INDEX / DIRECTORY / BURBERRY / V-DIG

Burberry V-DIG

DIGITAL INFRASTRUCTURE AUDIT UPDATED 2026-05-18
V-DIG Score 1.03 /10 E Burberry — BDS-1000 117
V-DIG 1.03

Evidence-only forensic audit. Scoring happens downstream — see the main dossier for the composite assessment.

V-DIG Audit: Burberry Group plc

Audit Phase: V-DIG (Digital Forensics / Technology Supply Chain) Target: Burberry Group plc (LSE: BRBY) Audit Date: 2026-05-01 Methodology Note: All findings are drawn exclusively from the research memo below. Live web retrieval was unavailable during research; all claims reflect training-data knowledge through April 2026. Where primary-source confirmation is absent, findings are explicitly qualified. No scores, tiers, or scoring conclusions are assigned.

Enterprise Technology Stack & Vendor Relationships

Core Digital Engineering & Commerce Platform

Burberry’s publicly documented technology stack is primarily the product of a deliberate MACH-architecture (Microservices, API-first, Cloud-native, Headless) transformation, executed with external engineering partners.

Israeli-Origin Software Vendors

CyberArk (Privileged Access Management)

CyberArk is an Israeli-founded cybersecurity company specialising in Privileged Access Management (PAM), headquartered in Newton, Massachusetts, and listed on NASDAQ 10. It was founded in Israel in 1999 and retains significant R&D operations there.

The strongest available public signal of a Burberry–CyberArk relationship derives from industry event materials: John Meakin, identified as Burberry’s former Group Chief Risk & Security Officer, appears on the speaker list for the CISO360 Congress Barcelona hosted by Pulse Conferences, where CyberArk and privileged account security programme design are referenced in the conference context 11. This confirms Meakin’s professional engagement with PAM architecture in his Burberry role but does not constitute a signed contract or a CyberArk-published customer case study naming Burberry 11.

A secondary staffing signal exists: the Trust in SODA nearshore staffing agency website references placing IAM Operations engineers with CyberArk experience at client engagements 12. The prior AI document asserted that Burberry is specifically named as a client on this page; that specific claim could not be directly verified against the page text in this research session and should be treated as unconfirmed until the page is reviewed 12.

Assessment: A CyberArk deployment at Burberry is plausible given the seniority of the CISO-level engagement signal, but is not conclusively evidenced by any primary-source customer case study, annual report disclosure, or confirmed job posting. If confirmed, PAM tooling occupies a critical infrastructure role — governing administrative credential access across the enterprise — and would represent a deeply embedded, non-peripheral deployment. No public quantification of scope (seats, covered systems) has been identified.

Palo Alto Networks

Palo Alto Networks (PANW) is a US-headquartered cybersecurity company incorporated in Delaware with founding roots and R&D operations in Israel 13.

The only publicly verifiable connection between Burberry and Palo Alto Networks is that both organisations appear as separate members or supporters of the Unloc Changemaker Alliance, a UK youth employment and social mobility charity 14. This is a shared philanthropic membership, not a technology procurement relationship.

A G-Cloud 14 service definition document filed by a third-party Managed Service Provider on the UK Government Digital Marketplace 15 was cited by the prior AI document as evidence of a Burberry–PANW contract. That document is a supplier’s own service catalogue filing; a reference to “Burberry” within a third-party MSP’s asset/configuration item listing does not constitute confirmed evidence that Burberry has procured Palo Alto Networks products directly or through that MSP.

Assessment: No confirmed technology procurement relationship between Burberry and Palo Alto Networks is publicly evidenced. The Unloc co-membership 14 is the sole verifiable connection, and it is philanthropic, not commercial.

Check Point Software Technologies

No public evidence of a direct licensing, subscription, or integration relationship between Burberry and Check Point Software Technologies has been identified. A Check Point–Wiz strategic partnership press release 16 cited in the prior AI document contains no reference to Burberry; it documents a Check Point–Wiz commercial arrangement unrelated to Burberry. No public evidence identified.

Other Israeli-Origin Vendors (Wiz, SentinelOne, Verint, Claroty, NICE, AnyVision/Oosto, Trigo, Trax, BriefCam)

No public evidence of licensing, subscription, integration, or procurement relationships between Burberry and any of these vendors has been identified. No corporate disclosure, press release, case study, or credible trade press report naming Burberry as a customer of any of these vendors was located in training data. No public evidence identified for each.

