Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific

Microsoft's Partnership With Middle East AI Firm Under Scrutiny

The US government worries that Group 42 Holdings, an AI firm based in the United Arab Emirates, could become a backdoor for technology leaks to China.

4 Min Read
Wooden puzzle map of Africa and the Middle East
Source: Olena Ilchenko via Shutterstock

A much-trumpeted deal between Microsoft and Group 42 in the Middle East and Africa could be quashed due to geopolitical concerns, as US policymakers raise questions about Group 42's relationship with China, highlighting challenges US companies face in forging business ties in the region.

Despite assurances from Group 42 that it is cutting all military and intelligence ties with the China, US officials continue to voice their misgivings.

Founded in the United Arab Emirates in 2018, Group 42 Holding, or G42, focuses on developing artificial intelligence (AI) capabilities for a variety of industries. The company has strong ties to China, but claims to have put them aside since it began focusing on commercial development of AI technologies in 2022. The UAE's national security adviser, Tahnoun bin Zayed Al Nahyan, and G42 CEO Peng Xiao are controlling shareholders of the company, which has both Middle Eastern and US investors, according to the House Select Committee on the Chinese Communist Party.

For US companies, the volatile geopolitical atmosphere is all part of dealing with security in the modern world, says Tal Mandel Bar, product manager at DoControl, a provider of automated software-as-a-service (SaaS) security.

"For companies like Microsoft, Google, and Cisco, geopolitics definitely complicates their expansion plans in Africa," he says. "They have to navigate a complex web of national security concerns, data privacy issues, and competing interests. It's a tricky balancing act."

The concerns come as the US continues to restrict technology companies that have connections to the People's Republic of China and Russia. In 2020, the US Federal Communications Commission (FCC) designated network equipment manufacturers Huawei and ZTE as national security threats, preventing companies from purchasing the companies' products using government funds. Last month, the Biden administration formally banned security software maker Kaspersky from offering software or services in the US, over worries that the company could be forced to turn over data to the Russian government.

But the US is making its own moves to counter the growing influence of China and Russia in Africa and the Middle East. In May, the US government designated Kenya as a "major non-NATO ally" — the first for an African nation — and approved technology companies' investments in Kenya, among them a $1 billion collaboration between Microsoft and Group 42 Holdings in the region.

Congress Aims to Corral AI

In a January letter, Rep. Mike Gallagher (R-Wis.) requested that the US Department of Commerce investigate whether G42 posed technology export-control risks, given its alleged many and varied connections to China's military-civil fusion efforts.

Group 42 Holdings has denied the alleged relationships between the firm and China's military and business interests.

"In the field of advanced technologies, we have pursued a commercial strategy since 2022 to fully align with our US partners and not to engage with Chinese companies," the company stated in January. "G42 operates within strict compliance and ethical boundaries, adhering to all applicable laws and regulations. Any innuendo suggesting otherwise is unfounded and irresponsible."

Pitted against the concerns, however, the US incentives for continuing to work in the region and keep the Microsoft deal on track are significant, Tarun Chhabra, senior technology director in the US National Security Council, said during a Council on Foreign Relations panel discussion in June.

"In a place like the UAE ... where you have G42 working very closely with Huawei, for example, we have an interest in changing that picture," he said. "So we see kind of the effort to work with Microsoft as an alternative to Huawei, a generally positive development and one that we want to encourage."

Enforcing a ban on working with companies from another nation is complicated, requiring audits and other efforts, but even then will never guarantee against leaks, Chhabra said.

Taking-It-Slow Approach

China and Russia have already made inroads into developing economies in Africa as well as with important suppliers in the Middle East, but the US continues to struggle with its approach.

For Microsoft, Cisco and other large companies, that means continued uncertainty, says John Bambenek, president at Bambenek Consulting, a cybersecurity consulting firm.

"Geopolitical risks are just one element of costs to work in the region where they can’t expect the kind of returns Western tech companies are used to," he says. "But, they have to weigh that against the region's users becoming Baidu or Yandex customers in the alternative."

Microsoft did not respond to a request for comment by Dark Reading.

Figuring out the way forward will be slow, but US policymakers are focused on finding a safe path, the National Security Council's Chhabra said.

"We are having these conversations in many countries — there are a lot of them around the Middle East right now — and part of the reason is that there is a very high conviction about the coming capabilities of AI," he says. "From our perspective, we want to safeguard for national security reasons, we have to have a conversation about what digital infrastructure it is going to ride on and how is that going to be safeguarded."

About the Author

Robert Lemos, Contributing Writer

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights