UK Prime Minister Keir Starmer and Louis Mosley, head of Palantir Technologies UK. Graphic: the Nerve
Palantir, the US AI surveillance and security firm with hundreds of millions of pounds in UK government contracts, poses “a national security threat to the UK”, according to two anonymous high-level sources working with the Ministry of Defence.
The insiders, who are senior systems engineers with knowledge of the Palantir software systems the MoD is using, have come forward to speak after the Nerve published an investigation in January that revealed Palantir had at least £670m worth of contracts across the UK government, including £15m with the UK nuclear weapons agency.
In that investigation, data and security experts claimed that the contracts with the firm, owned by Peter Thiel, are a critical risk to Britain’s national security. At the time, an MoD spokesman told the Nerve that “all data remains sovereign and under the ownership of the MoD”.
However, the MoD insiders, who have detailed knowledge of the underlying technology, say such statements are “ignorant” and/or misleading. It’s believed to be the first time individuals currently working with the ministry have spoken out about the national security risks Palantir poses. They are doing so because they believe that these are matters of the highest public interest and that parliament needs to act.
The first, a senior systems engineer with the MoD who has decades of experience across the defence industry, told the Nerve: “Ministers clearly have a lack of understanding of Palantir’s technology. The statements with respect to sovereign data appear to be missing the point entirely. [They’re] missing the realities of data scraping, of aggregation, and the fact that Palantir is building its own rich picture of our nation that they can use for their own ends.
UK defence secretary John Healey and Palantir Technologies CEO Alex Karp sign a £1.5 billion investment deal, London, September 2025.
“Allowing a single entity, foreign or domestic, to have such far-reaching, pervasive access is inherently dangerous. How our national cybersecurity centre has allowed this beggars belief.”
At the heart of the claims is that while the underlying data may remain under the MoD’s control, any insights derived from that data do not. The implications of this, the insiders say, are far-reaching, especially because of the vast quantity of personal and other data the company has access to across UK government departments.
They said: “Palantir does not need to own the data or even have stewardship. They can extract, transform and exploit the metadata to build their own rich picture.”
A second source, who has a background in intelligence, said Palantir probably has “a complete profile on the whole UK population. They have visibility into wildly different focus areas, yet their data is all condensed into one foreign supplier’s control/visibility. At the very least I’d call that a security risk.”
‘We find ourselves hitched to an erratic, dangerous, megalomaniac power in denial of its own limits. If Palantir knows everything, it just gives them huge extra leverage’
Further, the sources claim that Palantir can see far more information than the government realises. Palantir can aggregate data from across different government datasets to generate top secret information, the Nerve has been told.
One source described a hypothetical example where Palantir could combine three pieces of unclassified information to determine the location of a nuclear submarine. They said: “A parcel is sent out by a defence supplier with a Nato part number, an address and an arrival date. Even if the label is a QR code and isn’t human-readable, the data it contains would allow Palantir to know that a nuclear submarine would be in Diego Garcia on 4 April. Those three bits of information – the part number, Diego Garcia and 4 April – are, individually, completely unclassified. Together, they are secret.”
Duncan McCann, head of tech and data at the Good Law Project, called the information “potentially explosive”. What the revelations show, he says, is that the UK has “given a private company such detailed access to our national security data that they can themselves infer things that they just aren’t supposed to know. For whose benefit is this?”
The MoD did not respond to the Nerve’s press inquiries. However, in January, defence minister Luke Pollard told the House of Commons: “All data used and developed in Palantir’s software deployed across the Ministry of Defence will remain under the ownership of the MoD. We have clear contractual controls in place to ensure this as well as control over the data system that Palantir software sits upon.”
The senior systems engineer said this statement was beside the point. He said: “Whether or not the UK technically owns the data is almost irrelevant. That’s like reading a secret love letter and saying the secrets in it are safe, just because you’ve promised never to copy it word for word or take it out of the room.”
“When you have that mosaic built from UK sovereign defence, health, roads, power networks, power stations, and our major industrial bases, you have a detailed understanding of virtually every aspect of the sovereign United Kingdom. For an adversary, or even a nation with whom we have a special relationship, that picture is worth more than all the fine art on Earth.”
A spokesman for Palantir said: “These entirely false claims have no grounding in fact and no serious media outlet would report them.”
Keir Starmer and Palantir CEO Alex Karp tour Palantir’s Washington headquarters, February 2025. Photo: Carl Court / AFP
Concerns about Palantir’s central role in the UK’s critical infrastructure have heightened since January when President Trump threatened Greenland, a territory of Denmark, a Nato ally.
Palantir is also being used in America to profile and target immigrants for removal by Immigration and Customs Enforcement officers. Palantir’s work with the US Department of Government Efficiency (Doge) helped synthesise tax and Homeland Security data to give Palantir access to the US’s first searchable citizen database, sparking cybersecurity concerns. It also underpins the AI systems being used by the US military in Venezuela, Gaza and the current operations in Iran.
Martin Wrigley, a Liberal Democrat MP and member of the science, innovation and technology Commons select committee, said: “The UK needs sovereign capabilities in sovereign hands, and we need to remove companies closely associated with foreign political organisations that are a risk.”
Jim Killock, executive director of the Open Rights Group, said: “If the US has detailed insights across everything that the MoD does, then in the event of us being recalcitrant about helping the US bomb some country, they can remind us – subtly or unsubtly – what they might do in retaliation.
“The Ministry of Defence or the prime minister must have some inkling of the risks, but now we find ourselves hitched to an erratic, dangerous, megalomaniac power in denial of its own limits. If Palantir knows everything, it just gives them huge extra leverage.”
In contrast to the MoD, the Swiss army rejected Palantir’s technology, despite numerous pitches that included an approach by the head of Palantir UK, Louis Mosley. A key concern of the army, according to an official report seen by Swiss outlet Republik, was the “possibility that sensitive data could be accessed by the US government and intelligence services”.
The Nerve has identified a previous case in which Palantir claimed proprietary rights to data insights after its contract was cancelled. In the early 2010s, the New York Police Department contracted Palantir to help find high-profile targets using data scraping and analysis. In 2017, it cancelled the contract, but Palantir claimed its platforms – Gotham and Foundry, the same systems used inside the UK government – created a unique ecosystem that sat on top of NYPD data. That meant any analysis derived from those platforms was, they claimed, Palantir’s intellectual property.
As Buzzfeed reported at the time: “The emerging dispute is not over the data that the NYPD has fed into Palantir's software, but over the analysis that the software has produced – all the insights.”
This suggests Palantir could generate insights from UK government data that in turn could be deemed Palantir’s intellectual property.
According to McCann, “a hallmark of almost every Palantir engagement is an attempt at secrecy, obfuscation – a real difficulty in finding out what is actually going on.We really don’t have the legal architecture to defend against this kind of big tech. The regulators are asleep at the wheel.”