Why Palantir’s UK Health Data System Matters Beyond Surveillance Fears

Jade-Ruyu Yan is a UK Reporting Fellow at Tech Policy Press and openDemocracy.

England’s National Health Service (NHS) is implementing a system it has called the “Federated Data Platform.” The platform, which is run primarily by controversial military contractor Palantir and provides the health service with a new operating system to handle its fragmented and extensive data, would give a future UK government the technical capacity to use patients’ healthcare data to unleash unprecedented mass surveillance, experts and technologists have warned Tech Policy Press.

“We have already seen in the United States how Palantir’s reach into so many different areas of government has allowed it to build a system that provides detailed profiles of people to enable ICE raids,” said Duncan McCann of the Good Law Project, referring to how US President Donald Trump’s mass deportation program has used Palantir’s tools. “The exact same thing is being enabled by the integration of Palantir into the UK public sector.”

This risk is only exacerbated by the fact that nearly three years after Palantir was awarded the £330m contract to run the FDP, it remains unclear what patient data it gathers, on what basis and to what end. Despite this, 69% of health service trusts have already adopted the platform.

This lack of clarity was laid bare last week, when the UK’s cross-party Science, Innovation and Technology Committee urged the government to break the health service’s contract with Palantir. Its report contained a stark recommendation to the government: reveal “the exact nature of Palantir’s access to identifiable and non-identifiable patient data, on what statutory basis this was authorized, when, and by whom.”

McCann and the Good Law Project are part of an unusually wide coalition demanding the UK cut ties with Palantir, but technologists who have worked closely on the FDP warn that the genie is now out of the bottle and getting the US giant out of the NHS may not be the same as solving the problem.

“You know you could pull Palantir out,” Tom Bartlett, an NHS technologist who worked on the FDP and has spoken publicly in favor of the project, told Tech Policy Press. “But the danger remains.

“You still might get a government that says, ‘We need to have the data from the NHS and the data from the Home Office connected, and we want to use it for the purpose of denying people healthcare or deporting people or whatever’.”

***

To understand how deeply Palantir is enmeshed in the UK’s public sector, consider the coalition opposed to it.

The health service’s data analysts and chief data and analytical officers have spoken out against the platform. The British Medical Association, a union representing doctors and medical students, has urged GPs to reject it. The Greater Manchester Integrated Care Board, which oversees NHS services for 2.8 million people, has refused to sign up to the platform, claiming outstanding security risks haven’t been addressed, and that it has better technology in-house.

It’s not just the health service, either. London’s mayor has blocked a £50m Palantir contract with the city’s Metropolitan Police, arguing that it was improperly awarded. The housing ministry replaced a Palantir system to match British hosts with Ukrainian refugees with its own technology. In Coventry, local politicians and unions are protesting the renewal of a £500,000 Palantir contract–now worth £750,000–with the council’s children’s services department. Employees at financial regulator the Financial Conduct Authority are seeking to orchestrate a cross-union campaign against a 12-week trial contract with Palantir that, they and other experts fear, could expose the UK’s sensitive financial data to US law enforcement authorities.

“Our pilot with Palantir allows the Met for the first time to bring together data it already lawfully holds in one place to identify potential standards, welfare or cultural concerns,” said a spokesperson for The Met over email. “It also allows us to identify early issues so we can act more fairly and consistently, ensuring officers receive support or face appropriate action before problems escalate.” In April, Met officers expressed outrage at the “intrusive” use of Palantir’s technology to assess them for misconduct.

The police can already request information from the NHS if it meets a policing need, such as a homicide investigation or tracing missing persons.

But what exactly does Palantir do?

Palantir’s CEO, Alex Karp, once described its role as “the finding of hidden things.”

He co-founded the company with $2 million from the venture capital arm of the CIA in the early 2000s, when the failure to prevent 9/11 was being debated across Washington and Silicon Valley. It was suspected, and would be confirmed by the public report a year later, that the CIA, the FBI, and the National Security Agency had separately held the data required to have foreseen the terror attacks, but had “failed to connect the dots.”

That finding has since been the basis of much of Palantir’s success. It argues that governments, militaries, law enforcement authorities and businesses already have much of the data they need to make decisions, but that it is not readily available in the forms needed.

Palantir, it tells them, is the solution.

“The actual thing that’s difficult is organizing all your data together,” Alex Bores, a member of the New York State Assembly and a former Palantir employee turned critic, told the New York Times. “That requires hard work, and there’s no magic to do that yet. The software, plus engineers going on site and doing a lot of that hard work to do the manual hookups, was always going to be the true source of value.”

Databasing the nation

In the health service, Palantir’s work involves organizing, hooking up, and streamlining vast troves of patient data currently scattered across, by one count, 44,000 healthcare IT systems in 26,000 organizations. “The fragmentation is absolutely massive,” said Bartlett, who helped build the FDP. “There's all this information, and it's all sat in different pockets.”

Palantir’s solution has two layers. Bartlett describes one layer as an “operating system” analogous to the software that runs your iPhone, which will allow NHS Trusts and third-party developers to create applications (or what Palantir calls “products”) that allow for efficiency gains. An ambulance crew, for example, could punch information about an accident victim into a product that would pass this on to the hospital, so that “the A&E department could prepare, rather than being sort of hit in the face” with the information when the ambulance arrives with the patient.

Yet, much like your iPhone decisively locks you into the ecosystem of Apple products, running this system efficiently requires as much of the NHS as possible to sign on to the Palantir system – something that experts call “vendor lock-in” – and to draw on a staggering library of data held across the health service.

