The reporting highlights that Palantir built its business on intelligence community and ICE contracts, making it fundamentally unsuitable as a steward of sensitive patient data. The article frames staff resistance as a rational ethical response to handing health records to a company with deep ties to defense and surveillance infrastructure.
Submitted the story with framing emphasizing 'ethical concerns' as the driver of staff refusal. The 299-point score and 134 comments suggest the HN community found the ethical resistance angle compelling and worthy of significant discussion.
The editorial explicitly notes that Palantir's Foundry platform is 'architecturally capable and battle-tested' and that the FDP addresses longstanding complaints about fragmented NHS IT — inability to see bed capacity across regions or coordinate surgery backlogs. It frames the rollout delays as caused not by technical integration failures but by humans declining to participate, suggesting the technology itself isn't the problem.
The editorial documents that staff are declining training sessions, continuing to use Excel spreadsheets for operational planning, and finding procedural workarounds to avoid the platform. This passive resistance has reached a scale where it's materially affecting rollout timelines, with some trusts now months behind schedule — undermining the NHS's ability to modernize its data infrastructure.
The editorial conveys that many NHS staff view patient data stewardship as a core ethical obligation inseparable from their professional duty of care. For these staff, the question isn't whether the FDP works technically but whether entrusting a surveillance-linked company with patient data violates the implicit trust patients place in the NHS.
NHS staff across multiple trusts in England are quietly refusing to use the Federated Data Platform (FDP), the national health data system built by Palantir Technologies under a contract worth approximately £330 million awarded by NHS England in late 2023. The refusal isn't taking the form of organized strikes or public protests — it's passive resistance. Staff are declining training sessions, continuing to use legacy tools like Excel spreadsheets for operational planning, and finding procedural workarounds that avoid interacting with the platform entirely.
The FDP was designed to be the backbone of NHS operational analytics: a system that lets hospital trusts run federated queries across patient data without centralizing raw records in a single database. On paper, it addresses years of complaints about fragmented NHS IT — the inability to see bed capacity across regions, to coordinate elective surgery backlogs, or to model demand during winter surges. Palantir's Foundry platform, which underpins the FDP, is architecturally capable and battle-tested in military and intelligence contexts — which is precisely the problem.
The Financial Times reporting highlights that the resistance has reached a scale where it's materially affecting rollout timelines. NHS England had planned phased adoption across acute trusts, mental health trusts, and community services. Some trusts are now months behind schedule, not because of technical integration failures, but because the humans in the loop are declining to participate.
Palantir's reputation is the elephant in every NHS meeting room. The company built its early business on intelligence community contracts, provided technology used by U.S. Immigration and Customs Enforcement (ICE) for immigration enforcement operations, and has deep ties to defense and surveillance infrastructure globally. For NHS staff — many of whom see patient data stewardship as a core ethical obligation — handing operational access to Palantir feels like a category error, regardless of the contractual safeguards.
The ethical objection isn't primarily about data security in the technical sense. It's about institutional trust — whether a company whose business model was built on surveillance should be the custodian of a nation's health data. Campaign groups like Foxglove and Medact have been vocal, but the more significant signal is that the resistance is coming from ordinary clinicians and administrators, not just activist organizations.
Defenders of the contract — including NHS England leadership and Palantir itself — point to several facts that are genuinely relevant. The FDP uses a federated architecture: queries go to the data, not the other way around. Palantir operates as a data processor, not a data controller, under UK GDPR. Patient data doesn't leave NHS infrastructure. The access controls and audit logging are, by most technical assessments, robust. Peter Thiel's company built a technically defensible system. The problem is that technical defensibility and social legitimacy are different things.
There's a harder version of the pro-FDP argument that deserves airing: the NHS's existing data infrastructure is genuinely dangerous. Trusts routinely share patient data via unencrypted email, USB drives, and spreadsheets with no access controls. The irony is that the system staff are boycotting on privacy grounds is significantly more privacy-preserving than the ad-hoc methods they're using instead. This isn't hypothetical — NHS data breaches from legacy systems are a recurring problem, with the Information Commissioner's Office regularly issuing reprimands.
