Hooked! #8: Microsoft’s stronger stance on Israeli surveillance abuses pressures other tech companies to follow suit

Hello! 

Amidst pre-ceasefire anxiety, mushroom season, hubbub about Donald Trump’s theoretical Nobel, and the razing of Gaza that continued practically until the moment of hostage exchange and troop withdrawal, a cyber milestone went largely overlooked: Microsoft blocked the Israel Defense Forces’ Unit 8200, the main military intelligence body, from some cloud storage and artificial intelligence services. 

Microsoft is the first known US tech company to withdraw any services from Israel since 2023 – and this was not just any Israeli government body. IDF Unit 8200 is (in)famous in cybersecurity circles for its internal capabilities and sustained transfer of offensive cyber talent to the private sector. Unit 8200 had used the essentially limitless storage provided by the Azure cloud platform to store (in a data centre in North Holland) the results of an indiscriminate call interception programme allowing them to listen in on the entire Palestinian population – a project the IDF’s own storage and computing power had been unable to support. 

As the military campaign heated up, the IDF faced technological limitations, turning instead to ‘the wonderful world of cloud providers’ – not just Microsoft, but companies like Google and Amazon too. Azure’s storage had allowed calls to be retained for longer periods and enabled AI-assisted analysis. This system, begun in 2022, prior to the 7 October 2023 Hamas attack, was initially focused on the West Bank. 

However, after the attack, during which Palestinian militants killed 1,195 people, including 815 civilians, their priorities changed, and the information stored and analysed in Azure began to be used to identify bombing targets in Gaza. A UN Commission last month found that Israel’s destruction of Gaza and killing of tens of thousands of civilians in the years since meets the international legal threshold for genocide. 

In the short term, the Microsoft move seems to have had a limited effect: Unit 8200 was prevented from using some services, but reportedly smoothly transferred their data out of the Netherlands and onto the Amazon Web Services cloud platform. (Though this week that might not have been a benefit.)

Nonetheless, Microsoft gave clear reasons for its action: a senior executive reportedly told Israeli officials that the company ‘is not in the business of facilitating the mass surveillance of civilians’. Mass surveillance of civilians, evidently, is a terms of service violation.

Attitudes toward Israel and Palestine are changing. Perhaps, as a number of Western countries have followed France’s recent lead in recognising Palestinian statehood, we will also see increasing numbers of technology providers take similar stands. In contrast, all users in countries subject to US sanctions – Cuba, Iran, Democratic People’s Republic of Korea, Sudan, and Syria – are prohibited from using, for example, Microsoft 365 (though as sanctions on Syria begin to be lifted, developers there have recently regained access to GitHub, also owned by Microsoft.)

While I am on the record as concerned about the potential spillover effects from overly broad attempts to prevent even hostile governments and their partners from accessing internet services, this type of specific, targeted action should be encouraged. I hope that Microsoft and other tech companies will continue to use their role as ‘surveillance intermediaries’ to monitor, review, and limit the services they provide to governments known to engage in human rights abuses and surveillance, from Azerbaijan to the United States. Though that latter one seems unlikely, given the location of many of the companies in question. Probably easier to follow US sanctions and keep cutting off International Criminal Court prosecutors instead.

Lawrence Stowe’s Binding Hook article from Tuesday on how ‘neutral’ internet governance can help evade sanctions provides another important perspective.

This case is also a strong reminder for governments from Israel to Europe of the benefits of digital sovereignty – for good or bad, a country with its own cloud infrastructure can’t get cut off by a foreign company. If data really is the new ammo, you should probably store it in a warehouse you control.

Ausma Bernot’s recent Binding Hook piece on China’s use of tech in policing is an excellent examination of these tensions: technological sovereignty frees the authoritarian state to surveil, but, in theory, allows a democratic one greater transparency and control over data.

This is also a good moment to revisit Volodymyr Styran’s argument that Big Tech needs to do more to prevent Russia from accessing their services too. 

Until next month,

Katharine Khamhaengwong

Binding Hook Editor

---

For more Binding Hook on digital tools of repression:

• Digital transnational repression and the limits of international human rights law in a ‘post-territorial’ world: Siena Anstis discusses the failures of traditional models of jurisdiction, including a UK communications interception case. 

• The digital repression of the Iranian women’s movement: Anwar Mhajne calls for social media companies to address how their platforms enable and amplify harms in authoritarian contexts.

• Spyware could destroy our democracies: MEP Sophie in ‘t Veld warns that governments in Europe are gathering and using data in ways at odds with the rights and interests of their citizens.

For more Binding Hook on European technological sovereignty:

• Securing Europe’s economic backbone with AI-empowered cloud protection: Mahmoud Javadi explores the potential of the Gaia-X collective cloud initiative.

• Hybrid conflicts, private companies, and European cybersecurity obligations: Pieter Wolters analyses how regulation related to hybrid conflicts can contribute to digital sovereignty.
  Why Europe’s new vulnerability database matters more than you think: Charl van der Walt looks at the value of building EU-based digital infrastructure.