In February 2021, SOMI submitted a complaint letter to Palantir Technologies. It did not reply to this complaint letter, sent by regular mail and e-mail, stating that these messages had in fact not been received. We repeated our request by letter of our legal counsel. To this request, we received a timely reply. A collective data request has also been submitted to the company on behalf of all participants in the action. In October 2021, Palantir directly emailed these participants inquiring about their relationship with the company. Palantir claims that it does not collect any personal data from this group of people.
SOMI received a response from Palantir to our complaint in which Palantir indicates that it is a data processor and that individuals should directly contact the relevant data controllers for whom they have concerns about the collection and processing of their personal data by Palantir.
We call on you to sign up to participate in our action against Palantir. SOMI’s primary objectives for the campaign are:
Transparency
We demand transparency from Palantir Technologies and agencies whose employed the service of Palantir either through the company itself, or its sub-contractors to come forward with information regarding their partnership.
Right to be informed
The public needs to know about the effectiveness of the Palantir software, the amount of information it is collecting, the capabilities the agency has to analyze our data, and the extent of its access to our information.
GDPR compliance
With regard to GDPR compliance, we reserve all rights to take legal actions and lodge a complaint to supervisory authorities. Where applicable, SOMI may also seek compensations for the invasion of privacy and misuse of data.
Reconsider Palantir
We urge any European agencies who employed Palantir to terminate the agreement should it become clear that the privacy and security of the EU citizens cannot be ensured or the independence or integrity of EU surveillance operations may be compromised, now or in the future.
The growth of surveillance technologies has provided governments with a host of opportunities to outsource various tasks of democratic government to private companies that develop surveillance tools. At the same time, this provides such high tech security companies with more opportunities to access large volumes of unique, sensitive data relating to innocent citizens. The crucial question is whether these companies can and will adhere to transparency and accountability obligations, specifically, when this would endanger the interests of their shareholders, management or strategic clients.
Many government agencies in Europe are (considering) using software of US big data analytics firm Palantir, which in the past already has been involved in data scandals and criticized for its continuous close ties to the US government and US intelligence agencies since the day it was founded. The fact that a company with such track record and ties to organizations such as NSA and CIA has or should be trusted unchecked and unconditionally by European agencies with sensitive data on EU citizens is highly alarming. At any time, Palantir may choose to re-route information or data, or to re-program its software. This has the potential to seriously harm and undermines the democratic rights of all European citizens.
We are here to help you exercise your citizens’ rights. The more people participate, the more negotiation power we have with Palantir and European institutions.
Anyone in the EU can register.
Submit your details in the form above.
You will receive a confirmation email.
Sign the authorization letter.
We will undertake action for you and thousands of others.
No-Cure No-Pay
Palantir’s software may be efficient for police or secret service investigations now — but there is an unknown possibility that it may come at a very high future price, for both the law enforcement itself and the communities it serves. What’s clear is that law enforcement agencies deploying Palantir have run into a host of problems. Here are few examples:
SOMI is a non-profit organization with the purpose to identify and influence issues of social importance.
SOMI investigates misconducts, informs the public and helps affected individuals. With this goal, SOMI wants to contribute to the online security and digital sovereignty of individuals. Only if companies are completely transparent about the use of personal data and possible negative consequences, individuals can make informed decisions and exercise control over their private information.
SOMI investigates digital services and advocates for privacy rights regarding the use of personal data and the relevant risks.
For more information, please visit our websites at:
SOMI: https://somi.nl
TikTok Claim: https://tiktokclaim.org
Zoom Claim: https://zoomclaim.org
Bank Cartel Research: https://kenniscentrumvastgoedfinanciering.nl
Also in Europe, exemptions have been made in GDPR for reasons of national security and to prevent and investigate crimes. However, in Europe, we do operate differently with regard to the rights of individual citizens, equal treatment and a strong assumption of innocence. We should therefore not base our observations on imported software without a clear view on the adaptations made (or not made) to our cultures.
Individuals must be informed
In cases of profiling, the GDPR requires that “meaningful information about the logic involved, as well as the significance and the envisaged consequences” of the data processing should be provided to the individual. This should be provided both when the data is collected (notification), and if the individual requests further information (right of access).
Data should be safely collected, processed and stored
Authorities collecting and processing personal data for profiling purposes must not only process data lawfully, but are mandated also to ensure that data are not:
To this end, authorities and law enforcement officers must ensure that appropriate measures are implemented to protect the integrity and security of the data. They must keep track of any access to, and use of, the data by creating and maintaining records of all processing activities or categories of processing activities.