But the counter-counter is equally forceful: procurement decisions in public healthcare aren't purely technical evaluations. The NHS runs on public trust. When patients learn their data is being processed by the company that helped ICE track immigrants, the nuance of "data processor vs. data controller" evaporates. A system that's technically superior but socially illegitimate doesn't actually solve the problem it was built for, because people won't use it.
How did the NHS end up here? The FDP contract emerged from Palantir's COVID-era work on the NHS COVID-19 Data Store, which was stood up under emergency procurement rules during the pandemic. That system worked — it helped model ICU capacity and vaccine distribution. But emergency procurement has a way of becoming permanent infrastructure. When the formal FDP tender was issued, Palantir's incumbency advantage was enormous: they already understood the data landscape, had existing integrations, and could demonstrate a working prototype.
Competitors — including a consortium of smaller UK health-tech firms — argued the tender was structured in a way that favored Palantir's existing platform. The legal challenges failed, but the underlying complaint resonates with anyone who's seen enterprise procurement up close: once a vendor is embedded in your stack during a crisis, removing them requires more political will than most organizations can muster.
This is a pattern that repeats across govtech. Palantir's playbook — enter during a crisis, demonstrate value, convert to long-term infrastructure — is effective precisely because it works. The question is whether democratic accountability should have more friction points in that conversion process.
If you're building systems that handle sensitive data in regulated industries — healthcare, finance, education, government — the NHS-Palantir situation is a masterclass in a failure mode that no amount of good engineering can fix.
Vendor reputation is a non-functional requirement. It doesn't appear in your architecture diagrams or your threat models, but it determines whether your system gets adopted. If you're selecting a data platform for a context where public trust matters, the vendor's history outside your domain is relevant — not as guilt by association, but as a predictor of adoption friction.
For platform engineers specifically: federated data architectures are the right technical direction for multi-tenant health systems. The FDP's approach — pushing compute to the data rather than centralizing records — is sound and worth studying regardless of your opinion on Palantir. The architectural patterns (federated query execution, trust-level access boundaries, immutable audit logs) translate directly to any system where data sovereignty matters.
The actionable lesson: if you're in a position to influence procurement, factor in social license alongside technical capability. A system that staff won't use is a system that doesn't work, no matter how elegant the query federation layer is. And if you're building the platform itself, invest in transparency tooling — detailed audit dashboards that non-technical staff can understand, clear data lineage visualizations, and opt-out mechanisms that don't require filing a Subject Access Request.
The FDP isn't going away. The contract is signed, the money is committed, and NHS England has staked significant political capital on the platform delivering results. What's likely to happen is a slow, trust-by-trust negotiation where adoption is achieved through a combination of improved transparency measures, staff engagement programs, and the quiet pressure of operational necessity — eventually, the spreadsheet workarounds will break under load. But the damage to the model is done. Every future govtech procurement in the UK will now face the question: "Is this going to be another Palantir situation?" That's a healthy question for a democracy to ask, even if it makes life harder for the engineers trying to ship the thing.
The Palantir brand has become incredibly toxic and, from what folks report, the software just isn’t very good either. A lot of smoke and mirrors hype not matched by substance.
It seems a bad idea in the first place for a public organization to award a single company a huge contract for both the software licences and all the consultancy and implementation efforts.
A contrarian view although I do dislike contracting with foreign companies for roughly similar reasons: Palantir's technology looks good and I think it probably works. Most things don't work.
> While Louis Mosley, the executive vice-chair of Palantir in the UK, maintains that such campaigns are ideologically motivated and could harm patient care,this is EXACTLY why it is of outmost importance to own those critical systems, and not delegate them to foreign companies, especially if from
Top 10 dev stories every morning at 8am UTC. AI-curated. Retro terminal HTML email.
> The US technology company was awarded a £330 million contract in 2023 to collate operational data, including patient information and waiting lists.That contract value is ridiculous - how many full time staff do they have on this project and what rates are they charging? How can some say ‘operat