They would be 'toasty-toast' foremost, because thousands of customers would sue them to pass the liability buck.
Second, because IT managers and executives would freak out everywhere, with legit cause. Nobody on the planet running an SaaS would want AWS to be using their data.
Third, it's probably illegal, so there's that.
Finally, the PR fallout would be huge.
If Blue Shield had a major client leak of HIPPA info, and it was because 'AWS staff were looking at it' it would be a big deal for AWS. They would have to prove to everyone that it was just a few bad apples etc..
Most of the other scandals have not dented tech because they are not really scandals. If FB has a breach and some consumer email addresses get leaked ... well that's not so bad. If AWS is looking at BestBuy AWS data, then BestBuy will sue and drop them, and others will follow suit.
>"Second, because IT managers and executives would freak out everywhere"
Remember when we though that whoever is in charge would be Toasty-toast it it turned out that Government was spying on innocent people without due process?
Or if an aircraft company knowingly produced unsafe aircraft and killed 300 people as a result?
For the past 10 years I have seen countless corporate or breaches and fuckups, and one thing they have in common, there seem to be no consequences for those in power
It's not 'we' thought the government would be in trouble if they were caught spying, it's 'some' people. Most people have more nuanced views. Especially in areas of national security most people accept some degree of oversight, so the issue then becomes a matter of details. What was the oversight? What are the material repercussions? Who is harmed? How? All of those things add up in complicated ways among the general population.
The Boeing issue is also complicated. These are not black and white decisions, and just because there was an Engineer 'who said something was wrong' doesn't always help, because there's always a person of credibility that disagrees with systems, many of them are safe. Boeing has paid a huge price for their screw up, with grounded fleets, cancelled purchases.
When Facebook does bad stuff - remember that consumers greatest power is the choice to not use Facebook. So either people continue to use it - or not. Apparently they are, so that's a measure of their real concern for their data given the breaches.
If HIPPA information was looked at by AWS, then there would be lawsuits immediately for example, there would be an investigation and if it was 'just a guy' then I think AWS would be ok, but there would be a lot of scrutiny.
But if there was a whistle-blower at AWS who said 'people are looking at sensitive data all the time' then it would be over for them. While individual consumers may not collectively have any real power to do serious damage, big companies do.
Put yourself in the shoes of an Exec running on AWS infrastructure: all of your most sensitive data leaked, possibly to potential competitors? So the issue is raised far beyond IT personnel etc..
Just like you'd ground your Boeing jets if there were a safety issue, you'd probably move away from AWS.
Second, because IT managers and executives would freak out everywhere, with legit cause. Nobody on the planet running an SaaS would want AWS to be using their data.
Third, it's probably illegal, so there's that.
Finally, the PR fallout would be huge.
If Blue Shield had a major client leak of HIPPA info, and it was because 'AWS staff were looking at it' it would be a big deal for AWS. They would have to prove to everyone that it was just a few bad apples etc..
Most of the other scandals have not dented tech because they are not really scandals. If FB has a breach and some consumer email addresses get leaked ... well that's not so bad. If AWS is looking at BestBuy AWS data, then BestBuy will sue and drop them, and others will follow suit.