Non-Israeli Vendor Relationships of Note

Surveillance, Biometrics & Retail Technology

Facial Recognition & Biometric Systems

“Burberry Kisses” campaign (2013): This Google-partnered marketing campaign used browser-based webcam technology to detect and animate a user’s lip shape for a stylised digital “kiss” sharing feature 2223. This was a consumer marketing experience, not a biometric identification or facial recognition system. The campaign involved no biometric enrolment, identity matching, or persistent data capture of facial geometry. No biometric identification system deployed; marketing webcam feature only.

Shenzhen “Social Retail” store / Tencent: Burberry announced a partnership with Tencent to open a “Social Retail” concept store in Shenzhen, China, in 2019, subsequently opened in 2020 2425. The store integrates with WeChat for customer engagement, gamified loyalty mechanics (“Social Currency”), and interactive product experiences. Published accounts confirm that the store links a customer’s WeChat digital identity to their in-store product interactions via QR codes and the WeChat mini-program ecosystem 2425.

No verified public source confirms that the Shenzhen store deploys facial recognition technology. The Caixin Global article 24 and retail analysis sources 25 describe WeChat-based digital identity linkage and QR-code-mediated interactions; neither confirms biometric facial recognition. Whether Tencent’s broader platform infrastructure includes facial recognition capabilities in other deployments is a separate question from Burberry’s specific store configuration. Assessment: WeChat-linked digital identity tracking confirmed; biometric facial recognition in Burberry’s Shenzhen deployment not confirmed from cited or independent sources.

Israeli-origin retail biometric/surveillance vendors (Trigo, BriefCam, AnyVision/Oosto, Trax): No public evidence of any procurement or deployment relationship between Burberry and these vendors has been identified. No public evidence identified.

RFID & Inventory Intelligence

“Magic Mirrors” / RFID (Regent Street flagship, c. 2012–2014): Burberry deployed RFID-enabled interactive mirrors at its Regent Street flagship store, enabling garments with embedded RFID tags to trigger contextual product video content when brought near the mirror display 2627. This is item-level RFID tracking of products enabling personalised in-store digital experiences. No biometric or person-identification component has been documented for this deployment 2726. Assessment: Product-level RFID confirmed; no biometric component identified.

Burberry is also listed among major retail brands adopting RAIN RFID (UHF RFID for inventory management) in a RAIN Alliance industry report 27, confirming ongoing use of RFID technology in supply chain and inventory contexts.

Predictive Analytics & Workforce Monitoring

Burberry’s annual reports and digital transformation materials reference use of data analytics and AI capabilities for demand forecasting and customer personalisation 928. No specific Israeli-origin analytics, sentiment analysis, social media monitoring, or workforce surveillance vendor has been publicly named in this context. No public evidence identified of Israeli-origin predictive analytics, customer monitoring, or workforce surveillance tool deployment.

Loss Prevention Technology

IntelliQ, the confirmed loss prevention analytics partner 171819, is UK/US-origin. No Israeli-origin loss prevention technology has been identified in Burberry’s documented estate.

Cloud Infrastructure, Data Residency & Sovereign Cloud Participation

Primary Cloud Infrastructure

Amazon Web Services (AWS) is Burberry’s confirmed primary cloud infrastructure provider, with SAP/ERP workloads running on AWS as part of the “Evergreen SAP” migration documented in AWS partner materials 56. This places core enterprise systems — inventory, supply chain, finance — on AWS infrastructure.

Google Cloud Platform (GCP): EPAM’s published case study references GCP capabilities within EPAM’s practice and notes EPAM’s Google Cloud Premier Partner status 1. The 2013 “Burberry Kisses” campaign was a Google marketing partnership 23, predating GCP’s current enterprise analytics portfolio. No independently published Google–Burberry enterprise cloud case study has been identified in training data. A GCP relationship for current analytics or AI workloads is plausible given EPAM’s partner status but is not confirmed by any primary Burberry or Google corporate disclosure. Assessment: AWS confirmed as primary cloud host. GCP relationship plausible but not confirmed from primary sources.

Project Nimbus

Project Nimbus is a confirmed Israeli government and Israel Defence Forces cloud contract awarded jointly to Google Cloud and AWS in May 2021, valued at approximately $1.2 billion, requiring both vendors to build dedicated data centre infrastructure within Israel for Israeli state and military workloads 29.

