If you somehow missed The Nerve’s investigation into Palantir Technologies, now is the time to catch up. The outlet revealed that the US data analytics firm has picked up at least £670 million in UK public sector contracts. That number alone should make people pause. But it is the quiet way this relationship has grown, deep inside some of the most sensitive parts of British government, that really stands out.
The company was co founded by billionaire Peter Thiel, a prominent Silicon Valley figure and a long time ally of former US president Donald Trump. In the United States, Palantir’s technology has been used by agencies like Immigration and Customs Enforcement, including for surveillance and enforcement operations that civil liberties groups have criticised for years. Despite that record, the firm has become deeply embedded across UK government, with relatively little public debate.
According to The Nerve, Palantir now holds at least 34 contracts across more than 10 government departments and agencies. These range from huge deals with the Ministry of Defence and the NHS to smaller arrangements with councils and police forces. Perhaps most strikingly, the reporting also uncovered previously undisclosed work for AWE Nuclear Security Technologies, the body responsible for designing and maintaining the UK’s nuclear warheads.
What jumps out is how much of this has happened with very limited transparency. Digital rights groups and watchdogs have been raising concerns about Palantir’s government work for years, often struggling to get even basic contract details. When documents have been released, they are sometimes heavily redacted, which naturally raises questions about oversight and accountability.
From a tech and security point of view, there are two big issues here. The first is data sovereignty. The second is dependency.
Government departments and the Ministry of Defence insist that UK defence data remains sovereign and under UK control, protected by contracts and safeguards. That may be true on paper. But according to analysts ” legal clauses and technical controls are not the same as political leverage or long term strategic risk”. As security experts have pointed out, US laws such as the Cloud Act and FISA can allow American authorities to request access to data held by US companies, even when that data relates to foreign governments.
At the same time, business headlines continue to celebrate Palantir’s success. The Wall Street Journal recently reported that the company posted a record $1.41 billion in revenue. Investors love firms that can sell complex systems to governments at scale. But widespread adoption does not make a platform harmless. It makes it powerful. It makes it hard to replace. And once it is woven into public infrastructure, it becomes very difficult to unwind. In tech circles, this is often praised as product market fit. In this case, that fit is being baked into the foundations of the state.
Concerns also extend well beyond defence. Palantir now runs the NHS Federated Data Platform under a contract worth hundreds of millions of pounds. NHS staff and trade unions have raised alarms about what this means for patient trust and data privacy. Local authorities have faced similar pushback. Coventry City Council, for example, has been criticised by workers and unions over AI contracts with Palantir, with questions raised about ethics and the firm’s links to surveillance technology.
These are not fringe complaints. Amnesty International UK has described the decision to award NHS contracts to Palantir as very troubling, citing worries about transparency and data use given the company’s track record overseas. Campaigners are now calling for greater parliamentary scrutiny, and in some cases for contracts to be reconsidered or cancelled outright.
Supporters of the current approach argue that Palantir’s systems are genuinely useful. They can pull together complex datasets and improve efficiency in large organisations. That may well be true in narrow technical terms. But the bigger question is whether it makes sense to become so reliant on a private company with strong ideological leanings, deep ties to the US defence world, and a business model built around extracting value from data. Decisions like that should not be made quietly, behind closed doors, or through non competitive procurement processes.
What The Nerve’s reporting really shows is that Palantir now sits at the crossroads of technology, sovereignty and national strategy. It is no longer just a vendor. It is part of the infrastructure many people depend on, whether through defence planning systems or NHS data flows.
So the question for technologists, policymakers and the public is not simply whether the software works. It is who ultimately controls it, who benefits from it, and what happens if political or geopolitical winds change. A company whose co founder openly talks about serving “the West”, and whose revenues are tied to government security budgets, is not a neutral actor. It is a participant in a much bigger game.
In the end, the case for transparency is simple. The public deserves to know how its data is being handled, and Parliament deserves the chance to properly scrutinise these arrangements. Not because the technology is automatically dangerous, but because power, especially power over data and AI, should answer to democratic oversight.
The Nerve’s investigation is a warning sign, and one the UK tech community should not brush aside.
