My comment was more about their clients opting to process their important documents on an external cloud service, not the service itself using AWS.

It's not about property rights, it's about who is in control of and has insight into what is going on on the machine.

Right. In this case, the OCR software dev had control of the clound machines.

However, the customers that uploaded sensitive documents to this cloud OCR service did not have control of the computers, the code, or the configuration.

Yes, if you don't trust anyone you can't get anything done but this feels like the kind of task where you should be a little bit nervous each time you do it.

This is assuming the customer would have better data protection.

Customers would presumably not store their documents on publicly available servers.

Well, except that said OCR company needs to be using Internet-facing servers, and random customers don't.

In my experience you have control and insight into machines in AWS, what insight or control do you think was lacking here? It seems to me more they didn't understand the technology they were building on.

As far as I am concerned, see p1necone's comment above: It's not about the relation between Abbyy and Amazon, it's about the relation between them and their customers who stored their documents with some company where they had not insight into how they were handling their data.

Oh that makes sense, apologies for misonterpreting.