Burberry’s relationship to Project Nimbus is indirect and financial only: as an AWS enterprise customer, Burberry’s cloud expenditure contributes to AWS’s global revenue base, a portion of which funds AWS’s overall capital programme including Project Nimbus obligations. This is a structural feature of any large AWS customer relationship, not a Burberry-specific arrangement.

Data Residency

No public disclosure by Burberry identifies specific data residency configurations for customer data, employee data, or ERP data, beyond the confirmed AWS hosting relationship 568. Burberry’s Annual Report and Strategic Report do not specify AWS regional configurations 89.

Defence, Intelligence & Security Sector Technology Relationships

Direct Military & Intelligence Sector Contracts

No public evidence of any contract, partnership, memorandum of understanding, or service agreement between Burberry and the Israeli Ministry of Defence, Israel Defence Forces, Israeli intelligence agencies (including Unit 8200, Mossad, Shin Bet), or any Israeli state security body has been identified. Burberry is a luxury fashion and retail company; its publicly documented business activities are entirely in the consumer goods, retail, and brand licensing domain. No public evidence identified.

Dual-Use Technology

No public evidence that any Burberry commercial technology — including its retail analytics, RFID systems, or e-commerce infrastructure — has been reported, confirmed, or documented as deployed for military, intelligence, or law enforcement surveillance purposes within Israel, the occupied West Bank, or Gaza. No public evidence identified.

Offensive Cyber & Weapons Technology

Burberry does not operate in the cybersecurity product development, weapons manufacturing, or offensive technology sector. No public evidence of any such activity exists. No public evidence identified.

Security Vendor Ecosystem — Defence Nexus

To the extent that a CyberArk procurement relationship at Burberry is ultimately confirmed 1112, it is relevant to note that CyberArk’s PAM technology has broad civilian enterprise adoption globally 10 and is not specific to Israeli state or military clients. No evidence links any potential Burberry–CyberArk deployment to Israeli defence or intelligence sector infrastructure. No public evidence identified of a defence or intelligence sector nexus via any vendor relationship.

AI, Algorithmic & Autonomous Systems

AI Strategy & Disclosed Deployments

Burberry’s 2024 Strategic Report and Annual Report reference data analytics and AI capabilities as enablers of demand forecasting, personalisation, and operational efficiency 928. The “Burberry Forward” strategy (November 2024) reaffirms digital and AI investment as core to the group’s recovery trajectory 7.

Demand Forecasting AI

The prior AI document references a Capgemini-delivered “Naive Advisor” AI demand forecasting tool incorporating image analytics and deep learning as a confirmed Burberry deployment 2021. The cited Capgemini source — a 2014 general Digital Transformation Review — uses Burberry as an illustrative example of digital retail ambition; it does not constitute a project deliverable or a specific contract disclosure for any named AI product 20. Capgemini’s UK research library 21 does not identify a current Burberry AI engagement. Assessment: Demand forecasting AI use is credible given Burberry’s documented digital investment 9, but the specific vendor, technology origin, and programme scope are not confirmed from primary sources available in training data.

AI Provision to State or Security Bodies

No public evidence that Burberry provides AI, machine learning, computer vision, or autonomous decision-support systems to Israeli state bodies, military formations, or security services has been identified. Burberry’s AI activities, to the extent publicly documented, are internally focused on retail demand, personalisation, and brand operations. No public evidence identified.

Training Data Provenance

No public evidence that Burberry’s AI or machine learning systems have been trained on or provided access to population surveillance data, intercepted communications, or datasets derived from Israeli state intelligence collection has been identified. No public evidence identified.

Autonomous & Lethal Systems

Not applicable to Burberry’s business domain. No public evidence identified.

Technology Ecosystem & R&D Footprint

Israeli R&D Facilities & Engineering Offices

No public evidence of Burberry operating research and development facilities, engineering offices, innovation labs, technology accelerators, or incubator partnerships within Israel has been identified. Burberry’s primary technology innovation activities are documented as centred on its London headquarters, with engineering work executed through third-party partners including EPAM 12. Burberry’s investor relations and corporate strategy materials 8928 contain no reference to Israeli R&D or technology office operations. No public evidence identified.

Acquisitions & Strategic Investments in Israeli Technology

No public evidence of Burberry acquiring an Israeli-origin technology company or making strategic investments in Israeli technology startups, Israeli venture funds, or Israeli technology accelerators has been identified. Burberry’s documented acquisition and divestiture activity is confined to the luxury fashion and brand licensing domain. No public evidence identified.

