With the coronavirus outbreak continuing apace across much the globe, a group of tech firms is responding to a growing demand by governments for citizen information, which is being widely sought after for contact tracing and for analyzing patient data. Now, with the recent revelation that U.S.-based big data firm Palantir will be joining the scene, privacy advocates have been left up in arms over what the implications might be for civil liberties.
Concerns began to surface in mid-April, when it emerged from reports and leaked documents that Palantir had begun working alongside the UK’s National Health Service (NHS) in order to analyze patient data using its Foundry software, which turns a data platform into a data store tailored to the coronavirus pandemic.
The NHS has also reportedly been enlisting U.S. tech giants Amazon and Microsoft for the same purpose, as well as the London-based firm Faculty AI.
The development brings new calls for transparency from privacy advocates, who question whether or not patient data can be abused.
Patient data collection ramps up
The patient data collected during this process—which will make use of the NHS’s 111 dial-in telephone service—will be used to help to predict in which hospitals ventilators, hospital beds, and medical staff are needed most as part of a broader Covid-19 response effort. The aim of the data collection is to assist health officials in modeling resource movement to best tackle the spread of the COVID-19 disease.
More specifically, the parts of the NHS concerned are the NHSX and NHS Improvement.
According to the UK government, these organizations are pursuing patient data analysis in order to “[enable] disparate data to be integrated cleaned and harmonized in order to develop the single source of truth that will support decision-making.” The NHS added that it is their intention to make sure all patient records are either destroyed or returned once the crisis is over.
The NHS is not the only major government department to be making use of Palantir to analyze and track patient data. In mid-March, for example, The Wall Street Journal reported that Palantir is also working with the Center for Disease Control (CDC) in the US in order to map out patterns in the coronavirus’ spread.
Later reports revealed that Palantir has been working with the CDC to create visualizations of how COVID-19 is expected to spread in order to better prepare hospitals. All the while, according to a report by Forbes, the big data giant is deliberately trying to steer away from handling personally identifying patient data, relying on analyses of anonymized records instead.
Privacy advocates raise the alarm
The relation between Palantir—widely regarded as among the most secretive tech companies—and numerous government entities across the globe has raised a red flag among many privacy advocates.
The firm, which was co-founded by controversial US billionaire Peter Thiel, remains well-known for its connections to various US government agencies, including with the Pentagon, as well as with the UK’s cyber intelligence agency GCHQ.
“It is unacceptable that a large-scale project involving patient data is being pursued with Palantir in absence of stakeholder engagement or public transparency,” Silkie Carlo, Director of Big Brother Watch said.
“Palantir and NHSX must be fully open and transparent about the ‘Covid-19 datastore’, the nature of contracts, the use of patient data, the confidentiality of 111 calls, and make details of any predictive analytics and anonymisation techniques available for public audit at the soonest possibility,” she added.
However, Palantir defends its role in patient data collection, pointing out its conviction to “preserve fundamental principles of privacy and civil liberties while using data” by putting in place measures to ensure transparency.
“We must not blindly accept the mantra of ‘desperate times call for desperate measures’, but instead forge solutions that can survive a return to normalcy and not fundamentally alter our societal values,” Palantir’s privacy and civil liberties engineering, Courtney Bowman, told the BBC.
“Any exceptional measures must be clearly justified by the facts and conditions of the moment but, also, in enacting them, build in mechanisms for rolling them back after the crisis and soberly evaluating the extent to which they were necessary and how we can do better next time,” Bowman explained.
Palantir further defended its new operations in a recent blog post, in which it laid out in detail steps to “inform and guide the use of data-driven approaches to enable a successful response to the current pandemic.”
Once such step, according to the big data firm, includes a statement that organizations should not be eager to attain more data unless there is a real need.
“Only after identifying critical gaps should an organization reach for more data — particularly where doing so may harm individuals’ privacy or civil liberties,” the statement reads.