But the article touches on the biggest issue with Palantir, which is that they seem to be completely fine with allowing law enforcement agencies to use their software for parallel construction, which is in my opinion a pretty egregious violation of the 4th amendment. Although it may be constitutional for police departments to purchase data from e.g. Facebook or some data broker, even local police departments are known to employ dragnet-style surveillance through things like Stingray devices. Of course we have a number of three-letter agencies, also Palantir customers, who don't even need to pretend that they're following the 4th amendment.
Since Palantir is essentially enabling the construction of all the tools required for a complete surveillance state, and actively using their tools for that purpose for financial gain, I think that makes them one of the least ethical companies in tech. I certainly wouldn't be able to live with myself if I knew I was writing software with the explicit purpose of being able to track down rebels in Yemen, catch illegal immigrants, and violate the constitutional rights of millions of Americans.
Prevent the police state by building the police state.
That being said: the PATRIOT act and NSA's PRISM program have shown just how blatantly the US Govt. can abuse individual privacy and rights so I don't think its a good idea. Weak crypto using backdoors is just a terrible idea period.
I guess what I'm trying to say is that the logic make sense in principle even though in practice it wouldn't work that way.
"The logic" in this case is a proposition about how beings behave. That is, "We can build the largest prison system in history, give law enforcement unlimited surveillance powers and not expect massive injustices." That is simply wrong. Human beings are not like that.
Perhaps open-source licenses should explicitly exclude use in certain applications. Even if not legally enforceable, it would serve as a constant reminder to developers who DO work in these fields of what they are doing.
What am I saying? Most of us still have no idea.
This raises some good points, but that was to be expected as licenses are a tricky business.
I do think our profession needs more awareness of ethics, and a usage suggestion (rather than an order) in the license of software may be a good start.
I wonder if Palantir has any similar policies?
Law enforcement uses that data to acquire admissible evidence of the perpetrators' crimes. This is the crucial step, because although the original evidence couldn't be admissible in court due to its collection without a warrant, it can be used to acquire more evidence. If the warrantless surveillance includes information such as the time and place of where you plan to commit a crime, law enforcement can stop you for a random check on the way there, giving them actual evidence for prosecution. Now that evidence can be used in court, even though the only way law enforcement were able to acquire it was through unconstitutional practices.
The thing about Palantir is that it needs big data to work. Police departments don't just have random chunks of data lying around containing large numbers of connections between large numbers of people - they might have something like that for something like suspected criminal gangs, but that wouldn't be enough data to make Palantir's software worthwhile. So acquiring the data necessary to use Palantir's software requires mass data collection. Some of their mass data collection techniques may not require a warrant, such as using license plate captures, but some does, such as who you're calling.
So does Palantir perform warrantless surveillance themselves? To my knowledge, no. But when they sell their software to law enforcement agencies, they must know that the only way their customer could get bang for their buck is through mass surveillance. In my opinion, the person willingly and knowingly selling tools for oppressive purposes holds a lot of blame for the actual oppression that occurs as a result.
- In our software that we deploy to police departments, generally the origin of any piece of information is tracked, as well as when it was entered and by who. The intention with this is to prevent this (and other) kinds of abuse. Malicious users can still abuse the system and do a parallel construction e.g. outside of our system or maybe in a way that the two actions (finding non-admissible data and finding admissible data) seem unrelated, but at that point they would be spending quite a bit of time and criminal energy on this. I don't think this would happen commonly for a variety of practical reasons (but ultimately there's no way to completely prevent it).
Ultimately trust in the government and that law enforcement (in the various shapes and forms it comes in) is a force for good and prevents many bad things from happening every single day, is at the heart of the palantir philosophy. If you fundamentally think the government is evil, palantir would probably not be the workplace for you. But once you see all of the bad things LE can prevent thanks to our software, it becomes pretty easy to believe in, even if individual bad actors exist (and always will), like racist cops, cops that abuse their power, etc.
