Digital Audit: Qatar Airways

Audit Phase: Digital (Digital / Technology Forensics) Subject Entity: Qatar Airways Group Q.C.S.C. (state-owned flag carrier of Qatar) Registered Base: Qatar Airways Tower, Hamad International Airport, Doha, State of Qatar Audit Date: June 2026 Evidence Base: Published corporate disclosures, vendor press releases, trade and technology press, NGO/regulatory reporting, and US government anti-boycott records. All factual claims are drawn from publicly available sources cited in the End Notes.

Scope and directionality note: Digital assesses the digital/technology nexus to Israel. The serious case is the provision of surveillance, digital, data, or cyber technology to the Israeli state, military, or security services. The reverse direction - Qatar Airways procuring technology from Israeli-origin vendors - would be a customer relationship, recorded explicitly as such and weighted far lower. No transitive guilt is imputed: an integrator’s other clients, a vendor’s founders’ military backgrounds, or a parent group’s separate activities are not attributed to Qatar Airways. US-entity relationships (e.g. Microsoft, SpaceX, Epic Games, Sabre) are not Israeli-origin and are noted only for completeness. Qatar maintains no diplomatic relations with Israel and operates within the Arab League boycott framework, which is material structural context throughout this audit.¹²

Enterprise Technology Stack & Vendor Relationships

Strategic Technology Partnerships (Direction: Qatar Airways as customer)

Qatar Airways’ principal publicly disclosed enterprise technology relationships are with US and European vendors. In April 2024, Qatar Airways announced a hybrid multi-cloud transformation delivered by Ooredoo (Qatar’s state-linked telecommunications operator) running on Microsoft Azure public cloud combined with Ooredoo’s private cloud, integrating Microsoft 365 productivity services; A.T. Srinivasan, then Qatar Airways Group Chief Information Officer, was quoted on the deal.³ Microsoft and Ooredoo are, respectively, a US entity and a Qatari entity; neither is an Israeli-origin vendor, and the engagement is recorded for completeness only.³

In August 2025, Qatar Airways and Accenture (Ireland-domiciled professional-services firm) announced an AI partnership branded “AI Skyways,” covering customer experience, operations, employee development, environmental initiatives, and group performance; Group CEO Badr Mohammed Al-Meer and Accenture Chair/CEO Julie Sweet were named.⁴ No Israeli-origin software component or platform was named within the engagement.⁴

Qatar Airways’ documented distribution and airline-IT relationships are with Sabre (US) and Amadeus (Spain). In August 2021 Qatar Airways signed a new distribution agreement with Sabre enabling NDC content distribution; NDC content was integrated to Sabre’s GDS in July 2022.⁵ In June 2021 Qatar Airways renewed and strengthened a distribution and IT partnership with Amadeus, intending to adopt Amadeus Altéa NDC and Offer/Order management solutions from 2022.⁶ Both are non-Israeli vendors.

Biometric and airport-IT services at Qatar Airways’ Doha hub (Hamad International Airport) are supplied via SITA (Switzerland-headquartered air-transport IT cooperative) - see the Surveillance section.⁷

Israeli-Origin Technology Vendors in the Stack (Direction: Qatar Airways as customer)

No public evidence identified. No public source reviewed documents Qatar Airways procuring, licensing, subscribing to, or integrating any Israeli-origin enterprise-technology product. This negative finding is consistent with - though not solely explained by - Qatar’s absence of diplomatic relations with Israel and the Arab League boycott framework.¹²

Israeli-Origin Cybersecurity Vendors

No public evidence identified. The named Israeli-origin or Israeli-founded cybersecurity vendors most commonly found in enterprise stacks - including Check Point, Wiz, CyberArk, SentinelOne, Claroty, Verint, and NICE Systems - were assessed against Qatar Airways’ documented supplier base, and no licensing, subscription, or integration relationship between Qatar Airways and any of them was identified in any independently sourced record.⁸

Procurement Transparency Constraints

Qatar Airways is a state-owned enterprise that does not publish a comprehensive IT or security vendor list. Vendor relationships below the level of named, publicly announced partnerships - including subcontractor and component layers within Microsoft, Ooredoo, Accenture, Sabre, Amadeus, and SITA engagements - are not in the public domain. This is the principal evidence gap in this domain; Israeli-origin component exposure embedded within a third-party integrator’s stack cannot be positively excluded on public evidence, though none was identified.

