How Britain is sleepwalking into an Orwellian data state
Dr Raj Joshi
- Published
- Opinion & Analysis
From policing and healthcare to migration and defence, advanced analytics is increasingly becoming embedded across the British state. Dr Raj Joshi argues that existing legal safeguards were not designed for this new era of data-driven governance, and that the consequences for privacy and democratic accountability could be profound
Earlier this month, the Mayor of London took the extraordinary step of blocking a £50m contract between the Metropolitan Police Service and Palantir Technologies. His reasons were stark: serious procurement failures, lack of competition, inadequate value-for-money justification and failure to consider ethical and human-rights implications. City Hall also questioned whether Palantir’s global activities, including its publicly acknowledged work with the Israeli Ministry of Defence, aligned with “the values of our city”.
The Met called the decision “disappointing”. Yet the Mayor’s intervention highlighted a wider concern: How did Britain reach a point where a US defence-analytics company, openly supporting a foreign military campaign, came close to becoming the data spine of its largest police force?
To answer that, we must look beyond the headlines, and back to George Orwell’s 1984.
Orwell imagined a future in which the state’s power rested on its ability to watch, record and interpret every aspect of human life. What he could not have foreseen is that some of the most sophisticated surveillance capabilities would be developed by private corporations and then integrated into the state’s most sensitive systems.
No company exemplifies this development more clearly than Palantir Technologies, whose software now underpins policing, healthcare, defence and migration systems across the UK. Palantir insists it merely integrates data. The concern lies in the concentration of power and visibility that such systems can create.
One issue that has received increasing attention is Palantir’s documented work with Israel.
Palantir’s CEO, Alex Karp, has publicly confirmed that the company provides technology to the Israeli Ministry of Defence. In interviews, he has stated that Palantir is supporting Israel’s military operations and working closely with Israeli defence institutions during the war.
The work, as Palantir has described it, includes battlefield-adjacent data integration, operational analytics and AI-enabled decision-support tools. These are the same categories of technology the company markets to Western militaries and police forces.
For the UK, this raises important questions about ethics, alignment and democratic accountability. The country’s largest police force nearly entered a long-term contract with a company actively supporting a foreign military campaign.
The difficulty is that Britain’s legal safeguards were largely developed for an earlier era of surveillance and data collection.
The UK GDPR, the Data Protection Act 2018 and Article 8 of the European Convention on Human Rights form the backbone of Britain’s privacy regime. Much of the constitutional substance, however, comes from the courts.
In Bridges v Chief Constable of South Wales Police [2020] EWCA Civ 1058, the Court of Appeal held that intrusive technologies require a “clear and sufficient legal framework” and warned that the police must not be left with “too broad a discretion” when deploying them. The court stressed that the rules governing such systems must be “sufficiently foreseeable and accessible” to satisfy Article 8.
In Catt [2015] UKSC 9, the Supreme Court held that police retention of personal data must be “necessary for a policing purpose” and subject to “effective safeguards against abuse”.
In Wood [2009] EWCA Civ 414, the Court of Appeal recognised that even low-level data collection can breach Article 8 where it creates “a chilling effect on the exercise of lawful activities”.
In GC [2011] UKSC 21, the Supreme Court held that data retention must not be “indiscriminate” and must be justified by a “pressing social need”.
These are constitutional boundaries designed to limit state intrusion and protect individual rights. The increasing use of large-scale data integration systems places those safeguards under growing pressure.
The tension between those principles and modern data-driven policing becomes particularly clear when examining how Palantir’s technology has been used by police forces.
In 2025, investigative reporting revealed that police forces in the East of England were using Palantir’s platforms to build a real-time data-sharing network incorporating some of the most sensitive categories of personal information, including political opinions, trade-union membership, health data and sexual orientation.
More concerning were documents describing the use of analytics to identify individuals “about to commit a criminal offence”.
Such approaches move policing towards prediction rather than investigation. Orwell warned about the dangers of authorities scrutinising citizens not for what they had done but for what they might do.
Popular culture has explored similar themes. Steven Spielberg’s Minority Report, starring Tom Cruise, depicted a world in which predictive systems identify “pre-criminals” before any offence occurs. The film was intended as a warning. Yet the technologies it portrayed — real-time data fusion, behavioural prediction and algorithmic suspicion — now bear an uncomfortable resemblance to capabilities being marketed to police forces.
Under Part 3 of the Data Protection Act 2018, law-enforcement processing must be strictly necessary. Predictive flagging of people who have not committed offences sits uneasily with that requirement.
The Bridges judgment is particularly relevant. The Court of Appeal criticised the deployment of a system without sufficiently foreseeable and accessible rules, highlighted the risk of arbitrary interference with privacy, and found that proper evaluation of discriminatory impacts had not been carried out.
Similar concerns arise in healthcare, where Palantir’s role has expanded significantly through the NHS Federated Data Platform.