Academic & Research Institution Partnerships

No public evidence of collaboration, joint development, patent co-filing, or research funding relationships between Burberry and Israeli research institutions — including the Technion–Israel Institute of Technology, Hebrew University of Jerusalem, or the Weizmann Institute of Science — has been identified. Burberry’s IP filings are predominantly in trade dress, textile design, and brand protection domains 31. No public evidence identified.

Retail Presence in Israel

Burberry opened a flagship retail store in Israel, reported by Ynet News at the time of opening (approximately 2010–2011) 32. The store’s continued operation is referenced in travel and luxury retail directories 3334. However, these sources do not constitute recent corporate disclosures; Burberry’s investor materials do not provide store-by-store operational detail for individual locations 8. The current operational status of the Tel Aviv location cannot be confirmed from an authoritative corporate source in training data.

Civil Society Scrutiny & Regulatory History

NGO & Academic Investigations

No published NGO investigation, academic study, or UN Special Rapporteur report specifically addressing Burberry’s technology relationships with the Israeli state has been identified in training data. Source classes reviewed include: BDS Movement published campaign materials 35, Who Profits Research Centre (training data), Stop the Wall, Amnesty International technology sector reports, and Human Rights Watch corporate accountability investigations. None contain a Burberry-specific technology supply chain investigation. No public evidence identified.

Boycott, Divestment & Sanctions Campaigns

No organised BDS or civil society campaign specifically targeting Burberry’s technology provision to Israeli state entities has been identified 35. Burberry’s retail presence in Israel (documented store in Tel Aviv 323334) may appear in broader BDS retail-sector listings, but no campaign specifically targeting Burberry’s digital supply chain, cloud infrastructure, or software vendor relationships has been documented in training data. No public evidence identified of a technology-specific BDS campaign targeting Burberry.

The No Tech for Apartheid campaign 30 focuses on technology sector workers objecting to AWS and Google Cloud’s Project Nimbus obligations. Its published materials do not, in training data, name Burberry as a target or participant.

Burberry’s Humanitarian Statement

Burberry’s corporate impact pages reference a donation to the British Red Cross in connection with humanitarian appeals related to the Israel-Gaza conflict in late 2023 36. This is framed in neutral humanitarian terms and does not constitute a corporate position on BDS, technology divestment, or political recognition. No corporate statement by Burberry on technology-related divestment obligations, Israeli procurement policy, or supply chain screening for Israeli-origin vendors has been identified.

Regulatory & Legal Actions

No regulatory inquiries, export control actions, sanctions-related investigations, or legal proceedings involving Burberry’s technology sales, services, or supply chain relationships with Israeli state entities have been identified. Burberry’s documented regulatory and legal history relates to intellectual property enforcement (trademark), supply chain compliance under the UK Modern Slavery Act 31, and standard financial and securities regulation. No public evidence identified.

Investor & ESG Pressure

No shareholder resolution, institutional investor letter, or ESG rating agency action specifically concerning Burberry’s Israeli technology relationships or procurement practices has been identified in training data. Burberry’s ESG disclosures 92836 address sustainability, supply chain ethics, and community investment but contain no disclosures specific to Israeli technology vendor screening. No public evidence identified.

Evidence Gaps

The following material gaps were identified during research and limit the conclusiveness of findings in several domains:

  1. CyberArk–Burberry contract confirmation: The CISO360 speaker listing 11 and the Trust in SODA staffing reference 12 are the only available signals. Neither is a primary-source customer disclosure. Confirmation would require a CyberArk-published Burberry case study, an annual report technology disclosure, or a verified job posting naming CyberArk as a required tool within Burberry’s environment.

  2. AWS regional configuration: Whether Burberry routes any workloads through the AWS il-central-1 (Israel/Tel Aviv) region is not publicly documented 568.

  3. GCP as confirmed analytics/AI platform: EPAM’s Google Cloud Premier status 1 creates a plausible inference; no primary Burberry–Google Cloud case study or corporate disclosure has been identified.

  4. Capgemini–Burberry engagement scope: The available Capgemini citation 20 is a 2014 illustrative reference, not a contract disclosure. Current engagement details, if any, are not publicly documented 21.

  5. Shenzhen store biometric configuration: Whether the Tencent/WeChat integration includes facial recognition (as opposed to QR/digital identity linkage) is not confirmed by any primary source reviewed 2425.

  6. Full technology vendor stack: Burberry does not publish a comprehensive technology vendor list. The cybersecurity, analytics, and cloud tooling estate is not fully accessible from public sources.

