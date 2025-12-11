Today we follow-up on our recent foray into Tech Bro™ Peter Thiel’s (sick) mind and talk a bit about the ‘devastating security risks’ associated with his evil brain-child, Palantir.

We’ll do this as the Swiss Army just rejected the offer™ of Palantir’s Asset Readiness suite (a fancy term for an AI™-powered correlational database analysis model) due to significant, if not outright ‘devastating’ risks to privacy.

And then there’s the entire angle of (predictive) policing, the massive shift of power away from the judiciary towards the investigational branches of the executive (police forces), and—much like the cherry on top—the problems deriving from long-term contracts without transparent price tags, potential in-house (at the Swiss Army) staff of Palantir, and the lingering, if never dispelled, notions of long-term (unending) ‘updates’.

In short, what follows, courtesy of Netzpolitik.org, an independent webzine of critical IT specialists, relates an ongoing shitshow of gargantuan proportions that has so far been mostly hiding, albeit in plain sight, from the citizenry.

Constanze Kurz holds a doctorate in computer science and is an author and editor of several books, most recently Cyberwar. Her column ‘From the Engine Room’ [orig. Aus dem Maschinenraum] appeared in the feuilleton section of the Frankfurter Allgemeine Zeitung (FAZ) from 2010 to 2019. She lives in Berlin and is a volunteer spokesperson for the Chaos Computer Club. She served as an expert for the German Bundestag’s Enquete Commission on ‘Internet and Digital Society’. She received the Tolerance Prize for Civil Courage and the Theodor Heuss Medal.

Translation, emphases, and [snark] mine, as is the below-related content.

Palantir Software Poses Devastating Risks

After a risk assessment of using Palantir software in Switzerland, the US corporation was turned down, despite years of courting authorities and the military. The Swiss consider the risks too high. This raises the question of why Palantir software is considered good enough for German police forces. Interior Minister Dobrindt will have to answer it.

By Constanze Kurz, netzpolitik.org, 8 Dec. 2025 [source; archived]

Palantir’s CEO, Alex Karp, also resides in a property in Switzerland. The US tech company has been expanding its analytics software business into Europe for several years. What could be more logical than offering Palantir systems to the Swiss as well? That’s precisely what the company, which has close ties to the military, tried to do for years—but without success.

This was reported by the Swiss magazine Republik. In a compelling analysis based on 59 requests under the Freedom of Information Act [that’s US lingo, the Swiss legal term is Öffentlichkeits­gesetz], journalists have traced how the corporation Palantir ingratiated itself with public authorities to sell its software to the Swiss federal government and military. Palantir CEO and billionaire Karp even personally visited the Swiss government, receiving then-Chancellor Walter Thurnherr [so far, business-as-usual].

The analysis also includes a 20-page internal evaluation report by the Swiss army [I’ll provide some snippets from that report, dated 4 Dec. 2024, below]. This report outlines the advantages and risks of using Palantir [specifically its ‘Asset Readiness’ suite, about which we’ll also talk ‘more’ below], which ultimately led to the rejection of a partnership with the company. The military experts conclude that a data leak from Palantir systems cannot be technically prevented [let that sink in: the flagship tech™ corporation is, in Yuval Harari’s infamous terminology, ‘hackable’, and this cannot be avoided].

This, however, casts doubt on the oft-repeated claim by police in Germany that a leak of internal police data is technically impossible. It is likely based on mere assurances from the US corporation, rather than on technical facts. This is because the software is proprietary, making technical insights into it extremely limited [it would have to be, then, that German police is merely parroting Palantir’s talking points about the merits of the product].

The four German state police forces and their interior ministers, which have entered into contracts with Palantir, appear once again ignorant of the serious risks associated with cooperating with the company: North Rhine-Westphalia, Hesse, Bavaria, and now also Baden-Württemberg.

Thumbs Down for Palantir

Palantir software, as used by German police forces, connects heterogeneous databases and analyses relationships between data points or patterns within them. Previously fragmented data is thus merged. This makes, for example, connections between people visible or geographical movements trackable [basically, it’s an AI™-enabled detective team, which also renders police a profession endangered by AI™].