The FDP’s public documentation reveals that the platform is already in the process of ingesting several hundred databases, covering a vast array of variables that include mental healthcare contact activity, mortality, flu vaccination status, covid vaccination status, emergency services data, race and ethnicity, aggregated data for persons held in secure mental health facilities in adult prisons and immigration removal centers, and much more.

As the cross-party committee of MPs noted in their report last week, there is little clarity around exactly what data will make it into the FDP, and how it will be accessed. The debate around patient data held by GP practices offers a useful illustration.

Back in 2023, the Secretary of State for Health and Social Care, Victoria Atkins, told the House of Commons: “No new data will be collected, and GP data will not be part of the national platform.” However, an NHS FAQ page last updated in April 2026 admits that “some of the data” in the FDP “may have been sourced from GP records”, and GP data lawfully shared with NHS trusts that use the FDP could end up on the platform.

More worryingly, the FDP uses all this data to create detailed profiles of individual patients that it calls the ‘Person Ontology’. To quote from a 2025 NHS Data Protection Impact Assessment: “The Person Ontology serves as the single source of the truth for pseudonymized patient-level datasets”.

Elsewhere, the document says that “the Person Ontology currently holds activity data for citizens in different care settings,” explaining that the platform assigns individual patients a unique ID that can be cross-referenced across multiple databases.

The NHS says the data held in the FDP is pseudonymized and therefore does not directly identify individuals. But pseudonymization, as has been pointed out by the Information Commissioner’s Office, the UK’s data protection watchdog, is a reversible process. “Take care not to confuse pseudonymization with anonymization,” the ICO warns.

A person’s healthcare data is their “most intimate information,” said a spokesperson and legal officer at Privacy International, a UK-based charity focusing on technology and rights. “We’re talking about the breadth of the data, how personal it is, and the severity of what could be done with it if it were to land in the wrong hands.”

Big data means Big Brother

Consolidating so much data brings very real risks of surveillance, say those familiar with the platform, particularly since Palantir also holds contracts with police forces in the UK. In principle, all that’s stopping the Home Office from accessing NHS data are legal safeguards that can be reversed.

In the UK, Palantir UK CEO Louis Mosley has said that if a Reform government comes into power, the company will follow the party’s professed directives to use NHS data to target individuals based on their immigration status.

Such a scenario played out in the US when Trump first became president in 2016, as Bores, a former Palantir employee, told The New York Times.

“Palantir had signed a contract with a department within ICE called HSI, Homeland Security Investigations. During the Obama administration, it was focused on anti-human trafficking, anti-drug trafficking, sometimes counterfeiting,” Bores said. “Then, when Trump comes in in 2017, they try to change the nature of that work. They try to get another part of ICE called ERO, Enforcement and Removal Operations – the part that everyone thinks of as ICE – to get access to the software and to use it for deportations.”

In the US, Palantir already uses data from the Department of Health and Human Services to track people targeted for deportation by ICE. In the UK, junior doctor Rhiannon Mihranian Osborne, who is organizing against Palantir in the NHS with health justice organization Medact, described what she said was a disturbing pattern: “Reform’s policy ‘Operation Restoring Justice’ wants to create a powerful immigration surveillance system by mining data from health, police and financial databases. Louis Mosley said his company would comply with this.”

“Palantir's police contracts in the UK include collating highly sensitive information on victims of crime, including sexual orientation and trade union membership. The home secretary says she wants to create a panopticon of state surveillance. The synergy between Palantir and governments who use data to abuse human rights is deeply alarming, and a sign of what could be coming in the UK.”

This is a real risk, conceded Bartlett. “Let's take [a] Reform government and the immigration question coming in, I do worry about that scenario,” he said – but he questioned whether that means the NHS doesn’t need a Federated Data Platform. “So is the answer to that bad scenario playing out to keep the data in such a bad state that nobody could ever use it at all for good or bad?”

Palantir, NHS England, the Cabinet Office, the Department of Health and Social Care and The Reform Party did not respond to requests for comment.

Critics of the FDP, however, have pushed back against what they see as a narrative that the NHS’s systems are so hopelessly complex and tangled that the only way to solve them is with a mass surveillance tool built by Palantir.

“There’s no magic here,” Sam Smith, a technologist with patient rights organization medConfidential, said of the FDP. “It’s not like Palantir is doing anything that other people can’t do… They’re just doing the thing because they have the mythos that they can do the thing.”

Andrew Holway, founder of medical software startup Darwinist, told the cross-party committee that “the primary barrier to NHS innovation” was single-company mega contracts with companies such as Palantir, “who hold them hostage, preventing the implementation of modern productivity tools that could save tens of billions of pounds.”

Some in the NHS have also questioned whether the service has tried different approaches that are less intrusive and data-centric. The NHS Greater Manchester Integrated Care Board, for instance, uses its own Analytics and Data Science Platform because it believes it already has better technology and access to better data.

“Public trust isn’t a side issue for the Federated Data Platform,” wrote Matt Hennessey, the chief data and analytics officer at Manchester Integrated Care Board, in a post on LinkedIn outlining the “effect that ethical concern, moral unease or perceived opacity has on trust–and, in turn, on participation."

The platform’s “main problem is that it isn’t clear what it actually is,” he wrote. “Where trust is eroded, people disengage, patients opt out, and clinicians become cautious about involvement.”

Ultimately, as Osborne said, “any NHS data system must be built on public trust, buy-in from staff, and most importantly, protection from abuse by private corporations and governments themselves.”