Who would have thought that the secretive American spytech and data analyst firm, Palantir Technologies, could have gotten so embedded in the UK’s government and public sector?
At first under the radar, Palatnir’s £330 million contract with the NHS is the deal that’s recently caused the headlines.
The news that the NHS has granted Palantir "unlimited access" to identifiable patient health data has come at a moment when the backlash against the American analyst giant has never been stronger.
Two petitions urging the UK government to scrap its contracts with Palantir have already attracted over 200,000 signatures, according to The Guardian, and the UK government is reportedly now considering activating a break clause to end the deal with the NHS by early 2027.
Privacy campaigners and NHS staff alike have expressed deep concerns over how this data-sharing agreement could compromise patient confidentiality.
But is the Palantir-NHS partnership really as dangerous as critics claim? And, more importantly, what steps can UK citizens take to prevent their personal medical data from being sucked up by today’s most controversial company on the planet?
What is Palantir and how does the NHS use its software?
Headquartered in Miami, Palantir Technologies is a data analytics firm specialising in AI-powered tools designed to manage large datasets.
Co-founded in 2003 by PayPal's creator, Peter Thiel, among others, Palantir began its journey with deep ties to the US intelligence, and was initially funded by the CIA's venture capital body, In-Q-Tel.
Palantir’s flagship software platforms, Gotham and Foundry, are widely used by government organizations and businesses globally to uncover data patterns and support decision-making operations.
These tools are currently deployed across various public sectors, including healthcare, policing, border enforcement, intelligence agencies, and defense.
Palantir first established ties with the UK's public health sector in 2020, when Boris Johnson's government began using Foundry, alongside tools from Microsoft, Google, and Amazon, to manage the Covid-19 pandemic.
That relationship deepened in 2023 when then-Prime Minister Rishi Sunak signed the £330 million contract with the American firm. The deal tasked Palantir with leading a corporate consortium —including Accenture, PwC, NECS, and Carnall Farrar — to build the NHS's new Federated Data Platform (FDP).
A recent Financial Times disclosure has begun to cause concern, however, after it brought to light an internal NHS briefing note which explicitly earmarked "unlimited access" to identifiable patient data for certain contractor admin roles.
And, while the UK government claims to have already seen significant improvements in its data management flow, thanks to Palantir's Federated Data Platform (FDP), a report by Democracy for Sale says that staff have found Palantir's newly built platform to be 10 times slower than the existing system, citing an internal NHS document.
Palantir has strongly rejected these allegations, however. In a statement to Democracy for Sale, the US firm argued that "comparing the two systems is not like-for-like," adding that its platform "introduces guardrails to improve data correctness, enforce purpose-based access and allow more controlled data sharing".
What does it mean for your privacy?
Under the terms of the contract with the NHS, Palantir is named strictly as a "data processor". This means it cannot decide how the information that its software processes is used. In other words, Palantir could face direct liability should it fail to secure this data or violate NHS instructions.
Indeed, a Palantir spokesperson told the Financial Times that using this data for any other purpose would be "not only illegal but technically impossible due to granular access controls overseen by the NHS".
That said, the exact details of how Palantir can use UK citizens’ health data remain obscured. As The Conversation noted, the publicly available version of the contract was published with "nearly all the data protection text" heavily redacted.
However, in an open letter published earlier this month, a coalition of critical NHS personnel argued that current data privacy protections within the FDP system may be "inadequate", raising concerns about Palantir's access to FDP data and its use of artificial intelligence.
The signatories also highlight potential conflicts that could arise from the company's obligations under sweeping US surveillance legislation like the CLOUD Act and the Foreign Intelligence Surveillance Act (FISA), which could “allow the US government to request data held on the systems of an American corporation,” they note.
NEW: Our investigation for @thenerve_news reveals not only that Peter Thiel’s Palantir is completely enmeshed in our critical national infrastructure.It’s also the ‘cloud support’ for our nuclear weapons system1/ pic.twitter.com/LAV82yRifBJanuary 28, 2026
Critics have also raised concerns over how sensitive health data could be misused across different government bodies, such as immigration. The coalition wrote in the open letter:
"We are alarmed that Palantir UK CEO Louis Mosley confirmed to the Observer that Palantir would share NHS data for immigration enforcement purposes should a future government legislate for it."
The NHS is just one of the UK public sectors where Palantir currently operates. An investigation by The Nerve last January found details of 34 active contracts across at least 10 government departments, as well as local councils and police authorities.
Speaking to the BBC, Mosley welcomed the scrutiny and insisted that his company has "no interest" in UK patient data.
"It’s not the legal basis on which we operate, in the same way that Microsoft Excel or Microsoft Word or email is used in the NHS, and again that is NHS data, Microsoft doesn’t have access to it, nor do we to NHS data," he said.
Looking at the company’s track record, however, there is a demonstrable risk that NHS patient health data could one day be repurposed.
For example, January revelations from 404media suggest that US citizen health data is fed to a Palantir-developed app called ELITE, which is used by Immigration and Customs Enforcement (ICE) agents to map and target suspected illegal immigrants.
This cross-pollination of healthcare data and immigration enforcement is exactly what critics of Palantir’s involvement with the NHS fear the most.
Why is Palantir so controversial?
Palantir co-founder Peter Thiel is well-known for his polarizing views.
As reported by The Guardian in 2023, Thiel previously stated that the "NHS makes people sick" and described the British public's affection for the health service as a case of "Stockholm syndrome".
In a 22-point manifesto published in April, Palantir CEO Alex Karp expanded on the moral duty of tech companies in defense and AI warfare, controversially asserting that "some cultures have produced vital advances; others remain dysfunctional and regressive".
This sparked a backlash within the digital rights community, prompting NymVPN CEO Harry Halpin to publish his own "anti-Palantir" manifesto outlining the necessity to fight the company's vision.
However, the opposition to Palantir extends far beyond philosophical disagreements.
For over a decade, Palantir has been the backbone behind ICE’s controversial tracking and deportation operations, and, more recently, a deal with the Israeli military has also become a source of public concern.
Is there something we can do about it?
While it is difficult to predict whether the UK government will activate the break clause in Palantir's contract, there are steps citizen can take if they wish to restrict access to their health data — though they do come with significant caveats.
Patients can opt out of sharing their health records, which prevents GP practices, hospitals, and other providers from distributing their data more broadly.
However, you cannot currently opt out specifically from "products used in the NHS Federated Data Platform".
Crucially, a mass opt-out of health data sharing would severely impact the efficacy of these datasets, undermining the overall quality of medical research and public health planning.
Beyond immediate privacy risks, this erosion of data quality is exactly what NHS employees fear most. A 2023 YouGov poll found that nearly half of UK adults would likely opt out of data sharing if a private company like Palantir began processing their personal information.
Whether this potential erosion of trust between UK patients and the health service will prompt a U-turn in the Palantir-NHS collaboration remains to be seen. What is certain, however, is that the intense debate surrounding the future of UK health data privacy is far from over.
We have contacted Palantir and the NHS for comment and will update this article if we receive a response.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
English (US) ·