- If the organization is acquiring warrantless surveillance, then this generally means that there is the legislative base for them to acquire the data in the first place. What this looks like varies from country to country, some countries are much stricter with the regulations than others. So for instance in some countries it is not allowed to get information from a suspects public facebook profile, whereas in other countries this is considered A-OK. Especially in europe these things have recently become much more strict with GDPR (and similar rules that apply to government entities). You'd think that be a downside to palantir (less data = less value?) but actually it's a big business opportunity, because our software is the only thing available that is even remotely close in this space to having enough access control 'finesse' that it can enable organizations to be compliant to this law. So this is an area (and competitive advantage) we are investing a lot into -- and typically organizations go from 'completely non-compliant' when we arrive there (e.g. never even deleting data like license plates that are supposed to be deleted after 3 months etc, audit-logging any searches investigators do, limiting search scope, ...) to being fairly or even fully compliant.
Now my personal opinion is that everyone should be able to enjoy great privacy and control over their PII just like citizens of the EU do, so if you live e.g. in the US other another country where the law is lax, you should consider taking political action to change the situation.
Of course we never endorse or support any workflows that are in any way unconstitutional, and we have terminated relationships before with very big government agencies when we had doubt about whether our tools would be used for unlawful purposes.
- The "big data" thing is a bit of a misunderstanding I think -- we have "big data" tools too, but usually these are not of interest to local law enforcement. If you check out our youtube channel you will find some (atrociously old!) videos of the tool that's popular in LLE (https://www.youtube.com/watch?v=yMv3TBxulu4 for instance). This tool is in fact often used with just hand-entered information -- analysts create objects (e.g. persons, links between them) in their investigation. So the data really isn't that big and mostly hand-curated, and the tool works fine without mass data collection (better than with, perhaps). Most of what local law enforcement does with 'big data' tools is to generate reports like crime statistics.
"Police departments don't just have random chunks of data lying around containing large numbers of connections between large numbers of people" -- actually, they really do! Any police department of any size that has existed for a while will have a database with millions of convictions, suspects, court-cases etc in them. Usually on some crufty mainframe or in some crufty old SQL database that contains a lot of terribly inconsistent data (dead links, data duplication, etc.) Also sometimes some of this data is shared between countries, states etc. You can find some videos on youtube of our CEO talking about the challenges of data integration and such.
Ultimately of course there is a general statistical trend (belief?) that 'more data is better', because if there is more and more complete data, you have a bigger chance of finding that connection between e.g. a terrorist and some billionaire who might be funding said terrorists, etc. At least up until a point (at which the data probably becomes just too noisy/hard to deal with, because every individual piece of information carries very little meaning. At least the NSA seems to subscribe to this belief according to their public statements, and I'd think if anyone knows about this stuff, it's them) and assuming you have the necessary CPU power and talent (data scientists) to actually do something useful with this data. Local law enforcement orgs like police generally lack the latter. In police departments, most users are only sophisticated enough to run searches for things like names, SSN, number plates etc, really.
- We generally know a lot about how our software is used at most of our installations, and almost always actively take steps to prevent abuse (auditing etc). Most government organizations will not let us see things like what their analysts exactly searched for (because that is obviously sensitive information) but we do a lot of work to help organizations prevent abuse and insider threats at a higher level. As mentioned above, we have taken action in the past in situations where we suspected abuse. It's on a case-by-case basis, of course -- imagine if there is e.g. one analyst abusing the system, then that analyst getting fired/reprimanded would probably be sufficient action (obviously this is not in our responsibility), but if we suspect systematic abuse or we see signs of repeated abuse without repercussions, then we might pull out completely.
"Ultimately trust in the government and that law enforcement ... is a force for good and prevents many bad things from happening every single day, is at the heart of the palantir philosophy."
Trust is built on transparency, accountability, responsibility.
Can I make FOIA requests to Palantir?
In some of the more liberal countries the things we do with the government are even part of public record and you can find contracts and services we provide them etc documented online without having to do any kind of request.
Of course palantir has no input on that in any way. Certain government agencies and activities are excepted from FOIA (and for very good reasons), but if you think it should not be that way (or that the rules should be different) then you should take political action.
Palantir is software deployed for specific customers. The customers then use Palantir against their data and publicly available data.
- FOIAs cannot be used to obtain specific information about persons, this kind of information is protected. In the EU under the GDPR however, you can get some of this information (about yourself only) -- but I think law enforcement agencies are probably exempt from this (not sure, but would make sense.)
