- Palantir UK contracts worth $750 million have created a vendor lock-in risk MPs call ‘unacceptable’, threatening NHS independence.
- A parliamentary committee wants the NHS to trigger an exit clause in its Palantir UK contracts as early as February.
- Peter Thiel’s comments about the NHS and CEO Alex Karp’s political manifesto have deepened concerns about the company’s values alignment.
- Cybersecurity experts warn the UK cannot meaningfully audit what Palantir does with the sensitive data it handles.
- Palantir UK contracts worth $750 million have created a vendor lock-in risk MPs call ‘unacceptable’, threatening NHS independence.
- A parliamentary committee wants the NHS to trigger an exit clause in its Palantir UK contracts as early as February.
- Peter Thiel’s comments about the NHS and CEO Alex Karp’s political manifesto have deepened concerns about the company’s values alignment.
- Cybersecurity experts warn the UK cannot meaningfully audit what Palantir does with the sensitive data it handles.
The Palantir UK Contracts Problem Is Getting Harder to Ignore
Palantir UK contracts have reached a scale that is making politicians genuinely nervous. A cross-party group of eleven MPs on Parliament’s Science, Innovation, and Technology Committee published a report this week warning that the UK’s growing dependence on the Silicon Valley data analytics company now represents what they call “an unacceptable point of weakness” — one that could hand Palantir enormous leverage the longer the relationship continues.
The committee’s chair, Dame Chi Onwurah, put it plainly: “We know that with vendor lock-in, over time, we’ll get more expensive and worse services. It’s a trap that has to be avoided.” That’s not abstract concern. When a single supplier becomes deeply embedded in critical infrastructure — the NHS, defence procurement, emergency logistics — the power dynamic shifts decisively in their favour. Switching costs balloon, institutional knowledge migrates to the vendor, and the ability to credibly walk away slowly evaporates.
The UK’s relationship with Palantir began in 2020, when the government was scrambling to manage the Covid-19 pandemic. Palantir’s data platform helped track the virus’s spread and coordinate medical supplies across the country — a genuinely useful intervention at a moment of national crisis. Nobody was asking hard procurement questions in the middle of a pandemic. But that emergency foothold has since grown into something far more entrenched. Between Palantir and its various delivery partners, Palantir UK contracts have now accumulated a combined value of $750 million across the NHS and the Ministry of Defence.
Why Politicians Fear the Worst-Case Scenario
The committee’s concern goes beyond typical procurement complaints about cost overruns or missed deadlines. Onwurah raised a more alarming possibility: that a sufficiently embedded supplier could, in extremis, use the threat of service withdrawal as a negotiating weapon. “That could bring public services and our economy to a halt,” she said. “That’s a huge risk.”
That might sound alarmist until you consider the actual scope of what Palantir UK contracts now cover. The NHS’s Federated Data Platform — a Palantir-built system — is designed to connect patient data across hospital trusts, supply chains, and workforce planning. The Ministry of Defence has its own separate arrangements. When the same company’s infrastructure runs across healthcare delivery and national defence simultaneously, the concept of vendor dependency takes on a different character entirely.
The report also flagged concerning dependencies on other US-based technology companies, specifically Microsoft and Amazon Web Services, as well as Fujitsu — the Japanese firm whose Horizon software was at the centre of one of the UK’s most damaging miscarriages of justice, the Post Office scandal. But the committee was explicit: “Palantir concerns us most.”
The Values Clash That Won’t Go Away
Beyond the structural risk of lock-in, the committee raised something more uncomfortable: a fundamental mismatch between Palantir’s stated worldview and UK public values. The report cites Palantir co-founder Peter Thiel’s 2023 description of British public affection for the NHS as “Stockholm syndrome” — an extraordinary thing for any company to say about its client’s most cherished institution. It also points to a 22-point manifesto tied to a book by CEO Alex Karp, which advocates for technology companies aligning themselves with US geopolitical interests above all else.
“We have a key vendor saying they will exercise technology in accordance with their political mission,” Onwurah said. “If what the UK is trying to do in our NHS or our defence does not align with Palantir’s political objectives, we clearly can’t depend upon them as a supplier.” Those concerns apply directly to Palantir UK contracts across health and defence, where alignment between client and vendor values is not merely desirable but essential.
