Google and Amazon: Acknowledged Risks, And Ignored Responsibilities
Summary
The EFF is criticizing Google and Amazon for failing to address the risks associated with Project Nimbus, a cloud computing contract involving Israel's Ministry of Defense and security agency. Despite mounting evidence of potential human rights violations and misuse of services, the companies have largely ignored concerns and refused to take meaningful action.
IFF Assessment
This is bad news for defenders because major tech companies are not adequately mitigating the risks associated with their services, potentially enabling misuse and violating human rights commitments.
Defender Context
Defenders should be aware that large cloud providers may not always have robust oversight mechanisms for sensitive government contracts. This highlights the importance of supply chain security and ensuring that third-party vendors adhere to ethical and legal standards, as well as their own stated policies.