We expand our FAQ section daily based on the questions we receive.
Palantir Technologies is an American software company that specializes in big data analytics. The company has filed an IPO in early July 2020 and has successfully gone public, with a direct listing on the New York Stock Exchange as of September 30. Without making or reporting any profits at all, Palantir is positioned among the most valuable technology companies, with a worth of approximately $21 billion.
Palantir was known for its work for American government institutions, including national security and intelligence operations – amassing over $ 1.5 billion in federal government contracts. While realizing these results, the company’s controversial business practices have continuously been heavily critiqued for violations of privacy and human rights, as well as for its involvement in US politics.
Palantir Technologies was founded in 2003 in the Silicon Valley by a group of investors and technologists. Peter Thiel, Nathan Gettings, Joe Lonsdale, Stephen Cohen, and its current CEO, Alex Karp. Its board chairman, Peter Thiel, was Facebook’s investors and currently maintains a position on its board of directors. Thiel was also a founder and former CEO of PayPal. Since 2020, Palantir has relocated its headquarters to Denver, Colorado.
Palantir is often considered as a part consultancy/part software company. It deploys specialists, called “forward-deployed engineers,” whose task it is to customize and expand Palantir software for the client. The consulting work done by its engineers is layered into the software licensing fees. It is completely unclear, how any knowledge or information gathered by any expert working for one client, is kept from the institution where this expert may move to next.
The company has two software suites: Gotham and Foundry. Gotham is purported to be a tool developed especially for government and law enforcement groups. It is unclear how the qualification process, whereby an institution gains access to Palentirs’ know-how, is organized and evaluated. The software works by importing large reams of data into one centralized database, where all of the information can be visualized and analyzed in one workspace. This software raises concerns among privacy advocates as it encourages continued surveillance without legal supervision as well as profiling.
Foundry is a platform that allows its users to source, connect, and transform data without the barriers between back-end data management and front-end data analysis. Introduced in 2018, it was expected to provide more automation, require less on-site maintenance, and help the company conquer commercial markets.
As far as public knowledge currently suggests, Palantir’s software ties together thousands of databases across various agencies to help its clients see any connections between them, at any level and with regard to any subject. The access to personal information relating to European citizens includes databases containing identity, location, camera footage, telephone numbers, email addresses and social media, financial data, and transaction records.
One of Palantir’s product demonstrations, as described in a Bloomberg Businessweek’s 2011 article, presents an example of the software’s capabilities: information such as plane tickets, accommodation rentals, bank withdrawals, phone calls, and security camera footage can – nine years ago – be combined to pinpoint an individual.
Following the 9/11 terrorist attack and Iraqi war, there is a need for intelligence tool to combat the war on terror. The CIA was an early investor in the company through its In-Q-Tel venture fund, and Palantir’s advisors have included Condoleezza Rice, US secretary of state under President George W. Bush, and former CIA director George Tenet.
Palantir is best known for its work with the US government and law enforcement entities such as FBI, CIA, the Department of Defense, Immigration and Customs Enforcement, Air Force, Marine Corps, and several police department in the US such as NYPD, LAPD, and New Orleans Police Department. It is heavily supported by these entities in the form of long-term financial commitments.
The use of Palantir’s software is also growing within certain commercial sectors, including, as far as is publicly known, Airbus, Axel Springer, Credit Suisse and JPMorgan Chase. Overall, the company relies heavily on US government contracts despite a recent increase in corporate customers.
Many government and law enforcement entities across Europe have turned to Palantir to sent and store sensitive data and findings, although they have not been open about the implementation of Palantir software. Europol procured Palantir Gotham from the Dutch subcontractor Capgemini Nederland B.V. in 2012, but this information was only made public this year. The framework agreement was concluded for a total of €75 million.
UK government agencies such as Prime Minister’s Office, Cabinet Office, Borders and Customs, and Ministry of Defense all have employed Palantir’s software. Moreover, at the occasion of the Covid pandemic, the National Health Service (NHS) has contracted Palantir to support UK data centers with its Foundry software.
Other important European clients include the French secret service, Danish national police, two German Bundeslander and several Netherlands local police forces. Recently, the company has found rapid growth in Europe as a tool against (suspicions of) terrorism. In this regard, it can be said that the company may profit financially from displaying a constant security threat or, in other words, the mechanism acts in such a way that, in comparison ‘health’ as a public good is being purchased from a drug company. At events such as the European Police Congress in Berlin, Palantir has tried to market its products to police forces and secret services within Europe.