The evaluation report states the following regarding the risks to the data entered into the Palantir systems:

Palantir is a US-based company where there is a possibility that sensitive data could be accessed by the American government and intelligence agencies [Cap’n Obvious, sir, reportin’ for duty].

The military’s risk assessment points to further problem areas that the police Palantir contractors in Germany tend to downplay. The Palantir software leads to dependence on the US provider, particularly on highly qualified external personnel [it’s literally the same with combat aircraft supplied by the US, such as the F-35, which also comes with ‘maintenance services’ and ‘software updates’ (dependencies)]. It remains unclear whether Palantir’s technical specialists will be permanently required on-site for the implementation, operation, and maintenance of the systems [I would not be surprised, because that kind of business model—think Microsoft’s Office 365 or Adobe’s suite of applications—is perfect for the bottom line: continuous payments are ensured, the company may never go broke (unless gov’ts also get broke, but that’s a hypothetical), and both become ‘too big too fail’].

The report also warns of a potential loss of data sovereignty and national control. Furthermore, the cost risk is difficult to estimate due to the lack of price lists [an Office 365 subscription has a price tag, but Palantir’s product doesn’t? Hmmmmmm, wouldn’t that be something a publicly-listed company would have to disclose, formally speaking, to the regulatory authority (the SEC)? Here’s Palantir’s latest 10Q filing for 3Q/2025, which we’ll similarly discuss below]. This applies to software implementation and customisation, data migration, license fees, and maintenance costs. Precise figures can only be determined through direct negotiations [isn’t this the best neoliberal thing ever? I mean, individual price tags for different customers buying™ the same product?].

The report also addresses the significant privacy intrusions resulting from the comprehensive data collection and analysis. Discrimination is another concern, as it is possible that certain individuals could be unintentionally targeted due to statistical correlations.

The report moreover criticises the potential for unintended targeting of specific individuals and intrusion of privacy. The Swiss Federal Office for Defence Procurement examined the use of Palantir software for a specific software system, the ‘Information Technology System for Military Intelligence’ [orig. Informatiksystem Militärischer Nachrichtendienst] Predefined criteria from the tender were available for this purpose. Palantir’s offer did not meet one of these criteria. However, the office refused to disclose to journalists which criterion was in question. The published letter on the matter consists almost entirely of redactions [it reads™ almost like the Covid poison/death juice contracts as they were originally released™; as an aside, that letter is dated 24 Feb. 2020, i.e., it’s almost six years old at this point and that factoid alone begs questions of transparency in federal republics as well as—what TF went on between then and now?].

Does [German Interior Minister] Dobrindt Accept these Risks?

The Swiss decided against using Palantir products. It was too great a risk for them. The recommendation is brief: ‘The Swiss Army should consider alternatives to Palantir.’

The report dates from early December 2024. Since then, the US provider, founded in 2003, has intensified its extremely close ties to the Trump administration and provided media access [sic] through interviews with Karp. While the same software has been used extensively by US intelligence agencies and the military in war zones for years, since its IPO in 2020, Palantir has grown into one of the largest US tech companies [at this point, it’s fair to consider the lines between either the US gov’t, its ‘intelligence community’, and Palantir (as well as subsidiary contractors) blurry at best—and outright corporatist/fascist in terms of the amalgamation of public (sic) and private interests].

If the Swiss consider the risks of cooperation regarding data sovereignty and even long-term dependence, digital sovereignty, data leaks, and infringements of fundamental rights to be so significant, the question arises as to why the German state police forces and interior ministers have reached a different conclusion. It remains their secret [please allow me to ‘splain this factoid: Germany remains an occupied country, the Berlin gov’t is many things but sovereignty isn’t one of its attributes, and all the above-related aspects allow the occupiers to continue their control with a much smaller physical footprint (US troops stationed on ‘German’ soil); the same applies to the rest of NATO-controlled territory as there are certainly interfaces between, say, German IT systems and those of its NATO Allies™].

