Suarjan Prasai, Researcher at the Faculty of Information and the Institute of Communication, Culture, Information and Technology, University of Toronto, co-authored this piece.
Spreading out. We listed 25 contracts or memoranda of understanding signed between Palantir and European governments (let us know if you can identify more). With a total of seven deals, ranging from health to defense, the United Kingdom leads the pack, followed by Germany with three deals, all signed between Palantir and the police.
The real number could be much higher, though. In many countries, including Finland and Sweden, the deployment of Palantir’s software is highly likely, but the contracts themselves – or even their existence – have not been made public. Governments use secrecy laws to prevent their citizens or, in some cases, other official bodies from knowing about their deals with the US-based analytics company.
Lock-in. At first sight, Palantir’s software offers nothing more than database management. But connecting databases that originate from vastly different institutions such as hospitals or schools is tremendously challenging. Not every concept that appears in the data means the same thing to every organization. The layer that translates each institution’s vocabulary into the others’, which Palantir describes as their ontology, is the most valuable. It implies the potential for network effects: the more institutions within a country use Palantir products, the easier it becomes to integrate their databases with others.
When deployed across public infrastructure, this technical liquidity is able to bridge health directories directly with enforcement operations. This can be seen in the U.S., where Medicaid records feed immigration tracking apps to automate coordinated deportation efforts. This structural lock-in relies on the deliberate strategy of exploiting a state of exception – using crises or war zones to experiment on vulnerable populations, refining the engineering before it is streamlined into civic life. Palantir systematically uses undocumented migrants, healthcare patients, and active combat zones as real-world testing grounds. By the time the software is stabilized and deployed into broader public infrastructure, the violent, exclusionary tracking patterns are already baked into the code.
This is how Palantir became ubiquitous in the British and US-American governments. Its executives appeared in times of crisis, after 9/11 and during Covid, and offered their help for symbolic amounts or even for free, as was the case with England and Greece. Once entrenched, the company obtained new contracts (often without a competitive tendering process) and presented itself as irreplaceable.
Alternatives. Whether any actual alternatives to Palantir exist remains debated. European companies such as Siren.io (Ireland), DataWalk (Poland), or ChapsVision (France) advertise themselves as such. The latter was recently awarded a contract by Germany’s domestic intelligence agency in a bid widely seen as a rebuke for Palantir.
But relying only on local corporate alternatives changes the company's flag, not the mass tracking underneath. The real problem is that software such as Palantir’s or that of its European competitors is deployed with the intent to exploit the gap between laws on paper and enforcement on the ground. By signing emergency contracts before oversight boards can even meet, the companies create a situation where the deal is already done. This speed allows the automated tracking to outrun normal democratic debates.
Swiss authorities declined to adopt Palantir’s software despite a decade-long campaign by the company (the fact that this refusal was reported irked Palantir so much that they started suing the journalists who made it known). In England, too, the Ministry of Housing ditched Palantir earlier this month to develop a tool in-house.
While swapping a US-American data miner for a European provider might satisfy demands for regional sovereignty, it merely shifts the corporate flag, but does not solve the fundamental threat that automated mass surveillance poses to civil liberties.
The real thing. The examples above show that Palantir is replaceable. Why, then, do governments keep claiming the contrary? Focusing on the tool itself can be misleading here. Precisely because the company goes to great lengths to remain secret from the public – and even from elected officials – Palantir offers its customers something else: unaccountability.
Because the software is so secretive, people get locked out of public services or can become a target for the state through a computer program. And they have no way to fight back or appeal the decision, because they don't even know the algorithm that caused it. European legal safeguards are failing to stop this expansion. In 2023, the German Constitutional Court struck down automated data analysis laws, yet Bavaria deployed Palantir’s VeRA system anyway – proving that state executives will simply ignore judicial boundaries to keep the infrastructure running. The result is a legal black box where open administrative law is permanently replaced by proprietary, unaccountable software code.
Claiming that they have no choice and no possibility to disclose the details of the software, politicians de facto absolve themselves from their responsibility. Deployed across institutions, Palantir thus becomes an operating system for the state that no single institution can be held reliable for. Without strong regulatory intervention, its deployment would wipe out all democratic tenets without the need to touch a single paragraph in our constitutions. By the time a legal challenge or policy review is launched, the data infrastructure is already running inside the state, turning the exception into the rule.