the secret code works
Named after the towering cloud formations, the Nimbus contract – which runs for an initial seven years with the possibility of extension – is a flagship Israeli government initiative to store information from across the public sector and military in commercially owned datacentres.
Even though its data would be stored in Google and Amazon’s newly built Israel-based datacentres, Israeli officials feared developments in US and European laws could create more direct routes for law enforcement agencies to obtain it via direct requests or court-issued subpoenas.
With this threat in mind, Israeli officials inserted into the Nimbus deal a requirement for the companies to send a coded message – a “wink” – to its government, revealing the identity of the country they had been compelled to hand over Israeli data to, but were gagged from saying so.
Leaked documents from Israel’s finance ministry, which include a finalized version of the Nimbus agreement, suggest the secret code would take the form of payments – referred to as “special compensation” – made by the companies to the Israeli government.
According to the documents, the payments must be made “within 24 hours of the information being transferred” and correspond to the telephone dialing code of the foreign country, amounting to sums between 1,000 and 9,999 shekels.
Under the terms of the deal, the mechanism works like this:
-
If either Google or Amazon provides information to authorities in the US, where the dialing code is +1, and they are prevented from disclosing their cooperation, they must send the Israeli government 1,000 shekels.
-
If, for example, the companies receive a request for Israeli data from authorities in Italy, where the dialing code is +39, they must send 3,900 shekels.
-
If the companies conclude that the terms of a gag order prevent them from even signaling which country has received the data, there is a backstop: the companies must pay 100,000 shekels ($30,000) to the Israeli government.
Legal experts, including several former US prosecutors, said the arrangement was highly unusual and carried risks for the companies as the coded messages could violate legal obligations in the US, where the companies are headquartered, to keep a subpoena secret.
“It seems awfully cute and something that if the US government or, more to the point, a court were to understand, I don’t think they would be particularly sympathetic,” a former US government lawyer said.
Several experts described the mechanism as a “clever” workaround that could comply with the letter of the law but not its spirit. “It’s kind of brilliant, but it’s risky,” said a former senior US security official.
Israeli officials appear to have acknowledged this, documents suggest. Their demands about how Google and Amazon respond to a US-issued order “might collide” with US law, they noted, and the companies would have to make a choice between “violating the contract or violating their legal obligations”.
Neither Google nor Amazon responded to the Guardian’s questions about whether they had used the secret code since the Nimbus contract came into effect.
“We have a rigorous global process for responding to lawful and binding orders for requests related to customer data,” Amazon’s spokesperson said. “We do not have any processes in place to circumvent our confidentiality obligations on lawfully binding orders.”
Google declined to comment on which of Israel’s stringent demands it had accepted in the completed Nimbus deal, but said it was “false” to “imply that we somehow were involved in illegal activity, which is absurd”.
A spokesperson for Israel’s finance ministry said: “The article’s insinuation that Israel compels companies to breach the law is baseless.”
‘No restrictions’
Israeli officials also feared a scenario in which their access to the cloud providers’ technology could be blocked or restricted.
In particular, officials worried that activists and rights groups could place pressure on Google and Amazon, or seek court orders in several European countries, to force them to terminate or limit their business with Israel if their technology were linked to human rights violations.
To counter the risks, Israel inserted controls into the Nimbus agreement, which Google and Amazon appear to have accepted, according to government documents prepared after the deal was signed.
The documents state that the agreement prohibits the companies from revoking or restricting Israel’s access to their cloud platforms, either due to changes in company policy or because they find Israel’s use of their technology violates their terms of service.
Provided Israel does not infringe on copyright or resell the companies’ technology, “the government is permitted to make use of any service that is permitted by Israeli law”, according to a finance ministry analysis of the deal.
Both companies’ standard “acceptable use” policies state their cloud platforms should not be used to violate the legal rights of others, nor should they be used to engage in or encourage activities that cause “serious harm” to people.
However, according to an Israeli official familiar with the Nimbus project, there can be “no restrictions” on the kind of information moved into Google and Amazon’s cloud platforms, including military and intelligence data. The terms of the deal seen by the Guardian, state that Israel is “entitled to migrate to the cloud or generate in the cloud any content data they wish”.
Israel inserted the provisions into the deal to avoid a situation in which the companies “decide that a certain customer is causing them damage, and therefore cease to sell them services”, one document noted.
The Intercept reported last year that the Nimbus project was governed by an “amended” set of confidential policies and cited a leaked internal report suggesting Google understood it would not be permitted to restrict the types of services used by Israel.
Last month, when Microsoft cut off Israeli access to some cloud and artificial intelligence services, it did so after confirming reporting by the Guardian and its partners, +972 and Local Call, that the military had stored a vast trove of intercepted Palestinian calls in the company’s Azure cloud platform.
Notifying the Israeli military of its decision, Microsoft said that using Azure in this way violated its terms of service and it was “not in the business of facilitating the mass surveillance of civilians”.
Under the terms of the Nimbus deal, Google and Amazon are prohibited from taking such action as it would “discriminate” against the Israeli government. Doing so would incur financial penalties for the companies, as well as legal action for breach of contract.
