Even critical paragraphs on how NHS patients’ personal data will be handled have been blacked out.
As NC readers may recall, the UK government in November announced its decision, presumably made months, if not years, earlier, to hand the management of NHS England’s Federated Data Platform to Palantir, a tech company whose client list includes the US military, intelligence agencies and ICE, and which is currently providing technical and moral support to Israel’s myriad war crimes in Gaza. Just over a year ago, Palantir’s Chairman, Peter Thiel, told the University of Oxford Union:
“Highways create traffic jams, welfare creates poverty, schools make people dumb and the NHS makes people sick.”
Needless to say, the deal, even by the low standards upheld by today’s public-private partnerships, is controversial, and was awarded despite a promise in 2021 by the UK government that it would not enter into any new contracts with Palantir without consulting the public first. The contract for the deal was published on December 21, together with a contract signed with US health information technology giant IQVIA to provide “Privacy Enhancing Technology” for the Federated Data Platform.
Both the government and Palantir have insisted that the privacy of NHS patients will be respected and protected, and that their health data will not be sold onto third parties. Yet almost three-quarters of the text of the contract, including, ironically, almost entire sections relating to data protection and privacy, has been redacted. In other words, there is no way for NHS patients or doctors to know what has been agreed to. In total, 417 of the contract’s 586 pages, including critical paragraphs on how patients’ personal data will be handled, have been blacked out, according to the not-for-profit Good Law Project:
“Not Just… Unacceptable, But Unlawful”
In response, the Good Law Project has sued the UK government in a bid to “uncover Palantir’s blanked out contract.” From its pre-action letter:
Transparency and accountability of public service delivery data and information builds public trust and confidence in public services. It enables citizens to see how taxpayers’ money is being spent; and allows the performance of public services to be independently scrutinised. It also supports the functioning of competitive, innovative and open markets by providing all businesses with information about public sector purchasing and service providers’ performance.
We think this is not just completely unacceptable, but unlawful. Government policy requires public bodies to give reasons when contracts are redacted, but despite the massive scale of the redactions in Palantir’s contract no reasons have been given.
The pre-action letter also raises about the contract the NHS has signed with IQVIA:
Around three-quarters of IQVIA’s contract is also completely redacted. This includes a section on the protection of personal data – precisely the issue IQVIA is being brought on board to address – so we’re challenging the NHS over this as well.
What makes this all the more concerning is the power imbalance between the NHS and IQVIA uncovered by the doctor and academic Ben Goldacre in 2020. According to Goldacre, IQVIA is free to collect and aggregate NHS hospital data and sell it to the pharmaceutical industry, but it can restrict NHS access to this collated data and its ability to share it with UK regulatory bodies.
With the upcoming launch of the Federated Data Platform, NHS England says it’s committed to “being transparent” around patient data. But these obliterated contracts show it hasn’t delivered on this promise.
Growing Public Backlash
News of the ruthless redaction of the contract’s 586 pages is unlikely to bolster trust in a deal that already faces widespread suspicion and hostility from NHS patients and practitioners. Dozens of civil society groups have kicked up a storm about the prospect of so much highly sensitive personal data being handled by one US company, especially one so deeply embedded in the rapidly emerging mass surveillance industry, and the government already faces a lawsuit challenging the legality of the deal.
“Is Palantir really the kind of company we want at the very heart of the National Health Service?” asks Cori Crider, director of Foxglove, a campaign group dedicated to challenging the excesses of tech giants. “This is a company who, at the start of the pandemic, had no track record of working with healthcare staff. They’re not a healthcare company. They weren’t a health data company. They were essentially a tech company who supported spies, police, the military and border forces.”
Just before the deal was announced in mid-November, the Doctors Association UK (DAUK) sent a letter urging the government not to hand the deal to Palantir. The letter was signed by 149 physicians, including Sir Richard Thompson, former chair of the Royal College of Physicians and Dr Helen Salisbury, a GP and member of the BMA board. Below are a few choice excerpts, though the letter is worth reading in full, especially for UK-based readers:
We understand you are due to sign a £480 million contract with Palantir for the Federated Data Platform (FDP). This would be the largest NHS data centralisation project in history. Many of us have worked in the NHS long enough to witness previous, expensive NHS IT projects – from Care Data to General Practice Data for Planning and Research (GPDPR) – fail. These projects failed because of patient distrust. We urge you to take immediate action to prevent history repeating itself…
1. Ensure patient trust – seek patient consent. The FDP can only succeed if it maintains public trust in the health service by ensuring patients have a say in how their data flows into it and is used within it. We are concerned by recent flip flopping about whether patients can opt out of sharing data in the FDP for uses beyond their direct care. Health ministers initially said reforms to patient choice and clarity around the application of opt-out within FDP was a high priority for NHS England. The FDP FAQ on the NHS website originally said the National Data Opt Out (NDOO) would apply to relevant data in the FDP. It was later updated to say patients cannot opt out of sharing their health data with the FDP at all, even for uses beyond their care. The FAQ says this is because patient data will go through an ‘anonymisation’ process. However, given the data in a patient’s NHS record is incredibly detailed, we are concerned it could be re-identifiable even after anonymisation.
Polling from YouGov… is a good temperature check on these plans. It found that almost half of adults in England who have not yet opted out are likely to do so should the Federated Data Platform be introduced and run by a private company. That would be disastrous for the NHS.
2. Ensure patient trust – choose a trusted partner. We urge you to consider whether Palantir is the most suitable, trustworthy and fairly procured supplier for the FDP… Palantir has a controversial reputation and has been heavily criticised for its work. with military, security, intelligence, and police agencies…
Palantir’s leaders have made public remarks that alarm us. Palantir chair Peter Thiel told the Oxford University Union that British love for the NHS was “Stockholm Syndrome” adding: “In theory, you just rip the whole thing from the ground and start over”. Last Sunday, Palantir’s CEO Alex Karp told the BBC, when asked whether data in the FDP could be sold in the future: “by the UK government, not by me. I don’t have the ability to do it”.
Nick here: Coincidentally, as we reported a few weeks ago, Tony Blair, who during his time as prime minister burdened the NHS with crippling, extortionate PFI loans, has been calling for the NHS to sell off its patients’ health data, “to fund cutting-edge treatments” and raise much-needed money for the health system. As I noted in that piece, what Blair is proposing is almost certainly a rotten deal for NHS patients but it could further enrich the principal donor to his TBI foundation, Larry Ellison, the owner of tech giant Oracle, which is trying to become the world’s most important online medical data company using its cloud technology…
Continue reading on Naked Capitalism
Nick Corbishley 