Palantir has never masked its ambitions, in particular the desire to sell its services to the US government. Not only Palantir got on its feet with the fund from CIA, it has been reported that the intelligence community actually helped to build the software. Moreover, Palantir has worked for years to develop surveillance tools for the US National Security Agency (NSA), according to the leaked document from US whistleblower Edward Snowden.
As a US company, Palantir is subject to the notorious “Foreign Intelligence Surveillance Act” (FISA). That means that all information on non-US citizens to which Palantir can gain access, must be shared with US secret services, if warranted. Since many government agencies across Europe use Palantir’s software, and Palantir as a money-losing entity is heavily subsidized by US government agencies, it raises concerns about the company’s access to numbers of databases filled with sensitive information about citizens and businesses within the European Union.
Palantir does not only supply its products to government and public organizations, but also several advertisers and AdTech companies. While Palantir claims that clients remain in control of their data, it strives to convince them to share most of it in anonymized format, that is tied to a profile that may or may not be linked to persons at any point in time, in order to improve its offering towards all other customers. This raises concern over whether Palantir should be trusted with government data.
It also poses a threat of leakage: should the data get into the wrong hands; it could be used to target or discriminate against citizens by exposing sensitive data to surveillance and appropriation by powerful interests, which access cannot be undone after duplicating such information. To make matters worse, citizens lose much of their power to hold governments accountable, when the government itself can no longer trace data being collected and information being transported abroad. This way, European governments abdicate and transfer domestic state responsibility to foreign private actors, resulting in fewer rights and means of control by any democratic system of checks and balances.
The problem with big data is its potential for abuse. Traditionally, smaller data silos meant unauthorized use/access could at least be somewhat mitigated by the limitations of the database itself. Now, with a rapidly increasing number of databases tied together through Palantir's data sharing, those wishing to abuse their access have a much larger dataset to make use of. Insights from combined data sources, may only be available to the party actually able to make such combinations.
A larger problem that subsequently arises is that the datasets of greatest interest to government agencies are no longer government-owned or produced. Instead of being owned and managed by European agencies, they are now created and owned by a US-listed company and from that moment on, all relevant information must therefore now be purchased, hacked or legally compelled before it can serve European citizens and governments (again), at unknown future costs or prices or compensation. Palantir can easily hide behind intellectual property legislation or various other corporate shields to withhold access to analytics data the company produces, since the company has financial incentives to do so and no financial incentives to do anything else.
Palantir is well-known as “the most mysterious company in Silicon Valley” due to its secretive business practices. For instance, Palantir has been testing its predictive policing tool with the New Orleans Police Department for six years without public knowledge. Since the nature of predictive policing is controversial whenever it is implemented, Palantir managed to hide the program from public scrutiny and accountability by creating and using a philanthropic relationship with the city.
Comparable business practices may be pointed out in Los Angeles, as Palantir provides data analysis and integration for the LAPD, but the arrangement was made through the LA Police Foundation rather than the LAPD itself. In New York, the company’s contract was not disclosed for security reasons and it was never brought to the city council for approval. Palantir’s work with NYPD only became public when documents about its tumultuous relationship were leaked to a reporter.
Trusting Palantir on the basis of such track record, requires a leap of faith. In 2011, the company’s plan to launch a campaign of illegal cyberattacks and calculated misinformation against WikiLeaks and its supporters was leaked to the public. To add to the growing list of controversies, the company previously misrepresented its involvement in the Cambridge Analytica scandal and lied about its role in the ICE deportation system.
Members of the European Parliament, Sophie in ‘t Veld and Karen Melchior were concerned with the EU Commissions’ lack of transparency when it comes to the its relationship with Palantir. In spite of Palantir having made a record in their transparency register with the Commission of their CEO’s meeting, there seems to have kept no records of the Davos meeting between President von der Leyen and Palantir CEO earlier this year.
‘T Veld also raises questions about the risk of data processed by both Europol and a US based commercial company with close ties to American intelligence services.
“Does the commission […] consider a company with the track record of Palantir, and subject to US jurisdiction, an appropriate partner for the European Union and suitable to be entrusted with the most sensitive personal data of European citizens?”
Palantir claim - Part of SOMI
Somi.nl - All rights reserved