Palantir’s £330m contract to run the NHS Federated Data Platform is often presented as a technical upgrade. In practice, it involves the centralisation of one of the most sensitive datasets in the country: health records.
Doctors, MPs and civil-society groups have criticised the arrangement as “dreadful” and “shameful”, pointing to limited evidence for some of the claimed benefits, concerns about vendor lock-in, Palantir’s defence-sector background and the potential erosion of patient trust.
Under Article 8, any interference with private life must be necessary and proportionate. In GC, the Supreme Court held that retention of personal data must not be indiscriminate and must be justified by a pressing social need.
Whether the centralisation of health data relating to 56 million people through a company whose core business is intelligence analytics satisfies those principles remains a legitimate question for public debate.
Yet the wider concern extends beyond any individual deployment in policing or healthcare.
The most troubling aspect of Palantir’s expansion may be the opacity that surrounds many of these deployments.
A former employee has argued that aspects of Palantir’s public messaging foster a culture of opacity, making it harder to understand, scrutinise and challenge the company’s activities.
When private corporations become part of the informational infrastructure of policing, healthcare and defence, meaningful scrutiny becomes more difficult. Parliament, the public and, in some circumstances, the courts may struggle to understand how decisions are being made, what data is being processed and where accountability ultimately lies.
This concern goes beyond any individual contract, touching on the broader question of how democratic oversight can function when critical public systems increasingly depend on complex private technologies.
If Britain intends to rely on Palantir and similar companies, the law will need to respond more directly to the realities of large-scale data integration and address the legal and regulatory gaps that currently surround such systems.
That should include:
- Statutory limits on predictive analytics in policing
- Mandatory transparency requirements for high-risk data contracts
- Independent oversight bodies with meaningful enforcement powers
- Restrictions on single-vendor data monopolies in critical public systems
- A public-law duty to consider ethics and human-rights impacts in procurement, and
- A right for individuals to challenge algorithmic inferences that affect them
Without such reforms, power will increasingly be exercised through data systems that operate beyond effective public scrutiny. That is difficult to reconcile with the principles of democratic accountability and the rule of law.
Orwell warned that “If you want a picture of the future, imagine a boot stamping on a human face — forever.” Today, the boot is not physical but digital. And unless we act, it will not need to stamp at all. It will simply know.
Dr Raj Joshi is a senior barrister and prominent civil rights advocate whose career spans frontline legal practice, regulatory reform, and international justice. Twice named among the ‘Top 10 Asian Lawyers in the UK’ and listed in the ‘100 Most Influential Asians in the UK’, he has appeared before major inquiries, including giving evidence in the Stephen Lawrence case, and served as Chair of the Society of Black Lawyers. A former Adjudicator to the Solicitors Regulation Authority, Dr Joshi has advised ministers, helped shape legal protocols, and represented the UK in international legal forums.
READ MORE: ‘UK Biobank and the great British data gamble‘. The UK Biobank breach is a warning shot for Britain’s new data regime, writes Dr Raj Joshi. If a flagship science project can lose control of sensitive personal information, the Data (Use and Access) Act 2025 demands far tougher safeguards.
Do you have news to share or expertise to contribute? The European welcomes insights from business leaders and sector specialists. Get in touch with our editorial team to find out more.
Main image: AI-generated illustration accompanying Dr Raj Joshi’s argument that Britain is sleepwalking towards an Orwellian model of data-driven governance, as advanced analytics become increasingly embedded across policing, healthcare and other public institutions. Artwork: Belters News. Credits: Based on a photograph by Giant Asparagus, via Pexels.
TOP STORIES
-
Why sacred stories keep returning in Western society -
What organisations lose when employees feel they cannot speak freely -
Was inclusion ever more than branding?
-
Britain Is Falling Into the ‘Trump Trap’
-
Why modern Britain is breeding loneliness
-
AI does not need consciousness to manipulate us
-
What can five chaotic virtual societies teach us about AI procurement risk?
-
America’s panic over China risks becoming a self-fulfilling disaster
-
AI firms are paying millions for journalism — so why are many reporters still skint?
-
Is Europe sleepwalking into identity-linked internet access?
-
Britain cannot claim to be united while disabled people still feel invisible
-
Visit Rwanda: How football is helping to tell of a remarkable journey from genocide towards prosperity
-
Should the Church be beyond political scrutiny?
-
Why the future of feminism may no longer belong to the West
-
What history can teach Trump about the Strait of Hormuz crisis
-
Should we be feeding our pets raw meaty bones?
-
Why Sweden is returning to printed books in the classroom
-
Cyprus stakes its claim in Europe’s defence surge
-
Password hell is ending – but the new login future has a terrifying catch
-
Who gets to belong in British politics?
-
This is AI’s greatest flaw
-
Liechtenstein’s stability becomes a strategic advantage in fragmented Europe
-
An attack on Jewish Britons is an attack on us all
-
Forget the workplace — the real AI revolution will change human relationships
-
Diving into… the history of swimming