German Federal Interior Minister Alexander Dobrindt (CSU) has so far refused to acknowledge these facts. He does not rule out the introduction of Palantir products into the federal police forces. His planned ‘security package’ includes so-called automated data analysis, which would allow federal police forces to automatically access and analyse their databases [which so far isn’t done because, under the rule of law (as commonly understood), doing so requires a warrant signed by a judge; with these policy changes, the German judiciary is poised to become even less independent than it already is—as the introduction of Palantir Asset Readiness provides reams of correlational data to the investigational branch (the executive), which puts the judiciary at a massive disadvantage when it comes to learning about the truth in a public court of law].

If he were to cooperate with the US corporation on police data analysis software, millions of data records, including those of completely innocent individuals, would be exposed to these now [sic] well-known risks. But Palantir should have actually be ruled out as a potential partner from the outset, because it is incompatible with the much-vaunted concept of ‘digital sovereignty’ [I suppose all it takes is one EU/NATO member-state and most data will flow to Palantir/the US]. Even with a loose interpretation of ‘digital sovereignty’, the US corporation’s proprietary software solution cannot be considered acceptable.

‘More’ About Palantir (Asset Readiness)

As mentioned in one of the snarky quips above, Palantir is a publicly-traded company, which means they must file a myriad of forms with the Securities and Exchange Commission. Among the most interesting (and relevant) of these forms is certainly the quarterly reporting via form 10Q—which is also why those who read these filings knew, for instance, that the Covid poison/death juices were considered ‘experimental gene therapy’ as recently as summer 2020—and here are two pertinent pages from Palantir’s latest 10Q filing for 3Q/2025 (pp. 37-8); I’ve highlighted some of my personal favourite risks listed below, but do let me know in the comments what your take is:

Consider buying a new car that comes with such a laundry list of issues™—would you buy from such a manufacturer?

Let’s move on to the Swiss Army report, however briefly, and look at its key findings (Zusammenfassung, or summary, on pp. 3-4):

Operational Deployability with Asset Readiness The Asset Readiness module offers companies and organisations a comprehensive solution for efficiently managing their resources and equipment and maximising their uptime. The platform combines powerful data integration, real-time monitoring, and intelligent [sic] analytics to optimise operational processes and enable informed decision-making. Fragmented data sources are consolidated in a central platform that provides reliable and traceable information. Key features include the creation of a digital twin, which delivers a holistic representation of all resources and processes [basically, Palantir creates an ‘avatar’ based on all available data, hence the blablabla repeating the same nonsense]. 360° views provide users with detailed insights into the condition, usage, and maintenance history of individual components, devices, or entire fleets. Automated reports and interactive analytics support the planning and execution of maintenance, resource allocation, and bottleneck prediction [ever read more brain-dead corporate boilerplate PR blabber? As an aside, Palantir’s Asset Readiness website includes a link to their ‘white paper’, which links to this website with the following disclaimer: and I submit to you the totally un-ironic *wink*wink* quip that this is exactly why the Swiss Army said, ‘thank you, but no, thank you’ to Palantir]. Costs for the software solutions vary considerably. One-time costs, including implementation, customisation, and data migration, can amount to several million euros, depending on the project. Recurring costs include license fees and maintenance, often tiered according to the number of users and functionality. The North Rhine-Westphalia police, for example, paid €22 million for a five-year license, plus an additional €660,000 to €1.1 million annually for maintenance and support [Switzerland’s budgetary situation is way better than Germany’s, by the way]. Overall, projects can become significantly more expensive than planned due to high security requirements and data quality demands. Despite the advantages, there are also challenges [do tell]. Palantir Asset Readiness relies heavily on the [a] availability of high-quality, real-time data, the provision of which can be problematic if, for example, the communication systems required for data transmission are unavailable or if there are risks from SIGINT (Signals Intelligence) threats in the operational area [in other words: what Palantir offers is neither unique nor are there obstacles to have alternatives; think of Palantir like a stock broker: your investment funds are there, as is the stock market, and Palantir essentially offers a service-for-hire with fees and disclaimers discounting their liabilities: what can will go wrong (here’s looking at the US gov’t, intel community, etc.)]. [b] Sensors and IoT [internet-of-things] devices are also necessary to monitor the condition and availability of resources. Furthermore, there are [c] strategic challenges, such as dependence on a US-based provider, which could potentially lead to a loss of data sovereignty and national control. [d] Data protection laws and ethical considerations exacerbate these issues, as comprehensive data collection and analysis may infringe on privacy and thus raise legal and ethical questions. Recommendation The Swiss Army should consider alternatives to Palantir. European companies offer comparable solutions and are more familiar with data protection and security requirements. Examining open-source options or developing and integrating in-house data analytics platforms could be ways to maintain control over critical systems and reduce dependencies. This development should not be undertaken in isolation, but rather with partners who appear open, trustworthy, ethical, and sovereign, in order to ensure secure, sustainable, and productive collaboration [these are all attributes that Palantir is decidedly *not*]. [here follows a redacted paragraph] In this context, the following key questions, among others, need to be addressed: [a] how is the Army’s technological independence guaranteed, and [b] how can the protection of sensitive data be assured? [c] Which alternatives to external providers strengthen sovereignty and minimise risks? At the same time, [d] the ethical and legal compatibility of external solutions, as well as their [e] long-term cost-benefit ratio, must be evaluated. Finally, [f] geopolitical risks and strategic dependencies in international collaborations must be critically analysed to develop a sustainable and independent strategy. For the reasons stated above, the experts recommend against using solutions from Palantir Technologies Incorporated. The issue of operational readiness will be addressed in 2025 within the framework of the Army’s specific AI strategy through Army planning.

