During the court proceedings, the head of the Hessian State Criminal Police argued in favor of the way they wanted to use Palantir by citing the successes of the software, known locally as “Hessendata.” In December, police were able to find a suspect implicated in Germany’s attempted coup (when a far-right group was arrested for plotting to violently overthrow the government) because Hessendata was able to connect a phone number flagged through phone tapping with a number once submitted in connection to a noncriminal traffic accident.
That example did not persuade the court that people who are not suspected criminals should be exposed to this software. Almost all these types of systems collect information about innocent people within their databases, says Andrew Guthrie Ferguson, professor of law at Washington College of Law and author of the book The Rise of Big Data Policing. “The linkages are broad and deep and create a web of associational suspicion. That’s their power and their danger. Any country trying to build data-driven surveillance systems is going to run into the over-collection problem.”
The court decision in Germany affects Hamburg, which was about to start using Palantir and now cannot use the company’s software until it rewrites its rules governing the way police analyze big data. Hesse, which has been using Palantir software since 2017, can keep using the platform under strict conditions but must rewrite its local legislation by September.
In other states not directly implicated in the decision, political pressure is growing to cut ties with the company. “The system must NOT be used in Bavaria,” Horst Arnold, a member of Social Democratic Party, said on Twitter. “We would like to point out again that constitutional institutions should not blindly resort to error-prone technologies made by questionable IT companies,” said Green MPs Misbah Khan and Konstantin von Notz.
Palantir, which reached annual profitability for the first time this week, is struggling to replicate its US successes in Europe. “Some countries, particularly in continental Europe, including Germany, have fallen behind the United States in their willingness and ability to implement enterprise software systems that challenge existing habits and modes of operation,” Alex Karp, Palantir’s CEO, said in a letter to shareholders in November 2022.
Despite this, Palantir says it is happy with the court decision. “We welcome the German Federal Constitutional Court’s efforts to provide clarity on the circumstances and ways in which police authorities can process their lawfully collected data to help keep people safe,” says Paula Cipierre, head of privacy and public policy in Palantir’s Berlin office. “Thanks to its high configurability, Palantir software can be flexibly adapted to new legal conditions.”
But the ruling introduces barriers into the way Palantir works. “The state has to make clear what parts of the operating system or what functions they want to use in advance,” says Golla. This will also drag Palantir’s police features out into the open—because police forces will have to publish legislation detailing what they are before they use them.
For Eder, the ruling is a victory, not just for herself but also for the privacy of her clients. She has clients who have been linked to groups like the PKK, “but I also have a lot of just normal people who have a criminal case one time in their life,” she says.
