London: Sensitive citizen and company data could be exposed to the US due to the deal between the Financial Conduct Authority (FCA) and Palantir, MPs have warned.
The US-founded tech company is expected to deploy AI systems to the FCA’s information, including case intelligent files, reports from lenders about proven and suspected frauds, consumer complaints and social media posts, as part of the deal.
The FCA and Palantir are proceeding with a 12-week trial.
Martin Wrigley MP, a member of the House of Commons science and technology select committee, warned that a US law, the US Cloud Act, that obliges tech companies to disclose information to American authorities may apply to the deal.
In March, when the deal was first revealed, the FCA told the Commons Treasury select committee that the law does not apply, and no intelligence would be shared.
However, Wrigley, MP for Newton Abbot, has already written to the FCA to “better understand on what legal basis the FCA believes that the US Cloud Act would not apply in these circumstances.”
While the Open Rights Group have said that the law “gives authorities the right to access data held by businesses held in the US, such as Palantir.”
Responding to the news, Stuart Harvey, CEO of Datactics, commented: “When people and businesses sign their personal and sensitive data to public bodies, such as the FCA, they are trusting in UK law to protect that data, not be subject to backdoor access from another country. The moment that data reaches infrastructure operated by a US company, trust and governance are complicated and the risks skyrocket.”
"It's vital that the UK government and its public bodies, such as the FCA, invest in infrastructure native to the UK. This makes it far easier for organisations to govern and control their data, holding greater accountability and, ultimately, boosting national security. The Met Police and NHS have also raised similar attention in recent months, so getting a handle on UK public data is vital.”
Palantir already has over £500 million in contracts with NHS England and the Ministry of Defence, and in May had a £50 million deal blocked with the Metropolitan Police to use AI on crime data due to a breach in procurement rules.
An FCA spokesperson said: “This 12-week trial will test whether we can improve how we collate information so we’re better able to tackle financial crime and the distress it causes. Criminals aren’t slow to use technology to cause harm. We need to stay ahead of them. The data used in the trial will be fully encrypted and under our control. No one is able to access the unencrypted data without our authorisation.”