And there you have it, in writing, straight from the horse’s mouth: Palantir Inc. is the opposite of ‘open, trustworthy, ethical’.

Bottom Lines

I just read that Rep. Thomas Massie introduced a (certain-to-fail) bill to abrogate the NATO Treaty, which provides at least the figment of illusion that the US will, in the event of a non-US-orchestrated Art. V event, come to help™ its allies™.

Notwithstanding the dead-on-arrival quality™ (sic) of that legislation, and notwithstanding my personal sentiments about NATO (the EU or the US for that matter), I suppose everybody understands what NATO is—a ‘paper tiger’, or ‘brain-dead’, as Macron put it before Covid.

It’s one of these ‘everybody knows’ moments, with the Swiss Army’s damning verdict of Palantir’s products™ functioning akin to a revelation to everybody.

I suppose that everybody with more than one functioning brain cell—which, obviously, excludes most politicos™ and experts™, esp. in the EU, NATO, and in the US gov’t—is similarly reading these publicly available assessments.

It’s therefore obvious that Palantir’s main function is—to vacuum up all data collected by the US’s ostensible allies™, pump them, via third parties and/or other contractors, to the apparently increasingly rogue US (sic) intel community.

The implications are as obvious as they are damning, esp. for the European (and Canadian) peoples: the ‘best before’ date of stationed US troops and/or other assets (spooks, intel people, sensors, etc.) has run its course, and I suppose that it’s only fair that the continued presence of US forces has become a significant, and growing, security problem.

Needless to say, it’s fair to assume that the US gov’t knows this; after all, Palantir is basically one of the CIA’s outsourced signals intel providers.

So, if Rep. Massie wishes to end the NATO Treaty, it may in one or another form actually fly, if only because the US gov’t is aware of the fact that with all the data (kompromat) vacuumed up by Palantir and its other contractors, the need for permanently stationed US forces diminishes drastically.

And that’s merely the geopolitical aspect—in terms of domestic US politicking, withdrawing troops and ending NATO may be an election-changing move as in, ‘look, we’ll end NATO commitments and bring the troops home, thereby saving the American taxpayer countless billions of dollars’.

That’s, of course, technically true enough, though esp. Germany and Japan—which is notably absent from the NATO ruckus—actually pay for the US troops stationed there.

Hence, even with NATO potentially ending formally, some US troops will remain in both countries to keep German (and Japanese) ‘contributions’ going.

Plus ça change, plus c’est la même chose (’the more things changes, the more they stay the same).