V-DIG Audit — PlayStation (Sony Interactive Entertainment LLC / Sony Interactive Entertainment Inc.)

Audit Phase: V-DIG Target: PlayStation / Sony Interactive Entertainment LLC & Sony Interactive Entertainment Inc. (wholly-owned subsidiaries of Sony Group Corporation) Report Date: 2026-05-01 Scope Note: Evidence is drawn exclusively from the research memo supplied. All claims are grounded in publicly reported information. Where no public record exists, findings are stated as “No public evidence identified.” Internal vendor contracts, non-public procurement records, and post-April 2026 developments are outside the evidentiary scope of this audit.

Enterprise Technology Stack & Vendor Relationships

Primary Cloud Infrastructure

PlayStation Network (PSN) and Sony Interactive Entertainment’s cloud gaming services run substantially on Amazon Web Services (AWS), as confirmed by AWS’s published case study¹. AWS is a US-origin vendor. This represents the most significant publicly disclosed infrastructure dependency for PlayStation’s online services, encompassing network operations, player authentication, and cloud gaming delivery.

Cybersecurity Vendor Stack

Sony Interactive Entertainment does not publicly disclose its cybersecurity vendor relationships in annual reports, 20-F regulatory filings, or press materials²³⁴. Following the 2011 PlayStation Network breach — which exposed approximately 77 million user accounts⁵ — and a concurrent second breach affecting approximately 25 million additional customers⁶, Sony publicly committed to a comprehensive security overhaul. The specific vendors engaged as part of that remediation and subsequent security posture were not disclosed in any public filing or press release reviewed.

No public evidence identified of a confirmed licensing, subscription, or integration relationship between PlayStation/SIE and any of the following Israeli-origin cybersecurity vendors: Check Point Software Technologies, Wiz, SentinelOne, CyberArk, NICE Systems, Verint Systems, or Claroty. No corporate disclosure, press release, SEC filing, or credible trade press report names any such vendor as a PlayStation or SIE supplier²³⁴.

Palo Alto Networks is co-founded by Nir Zuk, an Israeli national who serves as the company’s founder and CTO. Its products are widely deployed across large enterprise environments globally. However, no public document confirms Palo Alto Networks as a named vendor to Sony Interactive Entertainment specifically. Industry-norm inference is excluded per audit methodology.

Scale of Dependency on Israeli-Origin Vendors

No public evidence identified permitting any assessment of Israeli-origin vendor integration depth within PlayStation/SIE infrastructure. Sony Group Corporation’s 2023 and 2024 Annual Reports and 20-F filings address cybersecurity risk factors at a high level but do not name specific vendor relationships²³⁴.

Procurement & Systems Integrators

No public evidence identified of systems integrators or digital transformation consultancies engaged by PlayStation that have a documented deployment of Israeli-origin technology as part of their SIE engagements. Source classes examined include SEC 20-F filings, Sony annual reports, SIE press releases, and gaming industry trade press.

Material Evidence Gap

AWS sub-vendor and technology partner relationships are not fully disclosed. Whether any AWS service layer used by SIE incorporates Israeli-origin technology (for example, via AWS Marketplace independent software vendor products) is not determinable from public records¹. This represents a structural opacity common to cloud-dependent enterprises.

Surveillance, Biometrics & Retail Technology

Facial Recognition & Biometric Identification

No public evidence identified of PlayStation or SIE deploying facial recognition, biometric identification, behavioural analytics, or gait analysis technology from any Israeli-origin vendor — including Trigo Vision, BriefCam, AnyVision/Oosto, or comparable providers — for any commercial purpose, including loss prevention, store analytics, or frictionless checkout. PlayStation does not operate a retail store estate of the scale that would typically attract autonomous checkout or store-level biometric deployments. Source classes examined include NGO databases (Who Profits⁷, No Tech for Apartheid⁸), news archives, vendor press releases, and SIE corporate disclosures.

PlayStation-Native Biometric-Adjacent Technologies

Sony’s own consumer-facing biometric-adjacent technologies — including the PlayStation 5 HD Camera, PSVR2 eye-tracking, and DualSense haptic systems — are developed in-house or with non-Israeli hardware partners. No Israeli-origin component supplier has been publicly identified in this hardware stack through any product teardown, patent filing, or supply chain disclosure reviewed in training data.

Predictive Analytics & Workforce Monitoring

No public evidence identified of Israeli-origin predictive analytics, social media monitoring, or workforce surveillance tools deployed by PlayStation or SIE. Verint Systems[^11 — see note] and NICE Systems publish partial customer reference lists; neither names PlayStation or SIE as a customer in any public disclosure reviewed.

