Full text of reddit post:

I’ll keep this short because I’m genuinely fuming.

I work in tech so I know companies hoard data. But this one hit different.

I know a doctor who mentioned to me that Palantir, the American surveillance company that worked with ICE and the NSA, now has access to “operational data” from our NHS. I thought… that can’t include patient records, right?

Turns out, under the Federated Data Platform contract, Palantir gets access to pseudonymised patient data across all of England. Read this: Medact - Briefing: Concerns Regarding Palantir Technologies and NHS Data Systems

That means my GP visits, my prescriptions, my hospital stays, all of it, flowing through their systems. There’s no consent screen. No checkbox. No “opt out of sharing with a US defence contractor”. Just a quiet government deal worth £330 million.

And here’s the bit that made my blood boil: NYC’s public hospitals just dropped Palantir because of activist pressure. NYC hospitals were sharing private health data with Palantir. And they still walked away.

But the UK? We’re doubling down. Palantir now has over half a billion pounds in UK contracts… MoD, FCA, police forces, even bloody councils.

I tried to find out if I can request my data from Palantir. You can’t. They’re not a “healthcare provider” so GDPR gets weird. But they definitely have a digital shadow of me sitting on their servers.

How is this legal? And what happens when Palantir gets bought by someone worse, or when a hacker breaches their systems, or when the government decides “operational data” suddenly includes names and addresses?

Because “trust us” didn’t work for Google, for Facebook, or for any of the other companies that promised not to be evil.

I’m genuinely considering a subject access request to my NHS trust just to see what they have on me