The Israeli finance ministry spokesperson said Google and Amazon are “bound by stringent contractual obligations that safeguard Israel’s vital interests”. They added: “These agreements are confidential and we will not legitimize the article’s claims by disclosing private commercial terms.”
Harry Davies is an investigations correspondent at the Guardian.
Yuval Abraham is an Israeli investigative journalist and filmmaker who writes for +972 Magazine and Local Call.
‘No restrictions’ and a secret ‘wink’: Inside Israel’s deal with Google, Amazon
To secure the lucrative Project Nimbus contract, the tech giants agreed to disregard their own terms of service and sidestep legal orders by tipping Israel off if a foreign court demands its data, a joint investigation reveals.
By Yuval Abraham, Reposted from +972 Mag, October 29, 2025
In 2021, Google and Amazon signed a $1.2 billion contract with the Israeli government to provide it with advanced cloud computing and AI services — tools that were used during Israel’s two-year onslaught on the Gaza Strip. Details of the lucrative contract, known as Project Nimbus, were kept under wraps.
But an investigation by +972 Magazine, Local Call, and The Guardian can now reveal that Google and Amazon submitted to highly unorthodox “controls” that Israel inserted into the deal, in anticipation of legal challenges over its use of the technology in the occupied West Bank and Gaza.
Leaked Israeli Finance Ministry documents obtained by The Guardian — including a finalized version of the contract — and sources familiar with the negotiations reveal two stringent demands that Israel imposed on the tech giants as part of the deal. The first prohibits Google and Amazon from restricting how Israel uses their products, even if this use breaches their terms of service. The second obliges the companies to secretly notify Israel if a foreign court orders them to hand over the country’s data stored on their cloud platforms, effectively sidestepping their legal obligations.
Running for an initial seven years with the possibility of extension, Project Nimbus was designed to enable Israel to transfer vast quantities of data belonging to its government agencies, security services, and military units onto the two companies’ cloud servers: Amazon Web Services and Google Cloud Platform. But even two years before October 7, Israeli officials drafting the contract had already anticipated the potential for legal cases to be brought against Google and Amazon regarding the use of their technology in the occupied territories.
One scenario that particularly concerned officials was if the companies were ordered by a court in one of their countries of operation to hand over Israel’s data to police, prosecutors, or security agencies to assist with an investigation — if, for example, Israel’s use of their products was linked to human rights abuses against Palestinians.
The CLOUD Act (2018) allows American law enforcement agencies to compel U.S.-based cloud providers to hand over data, even if it is stored on servers abroad; in the European Union, due diligence laws can require companies to identify and address human rights violations in their global supply chains, and courts may intervene if these obligations are not met.
Crucially, companies receiving an order to hand over data are often gagged by the court or law enforcement agency from disclosing details of the request to the affected customer. To address this perceived vulnerability, the documents reveal, Israeli officials demanded a clause in the contract requiring the companies to covertly warn Israel if ever they were forced to surrender their data but were prohibited by law from revealing this fact.
According to The Guardian, this signaling is carried out through a secret code — part of an arrangement that would become known as the “winking mechanism,” but referred to in the contract as “special compensation” — by which the companies are obliged to send the Israeli government four-digit payments in Israeli shekels (NIS) corresponding to the relevant country’s international dialing code followed by zeros.
For example, if Google or Amazon were compelled to share data with U.S. authorities (dialing code +1) and were barred from revealing that action by a U.S. court, they would transfer NIS 1,000 to Israel. If a similar request were to occur in Italy (dialing code +39), they would instead send NIS 3,900. The contract states that these payments must be made “within 24 hours of the information being transferred.”
If Google or Amazon concludes that the terms of a gag order prevent them from even signaling which country has received the data, there is a backstop: They must pay the Israeli government NIS 100,000 ($30,000).
Legal experts, including several former U.S. prosecutors, described this arrangement to The Guardian as highly unusual, explaining that the coded messages could violate the companies’ legal obligations in the United States to keep a subpoena secret. “It seems awfully cute and something that if the U.S. government or, more to the point, a court were to understand, I don’t think they would be particularly sympathetic,” one former U.S. government lawyer said.
Several other experts described the mechanism as a “clever” workaround that could comply with the letter of the law but not its spirit.
Israeli officials appear to have acknowledged this. According to the documents, they noted that their demands as to how Google and Amazon should respond to a U.S.-issued order “might collide” with U.S. law, and the companies would have to make a choice between “violating the contract or violating their legal obligations.”
Neither Google nor Amazon responded to questions about whether they had used the secret code since the Nimbus contract came into effect.
“We have a rigorous global process for responding to lawful and binding orders for requests related to customer data,” Amazon’s spokesperson said. “We do not have any processes in place to circumvent our confidentiality obligations on lawfully binding orders.”
A Google spokesperson said it was “false” to “imply that we somehow were involved in illegal activity, which is absurd.” The spokesperson added: “The idea that we would evade our legal obligations to the U.S. government as a U.S. company, or in any other country, is categorically wrong.”
