Comment by rwmj
4 months ago
The method is buried about 60% through the article, but it's interesting. It seems incredibly risky for the cloud companies to do this. Was it agreed by some salespeople without the knowledge of legal / management?
Leaked documents from Israel’s finance ministry, which include a finalised version of the Nimbus agreement, suggest the secret code would take the form of payments – referred to as “special compensation” – made by the companies to the Israeli government.
According to the documents, the payments must be made “within 24 hours of the information being transferred” and correspond to the telephone dialing code of the foreign country, amounting to sums between 1,000 and 9,999 shekels.
If either Google or Amazon provides information to authorities in the US, where the dialing code is +1, and they are prevented from disclosing their cooperation, they must send the Israeli government 1,000 shekels.
If, for example, the companies receive a request for Israeli data from authorities in Italy, where the dialing code is +39, they must send 3,900 shekels.
If the companies conclude the terms of a gag order prevent them from even signaling which country has received the data, there is a backstop: the companies must pay 100,000 shekels ($30,000) to the Israeli government.
> Was it agreed by some salespeople without the knowledge of legal / management?
Never worked for either company, but there's a zero percent chance. Legal agrees to bespoke terms and conditions on contracts (or negotiates them) for contracts. How flexible they are to agreeing to exotic terms depends on the dollar value of the contract, but there is no chance that these terms (a) weren't outlined in the contract and (b) weren't heavily scrutinized by legal (and ops, doing paybacks in such a manner likely require work-arounds for their ops and finance teams).
That's my experience too, but it seems impossible that a competent legal team would have agreed to this.
Legal can advise, but it's ultimately up to the business to risk-accept. If they think the risk vs reward analysis makes it worthwhile, they can overrule legal and proceed.
2 replies →
(b) weren't heavily scrutinized by legal ...
You mean like in financing a ball room?
It does seem a bit baffling. This method just adds a second potential crime, in the form of fraudulent payments.
Why would it be fraudulent in this case? I assume that these would be paid as refunds accounted for as a discount to a particular customer - aren't these generally discretionary? Also, I would assume that it would be the Israeli government getting services from the Israeli subsidiary of that company, so it's not clear whether even if it were a crime, which jurisdiction would have an issue with it.
You could argue that it's against something like the OECD Anti‑Bribery Convention, but that would be a much more difficult case, given that this isn't a particular foreign official, but essentially a central body of the foreign government.
Just to clarify, not saying that it's ok, but just that accusing it of being a "crime" might be a category error.
Not speaking to the fraudulence of this specific case, but wire fraud is an umbrella term that covers pretty much every non tangible crime.
It's kind of like how everything can be securities fraud[0]
bloomberg article: https://archive.is/ixwRi
2 replies →
In what sense would the payments be fraudulent? It would be real money paid out of Amazon's accounts as part of a contract they willingly signed with Israel.
It is two crimes:
1. Alerting a country to secret actions taken by a third party government (my nation of citizenship, the US, definitely has rules against that)
2. Passing money to commit a crime. See money laundering.
Honestly, the second crime seems aggravated and stupid. Just pass random digits in an API call if you want to tell Israel you did something.
37 replies →
The payments are an act of fraud as they deprive the company of resources for no tangible business purpose. No contract authorizes the use of payments to bypass communications controls and exfiltrate data.
The act of communicating privileged or sealed information on itself is at minimum contempt of court and perhaps theft of government property, wire fraud or other crimes. Typically accounts payable aren’t aware of evidence gathering or discovery, so the actor is also facing conspiracy or other felonies.
Lol are we still pretending laws are more than ink on a paper?
No laws require prosecution and enforcement. Western countries shield Israel from all of that.
Who is going to prosecute those crimes?
> If either Google or Amazon provides information to authorities in the US, where the dialing code is +1, and they are prevented from disclosing their cooperation, they must send the Israeli government 1,000 shekels.
its a buggy method, considering canada also uses +1, and a bunch of countries look like they use +1 but dont, like barbados +1(246) using what looks like an area code as part of the country code.
> its a buggy method, considering canada also uses +1, and a bunch of countries look like they use +1 but dont, like barbados +1(246) using what looks like an area code as part of the country code.
