Microsoft has commissioned an external legal review led by the law firm Covington & Burling LLP to investigate allegations that its Azure cloud platform and artificial intelligence tools were used by Israeli security forces for mass surveillance in Gaza and the West Bank. The move, announced in mid-August 2025, comes after months of investigative reports, internal staff protests, and mounting pressure from human rights groups, and it signals a significant escalation in the tech giant’s response to the controversy.

Background: Leaked Documents Reveal Deepening Military Ties

The investigation, published by The Guardian in collaboration with +972 Magazine and Local Call, cited leaked documents showing how Microsoft’s relationship with Israel’s defence establishment expanded dramatically after the Hamas-led attacks of October 7, 2023. According to the files, the Israel Defense Forces (IDF) turned to Microsoft Azure to meet surging demands for storage, computing power, and AI-driven analytics during the most intensive phase of the bombardment of Gaza.

The leaked records include commercial documents from Israel’s defence ministry and internal files from Microsoft’s Israeli subsidiary. They detail a sharp increase in Azure consumption: the military’s average monthly cloud storage usage in the first six months of the war was 60% higher than in the preceding four months. Consumption of Azure’s suite of AI-based machine learning tools jumped even more dramatically, reaching levels 64 times higher by March 2024 compared with September 2023.

A particularly sensitive revelation concerns a bespoke, segregated Azure environment reportedly built to host and process massive volumes of intercepted Palestinian communications. The Guardian and other outlets described architectures capable of ingesting and transcribing what were described as up to “a million calls an hour,” with long-term archival storage reaching approximately 11,500 terabytes of audio and metadata. The system included automated transcription and language translation pipelines—Arabic to Hebrew and English—that turned the audio into searchable text at scale.

Whistleblower accounts and leaked documents further alleged that the searchable corpus of intercepted data was cross-referenced with in-house Israeli targeting and analytics tools. Intelligence analysts could identify associations, flag persons of interest, and inform operational decision-making. Some reports linked these pipelines to downstream targeting recommendations used during strike planning, though those operational connections remain disputed.

Microsoft engineers provided thousands of hours of support to IDF intelligence units, including the elite surveillance division Unit 8200 and the visual intelligence unit 9900, both on military bases and remotely. Between October 2023 and June 2024, the defence ministry agreed to purchase 19,000 hours of engineering support and consultancy, deals that generated approximately $10 million in fees for Microsoft.

Microsoft’s Response: From Internal Reviews to an External Investigation

Microsoft has consistently stated that it found no evidence in earlier internal and external reviews that its technologies were used to target or harm civilians in Gaza. The company says its contracts with government customers are bound by standard terms of service, an Acceptable Use Policy, and an AI Code of Conduct that prohibit the use of Microsoft services to inflict harm or violate international law.

However, the company has also acknowledged significant gaps in visibility. Services that run on customer-managed infrastructure, sovereign clouds, or air-gapped systems are often outside Microsoft’s operational monitoring. In a May 2025 blog post, Microsoft acknowledged that it “does not always have technical visibility into how customers use software that runs on their own infrastructure or in sovereign government clouds.”

After fresh investigative reports in August 2025, Microsoft expanded its inquiry and brought in outside counsel. “We are commissioning Covington & Burling LLP, with technical assistance from independent experts, to conduct a formal review of the specific allegations recently reported by The Guardian and other outlets,” the company said. It pledged to publish the factual findings once the review concludes.

Technical Realities: What Azure Can—and Cannot—Do

Azure’s capabilities are vast: hyperscale object storage, streaming data ingestion, speech-to-text transcription, machine translation, and large language model inference. These standard services can be combined into pipelines that automatically process and index huge volumes of audio—the exact type of surveillance architecture described in the reports.

Yet the cloud provider’s visibility is inherently limited in classified government deployments. When Israel operates air-gapped systems or sovereign clouds, Microsoft may supply software and professional services but the customer retains full control of the runtime environment. In such cases, logging and telemetry are often restricted by contract for national-security reasons. This technical architecture is the fulcrum of the debate: Microsoft can enable a capability without ever having knowledge of—or access to—the downstream uses a sovereign client implements atop it.

There is also a critical distinction between providing engineering support for reliability and scale, and building bespoke targeting applications. Reports allege Microsoft contributed thousands of hours of assistance; whether that assistance directly enabled or produced tools used for lethal targeting is precisely what the formal review must determine.

Employee Activism and Investor Pressure

The revelations have ignited significant unrest within Microsoft. Employee groups, including activists under the banner “No Azure for Apartheid,” staged protests at the Microsoft Ignite conference and demanded the company disclose its contracts and sever ties that could enable human-rights abuses. Demonstrations and open letters intensified reputational pressure, echoing broader Big Tech movements where workers increasingly scrutinize dual-use technology.

External stakeholders—human-rights organizations, some institutional investors, and non-governmental organizations—have also called for independent audits and greater transparency. This internal and external pressure almost certainly played a role in shaping Microsoft’s decision to commission the formal outside review.

The controversy raises complex questions across multiple domains:

  • Contract enforcement: If evidence shows a customer violated Microsoft’s Acceptable Use Policy, the company could in theory terminate the contract. But enforcement hinges on having visibility into end-use—precisely what Microsoft currently lacks in air-gapped environments.
  • Regulatory scrutiny: European parliamentarians and national regulators have begun examining cloud governance in conflict settings. The involvement of ministry-level cloud contracts in active hostilities could trigger investigations under human-rights law or export-control regimes.
  • Corporate responsibility: Microsoft has publicly adopted human-rights frameworks, including the UN Guiding Principles on Business and Human Rights. If its products materially enabled rights violations, the company faces reputational and potential legal risk unless it can demonstrate credible due diligence and remediation.
  • Industry precedent: How Microsoft handles this review will set norms for Amazon, Google, and other cloud vendors that also provide AI and infrastructure services to military clients. The outcome could influence investor expectations and spur new regulatory frameworks for high-risk AI uses.

What a Credible Review Must Deliver

For the Covington & Burling-led investigation to be credible, experts say it must include:

  • Independent forensic analysis of cloud provisioning, telemetry, and access logs where Microsoft retains them.
  • Interviews with a broad sample of current and former engineers, product managers, and customer-facing personnel.
  • Examination of contracts, statements of work, and invoices related to Israeli Ministry of Defense engagements.
  • Clear statements about the scope and limitations of what could not be investigated (e.g., air-gapped systems with no logs).
  • Public release of a redacted executive summary and a detailed technical annex for independent review.

No single report can answer every question, but transparency about methodology and a willingness to act on findings will be the yardstick by which the review is judged.

Conclusion: Why This Matters for the Cloud Industry

This episode marks a watershed for how commercial cloud and AI platforms intersect with national security and human rights. For enterprises, developers, and IT professionals, it is a stark reminder that the architectures built today can be repurposed in ways that raise profound ethical and legal questions tomorrow. For policymakers, the case underscores the urgency of building enforceable governance, auditability, and accountability into the cloud-AI stack.

Microsoft’s decision to commission an independent review is necessary but not sufficient. The outcome—and the company’s willingness to publish and act on the findings—will determine whether the industry moves toward a model of transparent, accountable support for legitimate national-security needs, or whether opaque commercial relationships continue to erode public trust and invite stricter regulation.

As of today, the most consequential claims—that Azure-hosted archives directly fed lethal targeting systems—remain contested and await forensic verification. The review’s findings, if released with technical detail and independence, could reshape not only Microsoft’s policies but industry-wide norms for cloud governance in conflict zones.