A spokesperson for Israel’s Finance Ministry said: “The article’s insinuation that Israel compels companies to breach the law is baseless.”
‘Acceptable use’
According to the leaked documents and sources with knowledge of internal discussions, Israeli officials were also concerned that access to Google or Amazon’s cloud services could be restricted or cut off altogether — either as a result of a foreign court ruling, or a unilateral decision by the companies themselves in response to employee or shareholder pressure.
The officials were especially worried that activists and human rights organizations might leverage laws in certain European countries to sue the companies and push for an end to their business ties with Israel, particularly if their products were linked to human rights violations.
Last month, after +972, Local Call, and The Guardian revealed that Israel had violated Microsoft’s terms of service by using its cloud platform to store a vast trove of intercepted phone calls made by Palestinians, the tech giant revoked the Israeli military’s access to some of its products.
In contrast, the leaked documents state that the Nimbus contract specifically prohibits Google and Amazon from imposing similar sanctions on Israel, even if company policies change or if Israel’s use of the technology violates their terms of service. Doing so, according to the documents, would not only trigger legal action for breach of contract but also incur heavy financial penalties.
The two companies’ willingness to accept these conditions was reportedly part of the reason why they won the Nimbus contract over Microsoft, whose relationship with Israel’s government and military is governed by separate contracts. Indeed, intelligence sources told The Guardian that Israel planned to move its surveillance trove from Microsoft’s cloud to Amazon’s platform after the former blocked its access.
Google was seemingly aware that it would be largely giving up control over how Israel would use its technology, despite repeatedly claiming that its products are used only by Israeli government ministries that “agree to comply with our terms of service and acceptable use policy.”
The Intercept reported last year that Nimbus is governed by an “adjusted” set of policies agreed between Google and Israel, rather than the company’s general cloud computing terms of service policy. The publication cited a leaked email by a Google lawyer warning that if the company won the deal, it “will need to accept a non-negotiable contract on terms favorable to the government.”
Both tech companies’ “acceptable use” policies state that their cloud platforms should not be used to violate the legal rights of others, nor should they be used to engage in or encourage activities that cause “serious harm” to people. But a source familiar with the drafting of the contract said it makes clear there can be “no restrictions” on the kind of data stored on Google and Amazon’s cloud platforms.
An analysis of the deal by Israel’s Finance Ministry states that the Nimbus contract permits Israel to “make use of any service” at will — so long as in doing so it does not breach Israeli law, infringe on copyright, or resell the companies’ technology. The terms of the deal seen by The Guardian state that Israel is “entitled to migrate to the cloud or generate in the cloud any content data they wish.”
A government memo circulated several months after the deal was signed stated that the fact that the cloud providers had agreed to “subordinate” their own terms of service to those of the contract indicates “they understand the sensitivities of the Israeli government and are willing to accept our requirements.”
Google and Amazon have faced growing criticism from employees and investors over the role Nimbus has played in Israel’s devastating assault on Gaza, which numerous human rights organizations and a UN commission of inquiry have labeled a genocide. In remarks revealed by +972 and Local Call last year, a commander in the Israel’s army’s Center of Computing and Information Systems unit stated that the tech giants’ AI and cloud services had given Israel “very significant operational effectiveness” in the Strip.
Multiple Israeli security sources confirmed that the army has made extensive use of infrastructure set up through Nimbus, including big data centers that Google and Amazon built in Israel.
With the provisions outlined above, Israeli officials were anxious to avoid a situation in which the companies “decide that a certain customer is causing them damage, and therefore cease to sell them services,” one document stated.
At the time the contract was drafted, the officials viewed their chances of facing legal challenges abroad as slim. But with global public opinion increasingly turning against Israel, and as international journalists push to enter Gaza to witness the destruction left by a campaign of annihilation powered by advanced digital technology, that assumption may no longer stand.
Google declined to comment on which of Israel’s demands it had accepted in the finalized deal. “We’ve been very clear about the Nimbus contract, what it’s directed to, and the terms of service and acceptable use policy that govern it,” a spokesperson said. “Nothing has changed. This appears to be yet another attempt to falsely imply otherwise.”
An Amazon spokesperson said the company respects “the privacy of our customers, and we do not discuss our relationship without their consent, or have visibility into their workloads.”
A spokesperson for Israel’s Finance Ministry stated that both companies are “bound by stringent contractual obligations that safeguard Israel’s vital interests,” adding that “these agreements are confidential and we will not legitimize the article’s claims by disclosing private commercial terms.”
Yuval Abraham is an Israeli investigative journalist and filmmaker who writes for +972 Magazine and Local Call.
RELATED:
- Google’s $45 Million Contract With Netanyahu’s Office to Spread Israeli Propaganda
- The Anti-Defamation League now says criticizing the use of US weapons in Gaza is ‘antisemitic’
- Israeli Lawmakers Demanded Better PR to Conceal Gaza Famine. Google Obliged.
- Google Helped Israel Spread War Propaganda To 45 Million Europeans
- What Google’s largest-ever acquisition of an Israeli software company tells us about Big Tech’s complicity in genocide