  7. Integrator sub-vendor selections: EPAM’s specific technology sub-vendor choices within the Burberry engagement — particularly for security, observability, and optimisation microservices — are not publicly documented 12.

  8. Tel Aviv store current operational status: The most recent authoritative source for the store opening dates to approximately 2010–2011 32; travel directory references 3334 are not corporate disclosures.

  9. NGO digital supply chain investigation: No NGO or academic body has published a technology-supply-chain-specific investigation of Burberry comparable to those produced for technology-sector companies. This is an absence of evidence, not evidence of absence.

End Notes

Footnotes

  1. https://www.epam.com/services/client-work/creating-a-digital-future-with-more-freedom-for-burberry 2 3 4 5 6

  2. https://www.epam.com/services/client-work/the-future-of-remote-how-we-worked-closely-at-a-distance-with-burberry 2 3

  3. https://www.contentstack.com/blog/all-about-headless/burberry-driving-global-scale-and-speed-with-contentstack-headless-cms

  4. https://www.burberryplc.com/news/corporate/2018/burberry-launches-partnership-with-farfetch

  5. https://aws.amazon.com/blogs/apn/the-most-viewed-aws-partner-blog-posts-and-case-studies-in-2023/ 2 3 4

  6. https://aws.amazon.com/retail/it-core-applications/ 2 3 4

  7. https://www.burberryplc.com/news/corporate/2024/burberry-forward 2

  8. https://www.burberryplc.com/investors/results-reports-and-presentations/annual-report 2 3 4 5 6

  9. https://www.burberryplc.com/content/dam/burberryplc/corporate/2024-updates/strategic-report.pdf 2 3 4 5 6 7

  10. https://www.cyberark.com/company/ 2

  11. https://www.pulseconferences.com/conference/ciso360-congress-barcelona/speakers/ 2 3 4

  12. https://www.trustinsoda.com/hiring-solutions/nearshore-talent-solutions 2 3 4

  13. https://www.paloaltonetworks.com/company/about-palo-alto-networks

  14. https://www.unloc.org.uk/news/palo-alto-networks-join-our-changemaker-alliance-improving-opportunities-for-young-people/ 2

  15. https://assets.applytosupply.digitalmarketplace.service.gov.uk/g-cloud-14/documents/93158/322528757809237-service-definition-document-2024-05-07-1107.pdf

  16. https://www.checkpoint.com/press-releases/check-point-software-technologies-and-wiz-enter-strategic-partnership-to-deliver-end-to-end-cloud-security/

  17. https://www.intelliq.com/pressreleases-2022 2

  18. https://www.intelliq.com/about-us 2

  19. https://pitchbook.com/profiles/company/61959-52 2

  20. https://www.slideshare.net/slideshow/digital-transformation-review-no-2-dtr-capgemini-consulting-digitaltransformation/42254838 2 3 4

  21. https://www.capgemini.com/gb-en/insights/research-library/operations/ 2 3 4 5

  22. https://d3.harvard.edu/platform-rctom/submission/burberry-digitizing-the-trench/

  23. https://frenchystudent.home.blog/2019/03/03/how-burberry-became-the-leader-in-the-digital-luxury-brand/ 2

  24. https://www.caixinglobal.com/2019-11-16/burberry-to-work-with-tencent-to-open-social-retail-store-in-shenzhen-101484001.html 2 3 4

  25. https://www.indigo9digital.com/blog/burberrysocialretailstoreofthefuture 2 3 4

  26. https://www.retailgazette.co.uk/blog/2013/07/burberry-unveils-magic-mirrors-at-regent-street-flagship/ 2

  27. https://therainalliance.org/top-retail-brands-worldwide-adopting-rain-rfid/ 2 3

  28. https://www.burberryplc.com/company/strategy 2 3 4

  29. https://www.reuters.com/business/google-amazon-win-12-billion-cloud-contract-israeli-government-2021-05-04/

  30. https://www.notechforapartheid.com/ 2

  31. https://us.burberry.com/c/legal-cookies/transparency-in-the-supply-chain-modern-slavery-statements/ 2

  32. https://www.ynetnews.com/articles/0,7340,L-3997795,00.html 2 3

  33. https://wanderlog.com/place/details/12326745/burberry 2 3

  34. https://elitetraveler.com/travel/destination-guides/africa-and-the-middle-east/tel-aviv/best-shopping-in-tel-aviv 2 3

  35. https://bdsmovement.net/ 2

  36. https://www.burberryplc.com/impact/burberry-beyond/communities 2