Surveillance, Biometrics & Retail Technology

Facial Recognition & Biometric Passenger Processing (Direction: Qatar Airways/HIA as customer)

Biometric passenger processing at Hamad International Airport - Qatar Airways’ home hub - is delivered through SITA Smart Path. SITA and HIA signed a memorandum of understanding in 2017 to trial biometric passenger-processing solutions, combining a passenger’s flight, passport, and facial-biometric data into a single record used at self-check-in, bag-drop, security, and boarding.⁷⁹ SITA’s global strategic biometrics partner for Smart Path deployments is NEC Corporation (Japan), which supplies the underlying facial-recognition matching across the majority of SITA Smart Path touchpoints.⁹ Neither SITA nor NEC is an Israeli-origin vendor.

Israeli-Origin Surveillance / Biometric Vendors

No public evidence identified. The Israeli-origin or Israeli-linked surveillance-technology vendors assessed - Oosto/AnyVision (facial recognition), BriefCam (video analytics), Trigo (retail AI), and Trax (shelf analytics) - were not found deployed by Qatar Airways in any operational context (airport, retail, lounge, or crew-facing) in any public source reviewed.

Predictive Analytics, Workforce Monitoring & Social-Media Surveillance

No public evidence identified of Qatar Airways using Israeli-origin predictive-analytics, passenger-sentiment, social-media-monitoring, or workforce-surveillance tooling.

Third-Party / Bundled Surveillance Deployment

No public evidence identified of Israeli-origin surveillance technology bundled within Qatar Airways’ airport-IT or integrator engagements. Subcontractor component stacks are not publicly itemised (see Evidence Gaps).

Cloud Infrastructure, Data Residency & Sovereign Cloud Participation

Data Centre Operations & Data Residency

Qatar Airways’ disclosed cloud architecture runs on Microsoft Azure via Ooredoo’s hybrid multi-cloud setup, with data management described as centralised within that environment.³ Microsoft opened its first cloud datacenter region in Qatar in August 2022, and Google Cloud subsequently launched a Doha region; both are marketed on data-residency and digital-sovereignty grounds for the Qatari market.¹⁰¹¹ No public evidence identified that Qatar Airways operates, leases, or co-locates data-centre infrastructure within Israel.

Project Nimbus & Israeli State Cloud Infrastructure

Not applicable. Project Nimbus is the Israeli-government cloud contract awarded to Google Cloud and Amazon Web Services. Qatar Airways is a passenger and cargo airline and appears in no public Project Nimbus documentation as a contracting party, subcontractor, or recipient. No public evidence identified of Qatar Airways involvement in any Israeli state-backed digital-infrastructure programme.

Data-Sovereignty or Resilience Services to Israeli State Institutions

No public evidence identified. Qatar Airways does not operate as a cloud or data-sovereignty service provider to any state body, Israeli or otherwise. The combination of its core airline business model, Qatar’s Arab League boycott framework, and the absence of Qatar–Israel diplomatic relations makes such a relationship highly atypical.¹²

Defence, Intelligence & Security Sector Technology Relationships

Contracts with Israeli State Security Bodies

No public evidence identified of any contract, procurement relationship, or memorandum of understanding between Qatar Airways and the Israeli Ministry of Defence, the Israel Defense Forces, Mossad, Shin Bet, Unit 8200, or any affiliated Israeli state security body. Qatar maintains no diplomatic relations with Israel, and Qatar Airways does not operate scheduled services to Israeli airports (a limited set of direct Tel Aviv–Doha charter flights was permitted only for the 2022 FIFA World Cup period).¹¹²

Provision of Technology / Data to the Israeli State or Military

No public evidence identified. This is the directionally serious Digital case. No public source documents Qatar Airways providing surveillance technology, data, software, cloud capacity, or digital services to the Israeli state, military, or security services. To the contrary, in June 2024 the US Department of Commerce’s Bureau of Industry and Security added Qatar Airways to its quarterly Anti-Boycott Requester List - a public record indicating Qatar Airways had made a request to a US person to comply with an unsanctioned foreign boycott (the Arab League boycott of Israel); reporting noted the specific contractual language was not confirmed by the agency.¹³ This reflects a posture of refusing business contact with Israel, the opposite of provision.