- Our software does not make decisions on who is or is not a criminal in an automated fashion (or indeed any fashion). In fact, law enforcement can not make such a decision at all, ever -- only a judge in a court can deem you a criminal. Law enforcement can merely decide that you are a suspect. (And again, this is also not something our software (or any software anywhere) decides in an automated fashion.) So there isn't really a 'chain of reasoning' here
- When you actually ARE accused of a crime (this would happen in a court, and only if there is substantial evidence against you), you will be told what the crime is and why you are suspected of the crime. Thus the 'chain of reasoning' will be presented to you, and be available for verification by anyone participating in the court case (including, depending on country, e.g. a jury)
In another similar case, someone issued a citation for speeding by an automated camera system requested the source code for the firmware running on that system. The court greed this was a reasonable request, and they issued a court order demanding the police department turn it over. The police went to the company they got the device from and found that they had no right to request the source. They had no right to know how the system they'd purchased and were using to charge people with infractions even operated. I expect this would be what would happen with Palantir.
NO! The ends don't justify the means. If we give up our freedoms, LE can prevent a lot of bad things. But it isn't worth it.
Abuse of power is one reason we have checks and balances. If I understand correctly, checks and balances and due process are thrown out the window. And the justification is simply that LE prevented some bad things... But at what cost?
This is disingenuous at best this is a tool for surveillance and its misuse in public life is more obvious than the advantages it might bring. People will naturally distrust a government that spies on them constantly and that has nothing to do with good or bad government.
There is an episode of black mirror on the mother who surveils her daughter constantly if the mother is good why do we feel disgusted by her attitude?
I applauded apple for publicly denying the government a backdoor in their phones.
Everyone knows the various forms of law enforcement perform some measure of (and have to, to do their job) surveillance. That ranges from e.g. ALPR cameras to patrolling the streets of some city. Most people agree that this is a perfectly acceptable thing. Do you think instead the police should be abolished? Or stripped of their investigative or enforcing power? I don't think most people would actually enjoy living in whatever society would result from this.
Of course the exact boundaries of what is acceptable and what is not should be fiercely debated.
What makes most people uneasy, and especially those of us who work in tech, is that many police departments and 3 letter agencies have routinely abused the trust that people put in them. If you want the citizenry to have trust and faith in law enforcement, they have to demonstrate a desire to not break constitutional rights when they deem fit to do so.
I genuinely don't understand why these agencies wouldn't try to build a good relationship with the citizenry they are supposed to be protecting. It often seems like we live in a very dangerous society and everything we say or do is being monitored by someone and may be used maliciously. That itself is a very terrible thing to live with.
Every one of those agencies has had, in their history, at least some cases of individual abuse (e.g. one particular individual abusing their power). This is unavoidable (because these agencies employ humans, and humans are assholes sometimes) but as long as the situation is appropriately handled at the organizational level (the responsible party is reprimanded in an appropriate way, e.g. let go, tried, ... and practices and protocols are put into place to deal with and prevent these kind of situations) this is OK, because the agency operating is still a net win for humanity.
Most people who are paranoid about these kind of things are so because the media loves to pick up these stories and hype them up and spread fear -- but I don't think it's that much of a problem.
The thing that's really a worry (and that media usually does not report on) is when abuse happens in a systemic fashion, e.g. agencies bending the interpretation of the law to extend their reach. Incidentally, this is exactly what palantirs software is designed to help with, because it can actually enforce these rules.
Perhaps a systemic fear of Government overreach is embedded in the DNA of the American people. I would argue that a healthy criticism is very important; but paranoia can be dangerous and unproductive.
> Or stripped of their investigative or enforcing power?
So it's either all the power or none of the power? This is a logical fallacy you are creating a duality for something that does not exist. The police is not the same as your software like you implied. I'm against the government spying on their citizens even with good intentions. See the black mirror episode since it demonstrates where problem lies, it's not in good intentions, it's in the control.
Does this software help the government to spy on their citizens? Yes.
Should the citizens have a say in if they want this software to be used for their data? Yes, why don't they have say?
Can we live without this software? Yes, like we've done so far.
Is this software helpful in a police state? I would say it's the most valuable software for a police state.
Let that sink in for a moment, folks. Then go back and read this other part.
> trust in the government ... is at the heart of the palantir philosophy
So, at Palantir they trust the government that they know is trying to use their product unlawfully. With all due respect, I think many of us are a little more sparing with our trust.
