In April 2020, as the first wave of Covid-19 ripped through the UK, it was revealed that Palantir, a data engineering company, was providing pro bono support to Downing Street and the NHS. There was immediate speculation about its plans to extend its reach through the British state.
The company, which was founded by the right-wing billionaire Peter Thiel in 2003, had deployed 45 staff to a government project supporting pandemic policymaking. Our analysis suggested the project cost the company about £88,000 a week in wage bills. In exchange for the contract, which did not go to competitive tender, Palantir was paid £1.
But the deals quickly snowballed. First, Palantir won a £1m contract extension and then, in December 2020, a £23m two-year deal. The company is now eyeing a larger prize. The Financial Times has reported that Palantir has poached two senior executives from the NHS’s digital arm as it bids to develop a £240m “federated data platform” (FDP) for the health service.
Officials say that the platform will play a major role in reshaping the NHS. “It will be,” a contract notice states, “an essential enabler to transformational improvements across the NHS.” Like the tool Palantir helped to build during the pandemic, the FDP, officials promise, will bring together a range of data sources to provide NHS managers and Whitehall policymakers with the insight to make better decisions. The platform will track population health and “person insight”, care coordination, elective recovery, vaccines and supply chains.
It represents a huge commercial opportunity. The tech sector knows that the biggest prize won’t be awarded to those racing to privatise NHS services now but to those who privatise its future. While MRI scans and hip replacements can be highly profitable, developing the infrastructure that will underpin NHS decision-making is likely to be even more lucrative. One person with knowledge of Palantir’s plans told the FT it considers the FDP contract a “must-win deal”. Many people, the source added, “think it’s really [worth] £1bn over ten years”.
Palantir and the NHS might seem like unlikely bedfellows. Backed by the CIA, the contractor worked quietly in US intelligence and defence services for several years. As it emerged into public view, Palantir’s work became no less contentious. The company has applied its software to help US police departments predict criminality and immigration officials to track down migrants. Meanwhile, Thiel, a rare advocate in the tech industry of Donald Trump, has railed against what he calls “confiscatory taxes”, the notion that freedom and democracy are compatible and the “ideology of the inevitability of death”.
Palantir’s defenders argue that its intelligence work means it is well-suited to handling sensitive medical records. Tech ethics campaigners, on the other hand, warn that a company with Palantir’s history has no place inside one of Britain’s most trusted institutions. Yet perhaps the most significant concern surrounding the FDP is the systemic risk it could pose to the infrastructure of the NHS.
From transport networks to power stations, large parts of the British state have been sold off to foreign entities in recent decades, but while private providers have gradually expanded their presence in the NHS, the health service clearly remains within the purview of government. By entrusting the data engineering underpinning NHS decision-making to a single company ministers would be exposing the health service to a kind of risk it has not faced before. If Palantir, or any other provider, could no longer support the system, the integrity of that decision-making would be compromised.
The sheer size of the NHS – it is the largest employer in Europe – highlights how risky this is, and NHS leaders are familiar with this kind of threat. In 2017 the WannaCry ransomware virus spread rapidly through the health service. Many hospital trusts were reliant on Microsoft software that could not be, or had not been, updated in time. This forced NHS administrators to cancel thousands of appointments. The crisis was at least partly contained, however, thanks to the federated nature of NHS IT. The FDP, by contrast, is a centralised system; if it was disrupted that would threaten the capacity of NHS managers and government officials to make critical decisions about the ways in which limited resources are used in a major health crisis, such as a pandemic.
This is not to say that the government should not develop an FDP, that the private sector doesn’t have a role to play in developing the NHS’s digital infrastructure or that Palantir’s work during the pandemic has not proved valuable. But it is reasonable to ask if the data engineering underpinning a platform like the FDP is too critical to the functioning of the NHS to be outsourced to one company. Conscious of this kind of risk, some EU nations are seeking to develop more resilient digital infrastructure, built with the support of external suppliers but ultimately managed internally. In the absence of a coherent tech strategy, however, the UK is set to take a different path, with potentially far-reaching consequences for the health service and its future.