Dual-Use Technology Provision

No public evidence identified of Qatar Airways commercial technology being reported or confirmed as deployed for military, intelligence, or law-enforcement surveillance applications in Israel or the Occupied Palestinian Territories. Qatar Airways is not a technology vendor in the relevant business-to-government sense.

Offensive Cyber Capability

No public evidence identified. Qatar Airways does not develop, license, broker, or sell offensive cyber capability, zero-day exploits, or weapons technology. (Separate reporting that the State of Qatar has been a target of Israeli-origin spyware - e.g. UAE-deployed Pegasus against the Qatari emir, and NSO Group sales pitches to Qatar - concerns the Qatari state, not Qatar Airways, and runs in the inbound/target direction; it is noted only to distinguish it from any provision finding.)¹⁴

AI, Algorithmic & Autonomous Systems

Documented AI / Algorithmic Deployments (Direction: Qatar Airways as customer)

Qatar Airways’ disclosed AI and immersive-technology deployments carry non-Israeli vendor provenance. In April 2022 it launched the QVerse virtual-reality experience and “Sama,” described as the world’s first MetaHuman digital cabin crew, built with Epic Games’ Unreal Engine and MetaHuman Creator (US) by development agency Neutral Digital (London).¹⁵ The Accenture “AI Skyways” programme (August 2025) governs group-wide AI for scheduling, predictive maintenance, and personalisation, with no Israeli-origin platform named.⁴ In-flight connectivity is provided by Starlink (operated by SpaceX, US): Qatar Airways announced complimentary Starlink Wi-Fi in October 2023 and flew the first Starlink-equipped Boeing 777 in October 2024, later extending the rollout across its widebody fleet.¹⁶

AI/ML Provision to Israeli State Bodies

No public evidence identified. Qatar Airways is not a business-to-government AI vendor; no public source documents it supplying, licensing, or making available any AI/ML capability to Israeli state, military, or security bodies.

Training Data & Model Development Involving Israeli Population Data

No public evidence identified of Qatar Airways sourcing AI training data from Israeli or occupied-territory populations, or contributing to model development involving such datasets.

Autonomous Systems & Lethality

No public evidence identified. The development or deployment of autonomous lethal or targeting systems is not within Qatar Airways’ business domain.

Internal Algorithmic Deployment - Israeli-Origin AI Tooling

No public evidence identified of any Israeli-origin AI vendor embedded in Qatar Airways’ stack. The airline’s documented AI tooling runs through US (Epic Games, Accenture-managed) and Qatari/US cloud platforms.³⁴¹⁵ The undisclosed full vendor list means secondary embedding within managed services cannot be positively excluded, but no such instance was identified.

Technology Ecosystem & R&D Footprint

Israeli R&D Facilities

No public evidence identified that Qatar Airways operates, co-locates, or funds any R&D facility, engineering office, innovation lab, or accelerator within Israel. Its disclosed innovation and digital functions are headquartered in Doha.³⁴

Acquisitions & Investments in Israeli Technology Companies

No public evidence identified. Qatar Airways’ disclosed strategic equity investments are in the aviation sector (e.g. International Airlines Group, China Southern Airlines, LATAM, Virgin Australia, RwandAir). No public source documents Qatar Airways holding equity, venture, or acquisition positions in any Israeli technology company.

Patents & IP Co-Development with Israeli Institutions

No public evidence identified of patent portfolios, licensing, or co-development arrangements between Qatar Airways and Israeli-domiciled entities or research institutions (Technion, Hebrew University, Weizmann Institute).