Third-Party Surveillance Technology Reach

No public evidence identified of Israeli-origin surveillance or analytics technology reaching PlayStation indirectly via third-party platforms, managed security services, or bundled enterprise suites.

Cloud Infrastructure, Data Residency & Sovereign Cloud Participation

Data Centre Operations

No public evidence identified that PlayStation or Sony Interactive Entertainment operates, leases, or co-locates data centre infrastructure within Israel. SIE’s disclosed data centre and cloud footprint references US, European, and Asia-Pacific regions²³¹. No Israeli point-of-presence appears in any SIE or Sony Group infrastructure disclosure reviewed.

Project Nimbus & Israeli State Cloud Programmes

Project Nimbus is a multi-year cloud infrastructure contract awarded to Google Cloud and Amazon Web Services by the Israeli government and military in 2021⁹, with internal worker protests documented through 2024¹⁰. PlayStation/SIE is not a party to Project Nimbus in any capacity. Although PlayStation is a downstream cloud customer of AWS¹, it is a consumer of cloud services, not a cloud service provider with government contracting relationships. No public evidence links PlayStation to Project Nimbus or any comparable Israeli state-backed cloud infrastructure programme. Source classes examined include Project Nimbus contract documentation as reported, Google and Amazon SEC filings, Israeli government procurement records as reported in press, and NGO investigations.

Data Sovereignty Services

No public evidence identified. PlayStation/SIE is a consumer technology and gaming company. It does not publicly market or provide data sovereignty, infrastructure resilience, or sovereign cloud services to any state institution, including Israeli state bodies. Source classes examined include SIE corporate materials and Sony 20-F filings⁴.

Defence, Intelligence & Security Sector Technology Relationships

Military & Intelligence Contracts

No public evidence identified of any contract, partnership, or service agreement between PlayStation/Sony Interactive Entertainment and the Israeli Ministry of Defence, Israel Defense Forces, Israeli intelligence agencies (Mossad, Shin Bet, Unit 8200 alumni ventures in official capacity), or any Israeli state security body. Source classes examined include Israeli procurement records as reported in press, Sony 20-F risk disclosures⁴, NGO databases including Who Profits⁷, and defence industry trade directories.

Dual-Use Technology Provision

No public evidence identified of PlayStation’s commercially available technology — including game engines, networking infrastructure, AI/ML tooling, or consumer devices — being deployed for military, intelligence, or law enforcement surveillance applications within Israel or the occupied territories. No researcher, official source, or NGO report reviewed in training data makes such a claim. Source classes examined include Amnesty International Tech programme¹¹, Human Rights Watch Technology programme¹², and the Who Profits database⁷.

Offensive Cyber & Weapons Technology

No public evidence identified. PlayStation/SIE does not develop, sell, license, or maintain offensive cyber capabilities, zero-day exploit tools, or digital weapons systems. No public documentation of any such product line exists across any source class reviewed.

AI, Algorithmic & Autonomous Systems

AI/ML Provision to Israeli State Bodies

No public evidence identified of PlayStation or SIE providing artificial intelligence, machine learning, computer vision, or autonomous decision-support systems to Israeli state, military, or security bodies of any kind. SIE’s publicly disclosed AI and machine learning activity is focused on game development tooling, PlayStation Network personalisation and recommendation engines, and consumer-facing features²³.

Training Data & Model Development

No public evidence identified of SIE AI models being trained on, or given access to, civilian population data, intercepted communications, or surveillance-derived datasets from Israel or the occupied territories. Sony Group ESG reporting¹³ addresses responsible technology principles at a high level but contains no disclosure pertaining to such data sourcing. Source classes examined include Sony ESG reports¹³, academic AI ethics literature, and NGO investigations¹¹¹².

Autonomous Weapons & Lethal Systems

No public evidence identified. PlayStation/SIE does not publicly develop or supply autonomous targeting systems, automated military threat detection, lethal autonomous weapons, or autonomous tracking platforms to any military or security force. No claim to the contrary appears in any source class reviewed.

Technology Ecosystem & R&D Footprint

Israeli R&D Centres & Offices

No public evidence identified of PlayStation or Sony Interactive Entertainment operating research and development facilities, engineering offices, innovation labs, or accelerator programmes within Israel. SIE’s disclosed studio and R&D presence spans the United States (San Mateo headquarters, Santa Monica, San Diego, Bend, Bellevue, and others), the United Kingdom (London, Manchester), Canada (Montreal), and Japan; Israel does not appear among disclosed locations¹⁴²³.