Those aren’t hypothetical concerns either. Palantir’s work with US Immigration and Customs Enforcement (ICE) has attracted significant criticism — the company’s tools have been used to support deportation operations, a fact that has inflamed public opinion both in the US and abroad. For a company that simultaneously holds Palantir UK contracts across the health and defence sectors, the political exposure is real.
Donald Campbell, director of advocacy at Foxglove — a nonprofit that has campaigned against the NHS’s Palantir relationship — was characteristically direct: “They’re not a company that should be anywhere near British public services. Do you want to be giving a company of this kind — with these openly expressed opinions and ideologies — a central role in the UK state that it may get harder and harder to remove them from?”
Palantir’s European head, Louis Mosley, appeared before the committee last July and attempted to draw a line between Thiel’s personal views and corporate policy. The company’s objective, he said, is to “support democratically elected governments in delivering the mandate that they have been elected to deliver.” He described Palantir as representing “a diversity of political views” that doesn’t take official political positions. It’s a reasonable corporate defence — but it doesn’t fully address the concern that the company’s leadership has been unusually candid about its ideological commitments in ways that most enterprise software vendors simply aren’t.
Can You Actually Trust What You Can’t Inspect?
One of the most sobering parts of the parliamentary report comes not from politicians but from the academic world. Eerke Boiten, a professor of cybersecurity at De Montfort University, highlighted the structural problem at the heart of any sensitive data relationship with a large private technology company: “These companies are such a size, we can’t really inspect what they’re doing. If data needs to be operated on, in 99 percent of cases the provider will need to be able to see the data. That means you have to trust them.”
That’s the uncomfortable truth. The UK government doesn’t have — and realistically can’t build — the technical capacity to audit what Palantir’s systems are doing with NHS patient records or Ministry of Defence data in real time. The Science, Innovation, and Technology Committee is essentially asking the government to confront the fact that Palantir UK contracts have handed significant operational visibility to a company it cannot meaningfully oversee.
The NHS Exit Clause and What Comes Next
The committee’s most concrete recommendation is that the NHS should activate a break clause in its Palantir UK contracts by February of next year — effectively ending the relationship before it becomes any harder to unwind. Whether the government will act on that is far from certain. Senior ministers have been enthusiastic about Palantir’s role in the broader push to digitise public services, and the disruption of walking away from an embedded platform mid-deployment would be significant.
There’s also a legitimate counter-argument. Allowing political concerns about a vendor’s founders and leadership to override procurement decisions sets a tricky precedent. The UK government has a stated ambition to become a “truly digital state” — that goal depends on working with large technology companies, many of which will have politically inconvenient affiliations or opinions somewhere in their leadership. Cancelling Palantir UK contracts every time a CEO says something uncomfortable isn’t a workable procurement strategy.
But that argument sidesteps the structural point, which is about dependency and exit options rather than ideology. The committee isn’t necessarily saying the UK must cut ties with every controversial technology company. It’s saying the government has sleepwalked into a position where it can’t easily replace a single supplier that handles some of the most sensitive data in the country — and that’s a problem regardless of who that supplier’s founders happen to be. The scale of Palantir UK contracts across both the NHS and defence makes that structural vulnerability all the harder to dismiss.
The broader picture here matters too. The UK is not alone in wrestling with tech sovereignty questions. Across the EU, governments are actively trying to reduce dependence on US hyperscalers, partly in response to the Trump administration’s unpredictable approach to transatlantic relations. The French government has pushed for cloud data to be hosted on European infrastructure. Germany has its own ongoing debates about GAIA-X. The UK, post-Brexit, has fewer multilateral mechanisms for coordinating that kind of push — which makes its individual procurement decisions more consequential, not less.
If the government ignores the committee’s warning and Palantir UK contracts continue to deepen, the question won’t be whether vendor lock-in is a risk. It’ll be how expensive that lesson turns out to be when the contract renewal comes around.
Source: https://www.wired.com/story/uk-government-palantir-warning-report/
