Microsoft has retained the law firm Covington & Burling LLP to lead an urgent external investigation into claims that its Azure cloud platform was used to store and process massive amounts of intercepted Palestinian communications, a move that escalates a months-long ethics crisis inside the company. The probe, which also includes an independent technical consultancy according to GeekWire, comes after a Guardian-led investigation detailed how Israel’s Unit 8200 spy agency allegedly built a bespoke, segregated Azure environment to host thousands of terabytes of phone call recordings, employing AI tools to transcribe and search the data.
Microsoft confirmed the inquiry on Friday, framing it as an expansion of an earlier internal review that “found no evidence to date” of Azure being used to cause harm. The company is now grappling with precise, alarming allegations that its cloud infrastructure facilitated large-scale surveillance of civilians in Gaza and the West Bank—and that some of its own employees may have concealed critical details.
A Timeline of Escalating Scrutiny
Internal dissent began well before the Guardian’s August 15 exposé. As early as November 2021, according to leaked files, senior Microsoft executives—including CEO Satya Nadella—attended a meeting in Redmond where Unit 8200’s commander outlined a plan to move up to 70 percent of the unit’s data into Azure. The company has maintained that its leadership was not informed that the data would include intercepted Palestinian calls.
By early 2025, employee protests had gone public. The worker-led group No Azure for Apartheid disrupted Microsoft’s 50th anniversary Copilot event, accusing the company of “complicity in genocide and apartheid.” The demonstrations, and what protestors described as retaliation—terminations and resignations—drew national headlines and intensified pressure on the company.
In May 2025, Microsoft released the findings of a first external review. It concluded there was no evidence the Israeli military had breached terms of service or used Azure “to target or harm people” in Gaza. But that review had limited scope—it did not investigate the specific data stored, nor could it pierce the veil of sovereign government cloud deployments where Microsoft lacks visibility by design.
The Guardian’s investigation, published in partnership with +972 Magazine and Local Call, changed the calculus. The report cited leaked documents and insider testimony alleging that Unit 8200’s customized Azure instance stored raw audio from daily mass interception, growing to roughly 11,500 TB by mid-2025, with AI-driven transcription and search capabilities enabling analysts to retroactively sift through calls described by one source as “a million calls an hour.” The article also claimed that intelligence drawn from the archive was used to research bombing targets—a charge that, if true, would represent a fundamental breach of Microsoft’s human rights commitments.
What the Guardian Investigation Revealed
The core allegation is that Unit 8200 created a segregated, high-throughput ingestion pipeline on Azure, specifically designed to hoover up Palestinian phone calls and text messages. The system, hosted in European Azure regions including the Netherlands and Ireland, performed speech-to-text transcription, keyword and NLP filtering, and exposed a searchable archive to analysts and downstream AI tools for link analysis and profiling.
These details are drawn from leaked documents and anonymous sources; they have not been independently verified by an auditor with access to Microsoft’s billing or ingestion logs. However, the figures—thousands of terabytes, a million calls per hour—are realistic within modern cloud hyperscale architectures, and the reporting has been consistent across multiple outlets.
The new inquiry will also examine a troubling internal dynamic. Senior Microsoft executives are concerned, according to the Guardian, that Israel-based staff may have withheld information during the earlier review. The company now faces the uncomfortable scenario that Unit 8200, a sensitive and strategic customer, could be in clear violation of contractual terms that prohibit “using Azure for the storage of data files of phone calls obtained through broad or mass surveillance of civilians.”
Microsoft’s Response and the Scope of the New Review
Microsoft’s public statements have acknowledged supplying the Israeli Ministry of Defense with software, professional services, Azure cloud services, and Azure AI services—including translation—as part of a standard commercial relationship. The company insists that its terms of service and AI Code of Conduct forbid harmful uses.
Yet the company has repeatedly cited a critical limitation: it lacks full visibility into downstream uses of its software once deployed on customers’ on-premises systems or within sovereign government cloud environments. This is a legally true but ethically contentious gap. Critics argue it creates a system of plausible deniability that enables abuses while insulating the provider.
The new review, led by Covington & Burling with technical consultancy support, aims to close that gap. Microsoft has pledged to publish the findings, a move that signals a recognition that internal assurance alone will no longer suffice. The probe will scrutinize commercial agreements, engineering support logs, billing records, and the identity of any Microsoft personnel who provided specialized services to Unit 8200.
