We’ve won our lawsuit over Matt Hancock’s £23m NHS data deal with Palantir
And here’s what needs to happen now
We shouldn’t have had to go to court. For a year, we’ve been fighting legal battles over the British government’s secretive NHS data deals with controversial ‘spy tech’ firm Palantir.
Today, we can announce an important victory.
Back in December, after we had spent months on legal efforts to get transparency, the government snuck through a massive £23m, two-year deal with Palantir, a CIA-backed data firm. They contracted Palantir to process our sensitive health data.
We raised objections: the initial deals were framed as a short-term, emergency COVID response, but the new contract revealed mission creep well beyond the pandemic.
The Covid-19 public inquiry is a historic chance to find out what really happened.
Government lawyers insisted that citizens have no right to a say in major NHS contracts with big tech. But we believed the public does have those rights. So we sued.
Facing our lawsuit, the government has finally caved. They’ve pressed pause, committing not to extend Palantir’s contract beyond COVID without consulting the public. There will be no more mission creep without assessing our rights. They have also agreed to engage the public, via patient juries, about whether firms like Palantir are appropriate for a long-term role in the NHS at all.
It’s a major U-turn at a critical moment. The NHS, with its unique trove of structured health data, is powerfully attractive to tech corporations. Palantir and other US tech firms clearly stand to profit from managing or accessing this asset, estimated to be worth £10bn a year.
The NHS datastore is the largest pool of private health data in NHS history, and that raises questions too important to be settled in secret deals. Should it survive the pandemic? On what terms? Should Palantir manage it, or are there more trustworthy alternatives?
Our fight has been about trust. Palantir was founded by a Trump-backing billionaire called Peter Thiel. The firm has a deep and controversial history with US police, and has recently landed a new contract supporting UK border enforcement.
Amid concerns over COVID vaccine hesitancy in some Black and minority ethnic communities and among migrants, trust in health services is vital. A long-term role for Palantir in the NHS risks eroding trust in key communities right when the government needs it most.
There are many more battles to fight. We still need full transparency on the Palantir deal: the government continues to refuse to lift key redactions on what data is being fed into Palantir’s datastore. We need to know that the public consultation they’ve promised is far-reaching, not just a box-ticking exercise.
We also need to fully understand and debate Matt Hancock’s long-term plans for our NHS. Our case was launched amid a major proposed shake-up of laws governing the NHS and its patient data. Proposals in the government’s recent white paper for health and social care would centralise NHS control under Matt Hancock, and could prepare the ground for larger slices of the NHS – including its £10bn/year health data assets – to be contracted to private tech firms.
Who will this brave new world benefit? We have successfully defended the public’s right to be heard before major NHS data deals are signed with large tech firms. It’s now on all of us to speak up if we want our future NHS to serve patients, not profit.
FAQ: What's the story with NHS data and Palantir?
What is the datastore?
The ‘COVID-19 Datastore’ is the largest aggregation of patient data in UK history. It was meant to help track NHS resources and provide a ‘single source of truth’ about the pandemic. It initially involved several tech firms: Amazon, Microsoft, Google, Faculty and Palantir. For many months, the government failed to provide adequate information about the contracts involved, carry out proper data protection assessments or explain the access these tech firms have to NHS data.
In a previous legal challenge in June 2020, openDemocracy and Foxglove forced the government to publish the contracts, arguing the public had the right to know about this ‘unprecedented’ transfer of health data assets to tech corporations.
What is Palantir?
Palantir is a data firm best known for supporting the CIA’s counterinsurgency and intelligence operations in Iraq and Afghanistan. Its founder, Silicon Valley billionaire Peter Thiel, is a close ally of Donald Trump and reportedly consulted with white nationalists during the 2016 campaign. In 2019 Palantir was criticised for its support for US Immigration and Customs Enforcement’s brutal regime of deportations. It also has an extensive and controversial history with US police.
What is the £23m NHS-Palantir deal?
Just before Christmas we discovered that the most controversial of the datastore deals, the contract with Palantir, had been extended for a further two years, with a new scope far beyond the pandemic, in secret, without public consultation and for £23.5m (the first contract was for £1).
What was the aim of the openDemocracy legal challenge?
First, we wanted the government to consult the public properly – and listen to their views – before going ahead with future deals like this one. We argued it’s a required step for the government to comply with UK privacy and data protection laws.
Second, we wanted the government to complete and publish a robust data protection impact assessment into any new contract, making clear what of our health data is being shared, with whom, and what safeguards there are, as data protection law requires. The government has now conceded that both steps are required – but there is far more work to be done to ensure that this consultation is wide, deep and representative across NHS users.
Get our weekly email