Sony Group Corporation’s broader subsidiary structure (Sony Semiconductor Solutions, Sony Music Entertainment, Sony Financial Group, and others) has not been publicly reported to maintain Israeli R&D operations as of the training data horizon. Source classes examined include Sony Group annual reports²³, SIE studio pages¹⁴, Israeli technology press (Calcalist, CTech), and the Start-Up Nation Central database as reported in secondary press coverage.

Acquisitions & Strategic Investments

Sony Interactive Entertainment’s publicly disclosed acquisitions through April 2026 are as follows, none of which are Israeli-origin entities:

• Nixxes Software — Netherlands, 2021¹⁵
• Bluepoint Games — United States, 2021
• Valkyrie Entertainment — United States, 2021
• Firewalk Studios — United States, 2022
• Haven Studios — Canada, 2022¹⁶
• Bungie — United States, 2022¹⁷
• Savage Game Studios — Germany/Finland, 2022
• Neon Koi — 2023

No public evidence identified of Sony Group Corporation or SIE acquiring an Israeli-origin technology company at any point in the training data horizon. Source classes examined include Sony 20-F filings⁴, SIE press releases¹⁷¹⁶¹⁵, and Crunchbase acquisition records as reported in trade press.

No public evidence identified of Sony Group or SIE holding strategic investments in Israeli technology startups or Israeli venture funds. Source classes examined include Sony Ventures portfolio disclosures and Sony Innovation Fund announcements.

Patent Portfolio & Israeli Academic Collaboration

No public evidence identified of significant patent portfolios, licensing agreements, or co-development arrangements between PlayStation/SIE and Israeli-domiciled entities or Israeli research institutions (Technion, Hebrew University of Jerusalem, Weizmann Institute of Science). Source classes examined include USPTO patent filings by inventor country of origin, EPO filings, and academic collaboration databases.

Civil Society Scrutiny & Regulatory History

NGO Investigations & Academic Reports

No public evidence identified of published NGO investigations, academic studies, or UN-body reports specifically addressing PlayStation’s or Sony Interactive Entertainment’s technology relationships with the Israeli state or operations in the occupied territories. The Who Profits Research Center database⁷, Amnesty International Tech programme¹¹, Human Rights Watch Technology and Rights programme¹², and No Tech for Apartheid campaign materials⁸ do not list PlayStation or SIE as a subject company in any published report available in training data.

Boycott, Divestment & Sanctions Campaigns

No public evidence identified of organised boycott, divestment, or sanctions (BDS) campaigns specifically targeting PlayStation or Sony Interactive Entertainment on grounds related to technology provision to Israeli state entities. The BDS Movement’s published campaign targets¹⁸ and No Tech for Apartheid’s named companies⁸ do not include PlayStation or SIE in any capacity documented in training data.

It is noted that Sony Group Corporation has been subject to unrelated consumer boycott actions (relating to pricing disputes, content moderation decisions, and platform exclusivity practices), none of which documented in training data relate to Israeli state technology provision or the occupied territories.

Regulatory & Legal Actions

No public evidence identified of regulatory inquiries, legal challenges, export control actions, or sanctions-related investigations involving PlayStation’s or SIE’s technology sales or services in connection with Israeli state entities or the occupied territories. Source classes examined include SEC enforcement actions, US Commerce Department Bureau of Industry and Security export control records as reported, EU regulatory filings, and Israeli government procurement disputes as reported in press.

Material Evidence Gaps Relevant to Civil Society Assessment

The following structural gaps limit the completeness of this section’s findings and should be flagged for follow-on investigation:

• Internal procurement opacity: Sony/SIE does not publicly disclose its cybersecurity or enterprise IT vendor stack. Absence of evidence of Israeli-origin vendor relationships reflects non-disclosure standard to the gaming industry, not confirmed absence.
• AWS sub-vendor opacity: PlayStation’s cloud dependency on AWS¹ introduces a layer of sub-vendor relationships that are not publicly enumerated. Israeli-origin technology embedded in AWS service layers used by SIE is not determinable from public records.
• Sony Group parent-level procurement: This audit targets PlayStation/SIE specifically. Sony Group Corporation’s enterprise-wide procurement across Sony Pictures, Sony Music, Sony Semiconductor, and Sony Financial may involve different vendor relationships not attributable to, or disclosed at, the PlayStation/SIE subsidiary level.
• Hardware component supply chain depth: PlayStation hardware (PS5, DualSense, PSVR2) incorporates components from global semiconductor supply chains. Israeli semiconductor intellectual property embedded in third-party components is below the resolution of publicly available product disclosures and is outside the scope of this audit.
• Israeli government procurement records: Israeli state and military procurement databases are not fully public. Absence of PlayStation/SIE from reported contracts may reflect non-disclosure rather than confirmed absence.

End Notes