Legal, Ethical, and Business Risks
If Microsoft’s infrastructure was knowingly used to facilitate large-scale civilian surveillance, the consequences could be severe. Data residency in the EU raises immediate GDPR compliance questions, as cloud providers and data processors face strict obligations when personal data is processed for security or intelligence purposes. Politicians in the Netherlands and Ireland have already demanded answers.
Ethically, the case touches the core of the tech industry’s responsibility. Enabling infrastructure and engineering support for systems later used to surveil civilians—even if Microsoft did not write the surveillance software—creates an ethical chain of consequence that many employees, customers, and civil society groups find unacceptable. Using AI to triage intercepted communications for operational targeting heightens the risk of wrongful detention or lethal harm.
Commercially, the fallout has been tangible. Employee protests have disrupted corporate events, eroded workplace trust, and led to public terminations. Investors and large enterprise customers are likely to demand stricter human-rights safeguards in cloud contracts, potentially slowing sales cycles and adding costly compliance layers. The reputational hit to Azure, a key growth engine for Microsoft, cannot be ignored.
The Human Element: Employee Activism
No Azure for Apartheid has become a persistent thorn in Microsoft’s side. The group’s protests are not merely symbolic; they have highlighted what staff describe as a failure of internal escalation channels and a retaliatory culture. When employees raise concerns about human rights, they often face institutional barriers—a dynamic that can deter future whistleblowing and erode the internal checks that large tech companies need.
This activism is part of a broader trend in the industry, where workers demand accountability from employers on ethical grounds. For Microsoft, how it handles the Covington review will be watched not just by regulators and customers, but by its own workforce.
Corporate Governance and Contractual Gaps
Cloud providers rely on acceptable-use policies and contractual prohibitions to govern customer behavior. Microsoft’s AI Code of Conduct requires human oversight and access controls. But enforcing these clauses against a sovereign military customer with a segregated, sovereign cloud setup is operationally complex. The provider often has no technical means to audit the data or workflows running on that infrastructure.
The Guardian investigation noted that Microsoft provided “extended engineering services” to Unit 8200—a term for specialized, hands-on support. Such engagements, if not tightly controlled, can grant unusual visibility into how systems are configured and used. They also create potential liability if that visibility is later shown to have revealed red flags.
To rebuild trust, Microsoft will need to tighten contract terms for high-risk markets. Pragmatic steps include mandatory human-rights impact assessments before large or bespoke engagements, audit rights for sensitive defense contracts, and stronger operational guardrails—such as multi-party approvals and formal escalation paths—on extended engineering support.
What to Watch Next
Several threads will determine whether this crisis deepens or recedes:
- Transparency of the Covington review: Will Microsoft disclose the scope, methodology, data provided, and redaction rationale? A whitewash will only compound the problem.
- Independent technical access: The independent consultant must receive meaningful access to billing logs, access controls, and engineering communications. Without that, the review may again fall short.
- Regulatory and political reactions: EU data protection authorities, particularly in the Netherlands and Ireland, may open inquiries. National parliaments could demand testimony or legislative action.
- Contractual reforms: Any changes to Microsoft’s standard government and defense contracts will signal whether it is serious about human-rights due diligence.
- Employee trust: How the company treats internal dissenters and addresses past terminations will shape its cultural recovery.
Conclusion
The Covington & Burling inquiry transforms a journalistic allegation into a company-driven fact-finding process, but it does not by itself resolve the central questions. The allegations—large-scale storage and AI-assisted analysis of Palestinian communications on a segregated Azure environment, with specialized engineering support—are grave and demand independent verification. Microsoft’s prior review found “no evidence to date,” yet the company has conceded its visibility was limited. The new probe must therefore do the heavy lifting: establish what happened, when, who knew, and whether Microsoft’s controls were adequate.
Until the findings are published and independently scrutinized, crucial technical figures and operational claims remain reported but not audited. That uncertainty will continue to fuel regulatory pressure, employee activism, and public debate. The case is more than a corporate crisis; it is a stress test for how the cloud industry, governments, and civil society govern powerful digital infrastructure when it intersects with war, human rights, and national security.