That doesn't contradict the belief that law enforcement is necessary and good.
why is that a bad thing?
If the crime is victimless (such as any drug usage "crime"), then the issue isn't with the police, but with the state defining what "crime" is, and that definition doesn't align with the people's definition.
It's like billboards vs. targeted ads. Both have the same effect (pushing you to buy stuff), but the latter cuts out all the noise.
What I can do is use surveillance tools to find a way to effectively entrap you, to gather evidence. Think of it like a tip-off that you're not allowed to have.
Palantir specialises in providing tools to analyze and aggregate big data. If law enforcement has an interest in it, it's probably for dragnet-style surveillance. The problem is that the 4th amendment means there must be reasonable suspicion before the investigation can begin.
Most dragnet-style surveillance is incompatible with the 4th amendment. So law enforcement has to construct a reason for investigating the case that they should never have been investigating.
I too have a problem with business models that invade our privacy. But I think it’s a bit disingenuous to conflate “private information” with information that you voluntarily posted on the internet.
Whatever happened to educating people that what they post on the internet is permanent? Dragnets over public data are a symptom of the real problem, which is lack of user education and understanding of what data they generate and share.
What if somebody is arrested and happens to have a very convenient data set on a lot of people, such as data used for marketing purposes. Is it okay if those people are stopped and searched on the basis that somebody else held data about them and the police have supposed that 10% of the clients are suspected of criminality?
Normally there is supposed to be evidence that the crime took place before an investigation can begin.
If law enforcement starts with the evidence and then look for the crime that fits it, that's something different.
Palantir goes to the agency and says, "Give us data and we'll give you "actionable intelligence".
You know, back in the 90s and early 2000s, the term "data mining" was perjorative. Financial operators would look through their mass of data for correlations and sell them to people who would discover that they didn't actually work.
1) yes, the LE do already have the data.
2) agencies don't 'give' data to palantir, law enforcement data almost always lives in air-gapped environments it cannot leave in any way (or only in highly restricted ways)
3) we don't 'give' actionable intelligence, we just provide tools for analysts to generate such data. Palantir is a company of software engineers, not of intelligence analysts.
Are you are also cool with companies in the past hiring pinkertons to kill people also - because that's where your argument is leading.
Corporations take an interest in tracking people only to stratify them into groups suited to specific ad strategies. The worst their errors will do is pepper your browser and email with bad ads.
Not so with Palantir when their tracking data can misguide police departments, credit agencies, and even your employer into making your life a living hell. Surely any company with that much power must be held MUCH more accountable than they are now.
Facebook on the other hand is actively collecting the data. Without Facebook that database does not exist. In my mind that makes them far worse.
I think that any company that works for the government to any degree is considered part of the government and is bound by all rules a government agency/employee would be.
Government pushes lots of compliance down in contractors and state government, but tends to not push down transparency requirements.
Ergo, can we all refocus this discussion of universal privacy rights violation on my partisan social group interests?
>The 1920s was the last time one could feel “genuinely optimistic” about American democracy, he said; since then, “the vast increase in welfare beneficiaries and the extension of the franchise to women—two constituencies that are notoriously tough for libertarians—have rendered the notion of ‘capitalist democracy’ into an oxymoron.”
"I had hoped my essay on the limits of politics would provoke reactions, and I was not disappointed. But the most intense response has been aimed not at cyberspace, seasteading, or libertarian politics, but at a commonplace statistical observation about voting patterns that is often called the gender gap.
It would be absurd to suggest that women’s votes will be taken away or that this would solve the political problems that vex us. While I don’t think any class of people should be disenfranchised, I have little hope that voting will make things better.
Voting is not under siege in America, but many other rights are. In America, people are imprisoned for using even very mild drugs, tortured by our own government, and forced to bail out reckless financial companies.
I believe that politics is way too intense. That’s why I’m a libertarian. Politics gets people angry, destroys relationships, and polarizes peoples’ vision: the world is us versus them; good people versus the other. Politics is about interfering with other people’s lives without their consent. That’s probably why, in the past, libertarians have made little progress in the political sphere. Thus, I advocate focusing energy elsewhere, onto peaceful projects that some consider utopian."
Historically, this ideology has had some very bad consequences.