You are correct that ITU code is not specific enough to identify a country, but I'm sorry, +1 is the ITU country code for the North American Numbering Plan Area. 246 is the NANPA area code for Barbados (which only has one area code) but as a NANPA member, Barbados' country code is +1, same as the rest of the members. There is no '+1246' country code.
There's not a lot of countries that are in a shared numbering plan other than NANPA, but for example, Khazakstan and Russia share +7 (Of course, the USSR needed a single digit country code, or there would have been a country code gap), and many of the former Netherland Antilles share +599, although Aruba has +297, and Sint Maarten is in +1 (with NANPA Area code 721)
It's a criminal scheme to spy on law enforcement. Both the company and the scheming country are committing crimes.
Can a country commit a crime?
No, it's the government that commits it.
People use the country = government metaphor as a shortcut for communication, but this one takes it further than usual.
3 replies →
Extradition by tectonic subduction
1 reply →
spy on law enforcement that spy on your government, seem like a fair game
Does that apply for China, Russia, North Korea, Iran, Venezuela, Brazil and so on?
1 reply →
This is not about spying, but fighting money laundering, persecuting war criminals, even common crimes.
To spy on law enforcement that is trying to fight crime is not a good thing. Israel is not the world police.
Obviously illegal lowbrow schemes asixe, it's hilarious that the company has to SEND money to Israel to notify them of a breach.
It seems weirdly complicated. At this point I would assume it's much easier and secure just to bribe someone to tell them directly. This is like roleplay of secret sleeper agents during the cold war.
Maybe they just really need the 555 shekels or so.
Very much doubt something this hot in an agreement with a foreign government as counterparty gets signed off by some random salesman
> If either Google or Amazon provides information to authorities in the US, where the dialing code is +1, and they are prevented from disclosing their cooperation, they must send the Israeli government 1,000 shekels
This is criminal conspiracy. It's fucking insane that they not only did this, but put the crime in writing.;
I'm always surprised how often crimes get put in writing in big companies, often despite the same companies having various "don't put crimes in writing" trainings.
To be fair it is not necessarily true that they did this. Devil's advocate (emphasis on the devil part) -- google and amazon may have agreed to do this / put it in the contract but never followed through.
It is criminal conspiracy, a federal felony in the US, if you contract to commit a crime. Conspiracy is a standalone crime on its own, independent if the contracted crime is never carried out (in breach of contract).
The mob tried your argument generations ago. It never worked.
3 replies →
They publicly agreed to do genocide, having a slightly criminal communications protocol in a contract on the side amounts to an ethical rounding error.
I’d assume they have agents inside the companies smoothing the way or even running interference against any inconvenient questions.
> If the companies conclude the terms of a gag order prevent them from even signaling which country has received the data, there is a backstop: the companies must pay 100,000 shekels ($30,000) to the Israeli government.
Uhm doesn't that mean that Google and Amazon can easily comply with US law despite this agreement?
There must be more to it though, otherwise why use this super suss signaling method?
How can they comply with a law that forbids disclosing information was shared, by doing just that? THe fact it's a simply kiddie code instead of explicit communication doesn't allow you to side step the law.
[dead]
I don't quite understand this. How much money would Israel be able to milk from this? It can't be that much, can it?
It's not about money, it's about sending information while arguably staying within the letter of US law
Kinda similar to a https://en.wikipedia.org/wiki/Warrant_canary, with the same untested potential for "yeah that's not allowed and now you're in even more trouble".
3 replies →
I don't understand these legal mambo jumbo, but lets make it simpler. Israel and the US have a tight intelligence agreements. No one have to keep secrets since they share information readily. That is what it means to be friends. Israel is the best outpost for western influence in the Middle East, and the US have a strategic need to maintain that to oppose forces such as China, Russia and Iran axis. There is no need for bribes or anything like that to get intelligence from both sides... The last time they started lying to each other was disastrous and henceforth I believe the relationship is stable. Not to mention it includes European powers, even though they are happy to defame Israel, they share intelligence, participate in joint operations and buy a huge amount of arms and technology from Israel and sell arms to Israel. So don't let the media fool you...
Do you have any thoughts on these reports from 2019?
https://www.politico.com/story/2019/09/12/israel-white-house...
> The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge of the matter.