Australia’s top-secret AUKUS cloud may hand our data over to the U.S.

Australia’s AUKUS cloud deal with Amazon could deepen military ties – but critics warn it risks surrendering digital sovereignty, writes Jemma Nott.

AUKUS doesn’t JUST mean a stronger defense agreement with the US or a very expensive submarine; It potentially means a new frontier in the permanent relinquishment of technological sovereignty.

The Australian Government announced it was building a “Top Secret Cloud” Last year it was the largest technology investment in Australian history with Amazon Web Services. At the time of the announcement, the government made no specific link to its broader use other than “securing and sharing our nation’s data quickly and at scale.” But they too highlighted its use will create more “Interoperability and deeper cooperation between the United States and Australia.”

Cloudy services It’s not just for intelligence storage like this.

By the way According to the government, these are:

‘…[a] critical activation talent In support of Australian Defense Force military operations.’

Microsoft And IBM’s On July 11, 2024, immediately after the government signed the agreement with Amazon Web Services to launch the “Top Secret Cloud” on July 4, 2024, AUKUS wrote vision papers positioning themselves for the collaboration. These articles laid out how to operationalize the AUKUS cloud infrastructure, and there was also an explanation of how to do this.‘Automate routine actions and enhance human decision-making.’ The implications of this new structure in Australia have so far been widely underestimated by defence, the intelligence community and the media.

REDSPICE ProgramThe domestic locomotive of this transformation, which was first announced in 2022: $9.9 billion An overhaul of the Australian Signals Directorate designed to move the nation’s cyber and intelligence capabilities to cloud-based, AI-enabled systems. Released two years later, AWS Top Secret Cloud provides the physical and computational infrastructure on which REDSPICE’s data federation and automation goals can actually run. They feed directly together AUKUS Column 2Where the United States, the United Kingdom and Australia plan to jointly develop and operate joint capabilities in artificial intelligence, cyber operations, quantum technologies, electronic warfare and autonomous weapons systems. A constantly networked intelligence and defense ecosystem that no country can easily disconnect once built.

Most governments now operate what is called public key infrastructure (PKI) — basically a giant digital identity system that ensures that anyone who logs into government networks is who they say they are. Each institution issues digital certificates (like secure ID cards) from a trusted certificate authority, and these authorities are connected to a larger network called a federation. This means agencies can automatically trust each other’s login information, whether it’s someone accessing tax records or a defense database. In the United States this is known as the Federal Public Key Infrastructure (FPKI).

It connects civilian, military and intelligence systems through a single trusted digital certificate network. In the UK the equivalent framework is run by the Government Digital Service (GDS) under the National Cyber Security Center (NCSC). Provides a common “basis of trust” for government agencies and the Department of Defense to verify users. In other words, “increased operability” The agreement between the countries at least hints at some sort of federal system whereby Australia, the US and the UK could ensure that their secure cloud systems recognize and trust each other’s digital credentials; so an authenticated user from one country can seamlessly access controlled parts of another’s classified infrastructure.

We already know this Five Eyes Share citizen data, but this could potentially expand or facilitate the sharing of citizen data. Not to mention that based on the stated goal, the plan will likely leverage AI to provide more effective data analysis across a broader surveillance architecture. Moreover, having autonomous or semi-autonomous weapons systems or decision-making within intelligence or military operations conducted by AI hosted in a cloud stored by a foreign company with access to foreign decision-makers is unlike anything Australia has ever seen before.

Although the purpose of creating this cloud infrastructure is to share data, a company such as Amazon Web Services or Microsoft US Cloud Act. This means they may be legally forced to disclose logs that were not intended to be shared. So what is actually intended to be shared via Amazon Web Services Cloud and what is not intended to be shared will potentially not matter.

Even without enforcement, on a daily basis the US would potentially have access to metadata about who accessed what, where and when. Building a system like this is actually a generational decision because the more metadata is integrated into the system, the harder it is to get it back, and it will require billions more dollars to rebuild it on a new cloud service. When you run your alliance’s brains through a foreign-controlled, AI-integrated cloud, it’s not just data sharing, it’s shared cognition. You cannot solve this situation without damaging the brain of the entire alliance.