What can I do about this clause?

{'method': 'WEB_FORM', 'recipient': 'https://aws.amazon.com/forms/report-abuse', 'difficulty': 'EASY', 'action_type': 'CLOSE_ACCOUNT', 'instructions': "Navigate to AWS's abuse reporting form at https://aws.amazon.com/forms/report-abuse. Complete the form describing the violation you have observed, including the AWS account, IP addresses, or resource identifiers involved where known. Submit immediately upon discovery.", 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'FTC has jurisdiction over platforms that fail to adequately respond to or report known illegal activity, particularly in spam, fraud, and deceptive practice contexts.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this AUP Reporting Mechanism clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

AUP Reporting Mechanism — Amazon

Share 𝕏 Share in Share 🔒 PDF

Watch Amazon Get alerts when this provision or policy changes.

Watch — $9.99/mo

What it is

If you see someone violating AWS's rules, you must tell AWS about it immediately and help AWS address the problem — and anyone can report violations using AWS's online abuse reporting form.

Why it matters (compliance & risk perspective)

The obligation to report known violations — not just refrain from violations yourself — creates an affirmative duty that most users may be unaware of, and failure to report a known violation could itself constitute an AUP breach.

Consumer impact (what this means for users)

AWS customers who discover that someone else is using AWS infrastructure for illegal or harmful activities have a contractual obligation to report it immediately to AWS, meaning passive awareness of a violation without reporting could expose the customer to their own AUP compliance risk.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Close Your Account

Navigate to AWS's abuse reporting form at https://aws.amazon.com/forms/report-abuse. Complete the form describing the violation you have observed, including the AWS account, IP addresses, or resource identifiers involved where known. Submit immediately upon discovery.

How other platforms handle this

Snapchat Medium

If you believe that your copyrighted work has been copied in a way that constitutes copyright infringement and is accessible via the Services, please notify Snap's copyright agent as set forth in the Digital Millennium Copyright Act of 1998 (DMCA). For your complaint to be valid under the DMCA, you ...

Stability AI Medium

You must be at least 18 years old, or the minimum age required to use our Services in your location, whichever is higher.

Shopify Medium

Certain products and services may be sold on Shopify only with prior written approval, including but not limited to: tobacco and e-cigarettes, certain firearms and accessories that are otherwise legal, adult content and services, certain financial services and money transmission, and pharmaceuticals...

See all platforms with this clause type →

This clause could change without notice.

Get alerted when Amazon updates this policy — with plain-language summaries and severity ratings.

Watch Amazon Need compliance memos? Professional →

View original clause language

Reporting. If you become aware of any violation of this Policy, you will immediately notify us and provide us with assistance, as requested, to stop or remedy the violation. To report any violation of this Policy, please contact us at https://aws.amazon.com/forms/report-abuse.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: The affirmative reporting obligation in this provision aligns with mandatory reporting requirements under 18 U.S.C. § 2258A (NCMEC CyberTipline reporting for CSAM by electronic service providers), GDPR Art. 33 (72-hour data breach notification to supervisory authorities), and NIS2 Art. 23 (incident reporting obligations). For financial services customers, FinCEN Suspicious Activity Report (SAR) obligations under 31 U.S.C. § 5318(g) may intersect where violations involve financial fraud. The 'immediately notify' standard is more stringent than GDPR's 72-hour window, potentially creating conflicting timelines. (2)

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

FTC has jurisdiction over platforms that fail to adequately respond to or report known illegal activity, particularly in spam, fraud, and deceptive practice contexts.
File a complaint →

Applicable regulations

CFAA

United States Federal

DMCA

United States Federal

DSA

European Union

Provision details

Document information

Document

AWS Acceptable Use Policy

Entity

Amazon

Document last updated

April 29, 2026

Tracking information

First tracked

March 6, 2026

Last verified

April 9, 2026

Record ID

CA-P-002553

Document ID

CA-D-00028

Evidence Provenance

Source URL

https://aws.amazon.com/aup/

Wayback Machine

View archived versions →

SHA-256

c61af89c19589f506fd3fc8bbb8010407f0052d2e845554c876b99cc2495d2ce

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Amazon | Document: AWS Acceptable Use Policy | Record: CA-P-002553
Captured: 2026-03-06 20:03:12 UTC | SHA-256: c61af89c19589f50…
URL: https://conductatlas.com/platform/amazon/aws-acceptable-use-policy/aup-reporting-mechanism/
Accessed: May 4, 2026

Classification

Severity

Medium

AUP Reporting Mechanism