Skip to content

Search the site

Palantir's controversial "membership" of EU sovereign cloud project GAIA-X sparks outrage (and confusion)

"The decision on all applications is yet to be made"

In the blue corner, Gaia-X: a European project that sets common requirements for a "sovereign" European data infrastructure and reduced reliance on US cloud partners. Or, as the European Commission put it in October 2020: "[A] secure and competitive cloud offering... essential to provide the trustworthy data processing infrastructure and services that public administrations, businesses and citizens require in Europe."

In the red corner, Palantir: a US company closely tied to the country's military and intelligence apparatus, which has received backing from the CIA and whose co-founder Peter Thiel supported a Trump administration that publicly described Europe as one of the United States' biggest foes. But are these two protagonists -- and seemingly natural antagonists -- ready to rumble? Indeed no. They appear to be in a warm embrace in the ring.

Palantir and GAIA-X: Wait, what?

In a December 18 Medium post, the Palantir team announced that they had joined the Gaia-X project as a "day one" member, triggering an outcry from many quarters, including Members of the European Parliament (MEPs).

Palantir's view? That membership hits its "sweet spot" and its experience in implementing systems that "track lineage and provenance of data flows" as well as work "bringing software engineering concepts like versioning, branching, and release management to the data engineering world" makes it a natural partner: haters be damned; Palantir and Gaia-X are natural fit.

Palantir: But we're GOOD at data governance...

"In over 17 years of work in some of the most sensitive — and skeptical — data environments in the world, we have acquired understanding of the ways that intricate technological solutions can and should be interwoven with the broader data governance and normative contexts in which the technology must operate", the recently publicly listed company noted.

"This is precisely the sweet spot of our experience and expertise, which we hope to contribute to GAIA-X and European data ecosystems."

The company's added: "The roots of Palantir lie in our work for the national security community wherein data security, governance, and institutional sovereignty/independence controls must be respected and demonstrably used. Our software engineering culture has deeply internalized these concepts, just as we’ve built strong operational, technical, and procedural safeguards to ensure that each of our customer environments remain separate, sovereign, and secure from all others."

But... is it actually a member? Marco-Alexander Breit, Head of AI at Germany's Federal Ministry for Economic Affairs and Energy noted on Twitter after the Palantir announcement: "For transparency: Palantir applied [our italics] for a so-called Gaia-X Day 1 membership.

He added: "The decision on all applications is yet to be made, by the board of directors when the AISBL is in full effect (due early 2021)."

European policy makers are establishing a non-profit GAIA-X AISBL (French: association internationale sans but lucratif) that will be the legal mechanism holding GAIA-X together and facilitating coordination. GAIA-X's online hub suggests that "more than 300 organizations from many countries are already involved in GAIA-X. These include technology companies - large corporations as well as small and medium-sized enterprises – which are developing a technological proposal from a provider’s perspective."

It does not name these 300 members in the FAQs.

Breit added: "I am not commenting on corporate communications, and the board has also let other “we are in” statements [stand]."

The Stack has contacted Palantir and several European policy makers for comment on the precise status of its membership and what that confers, and will update this piece when we receive a response. It appears to almost be a self-serve process at the moment, whereby organisations propose contributions to the architecture and self-designate as members, but the actual formal legal structure and codified membership structure remains an unfinished project. European MEPs are beginning to react, meanwhile.

As one outraged Green MEP (Germany) Alexandra Geese puts it: "What business model and what credibility can there still be for a European cloud if data mining is carried out by the company associated with the worst practices of the US surveillance authorities?"

See also: "This is not 'espionage as usual' even in the digital age"