Supplier Code of Conduct - Technology Supply-Chain Provisions

Qatar Airways operates a published supplier-registration framework and supplier user manual governing onboarding and conduct.¹⁷ No technology-supply-chain due-diligence framework specific to vendor geopolitical origin (in the Digital sense) was identified in public versions reviewed; conversely, Qatar’s broader boycott posture has been recorded by US authorities as constraining sourcing from Israel-linked counterparties (see Civil Society / Regulatory section).¹³

Civil Society Scrutiny & Regulatory History

NGO & Academic Scrutiny - Technology Supply Chain

No public evidence identified of an NGO investigation, academic study, or UN report addressing Qatar Airways’ technology relationships with the Israeli state, Israeli defence entities, or Israeli-origin vendors. The Who Profits Research Centre database and BDS-movement campaign materials focus on corporate involvement in the Israeli settlement and occupation economy; no entry connecting Qatar Airways to Israeli technology supply chains was identified.

BDS & Boycott Campaigns

Qatar Airways has been the subject of civil-society campaigns on grounds unrelated to Israel technology provision - notably labour-rights and LGBTQ+-rights concerns around the 2022 FIFA World Cup. No public evidence identified of a BDS or NGO campaign targeting Qatar Airways on the basis of technology, software, or digital-infrastructure provision to Israel.

US Anti-Boycott Regulatory Record

In June 2024 the US Department of Commerce’s Bureau of Industry and Security listed Qatar Airways on its first quarterly Anti-Boycott Requester List, identifying it among entities that had requested boycott-related compliance from US persons in connection with the Arab League boycott of Israel.¹³ This is a regulatory record of conduct directed against business with Israel, not provision to Israel; it is recorded here as factual regulatory context.

Cybersecurity Incidents (Direction: done TO Qatar Airways)

Qatar Airways has been affected by cybersecurity incidents as a victim, not a provider. In the March 2021 supply-chain breach of aviation-IT provider SITA’s passenger-service servers, a restricted set of Qatar Airways Privilege Club member data (names, membership numbers, tier, and for some members seat/meal preferences) was exposed; Qatar Airways stated the affected data resided on SITA systems via Star Alliance frequent-flyer data-sharing rather than on its own breached systems.¹⁸ Separately, in November 2025 a threat actor advertised an alleged Qatar Airways database of approximately 27,000 records for sale on a hacker forum; this listing was reported in security trade coverage and not independently confirmed by the airline in the sources reviewed.¹⁹ Neither incident has any nexus to provision of technology to Israel; they are recorded as factual digital context.

Export Controls & Sanctions Authorities

No public evidence identified of any action by export-control or sanctions authorities relating to Qatar Airways technology sales, services, or data transfers to Israeli state entities. (The US anti-boycott listing above concerns the opposite directionality and is recorded separately.)¹³

Evidence Gaps

1. Full IT and security vendor stack (highest priority) - As a state-owned enterprise, Qatar Airways does not publish its sub-strategic IT and cybersecurity vendor relationships. The resident security-product stack is undisclosed, so Israeli-origin cybersecurity vendor exposure cannot be positively excluded on public evidence, though none was identified.

2. Integrator subcontractor layers - Microsoft, Ooredoo, Accenture, Sabre, Amadeus, and SITA do not publicly itemise subcontractor or component-vendor stacks for individual engagements. Indirect exposure to Israeli-origin components - including via Israeli-founded, US-domiciled firms operating within managed-services stacks - cannot be fully excluded.

3. Subsidiary perimeter - Qatar Airways Cargo and Qatar Aviation Services may maintain separate IT vendor stacks not covered by mainline announcements; no subsidiary-specific evidence was located.

4. Anti-boycott listing specifics - The June 2024 BIS Anti-Boycott Requester listing does not publicly disclose the precise contractual language or counterparty involved; its scope and resolution are not fully documented.

5. Temporal coverage - No 2024–2026 public source affirmatively places Israeli-origin technology within Qatar Airways’ vendor stack. Negative findings rely on the absence of disclosures across corporate releases, NGO databases, vendor customer-reference pages, and trade press through that period.

End Notes