Is Palantir's software difficult to use

Big data in the policeHessen searches for threats with Palantir software

Tobias Singelnstein is a criminologist and professor at the Ruhr-Uni Bochum with a license to teach criminal law, criminal procedure law, criminology, commercial criminal law and legal theory. He is co-editor of the journals "Neue Kriminalpolitik" and "Kriminologisches Journal". And he sometimes tweets too. We publish his slightly edited article from the Fundamental Rights Report 2019 with the kind permission of the publisher. All rights reserved.

Data is omnipresent; practically no area of ​​our digitized life can do without it. They form a permanent track that reflects our personality. This creates a treasure trove of previously undreamt-of possibilities for the state and authorities. The police in Hessen has been using software from the USA since the end of 2017 to unearth this treasure: "Hessen-Data" is based on the Gotham software from the controversial company Palantir.

"Hessen-Data" and informational self-determination

In the recent past, not only has the amount of stored data increased continuously and massively. At the same time, the technical possibilities have also been developed and refined in order to be able to use such databases. As a result, police authorities are increasingly making efforts to make forms of mass data analysis productive for their work.

The Hessian police use "Hessen-Data" for this purpose, whereby the focus is initially on the area of ​​Islamist-motivated terrorism; serious and organized crime are to be added. The new black-green state government is already planning to expand it to include investigations into child abduction and child abuse. The state guards of the seven Hessian police headquarters and the state criminal investigation office, who were trained on the software, should be able to recognize threats more easily and identify so-called threats.

The task of the software is not to collect new data. Rather, it brings together previously unlinked police data and evaluates them. In addition to internal police information about criminal cases and searches, there is connection data from telephone monitoring, content from read cell phones, e-mails, social media data and much more. In this way, "Hessen-Data" can, for example, identify connections between different people or events. Who knows each other? Who lives close together? What are some of the events that are connected?

The main focus of the public debate on "Hessen-Data" is the fact that the Hessian police have bought a Palantir product. On the one hand, the US company has a reputation for showing little interest in data protection issues. On the other hand, Palantir is closely associated with US military and security authorities, which are among the first and best customers of the company, which was founded in 2004. This results in the fear that the data used by "Hessen-Data" could get from Hessen to the USA. Until the beginning of 2019, an investigative committee of the Hessian state parliament also dealt with the question of whether the contract award to Palantir was illegal.

From the point of view of fundamental rights, "Hessen-Data" conflicts with the right to informational self-determination as part of the general right of personality from Article 2 Paragraph 1 in conjunction with Article 1 Paragraph 1 of the Basic Law. In particular, mass data evaluations such as are possible with "Hessen-Data" call into question the principle of purpose limitation, which is central to data protection law.

For their evaluation and linking activities, such programs are dependent on being able to access the most extensive data stocks possible. In contrast to this, the purpose limitation principle states: Once personal data has been collected, it may only be used for the purpose for which it was collected. This is because the extent to which the data may later be used is decisive for the intensity of the respective interference with the right to informational self-determination. Is it a narrow purpose or a wide variety of possible uses? And how important is this purpose in relation to the encroachment on the fundamental right?

These questions have so far been easy to answer, because the police were initially only allowed to use the data collected in the criminal proceedings or police process in which they were collected. Police laws only permitted continued storage and cross-procedural use under certain conditions. It is true that the legal possibilities for such a change of purpose in police law have already been massively expanded in recent years. The use of programs such as "Hessen-Data" is now finally leading to a paradigm shift. Since the software is dependent on practically unlimited access to data stored by the police, its increasing use in practice will lead to a further reduction in the limits drawn by the principle of purpose limitation.

Mass data evaluation and preemption

"Hessen-Data" is only a Example of a fundamental change in police work that can currently be observed: In addition to the police databases that have been in use for a long time, various new forms of evaluation and use of mass data are emerging.

Firstly, relevant software can link and evaluate large amounts of data within a specific criminal proceeding. Secondly, such an analysis is technically but also easily possible across proceedings, i.e. it can include data from several or a large number of criminal proceedings. Thirdly, this also makes mass data analysis interesting for the police's work in averting danger. In addition to the defense against specific dangers, fourthly, this concerns the clarification of possible dangers well in advance. Under the heading of "predictive policing", for example, the police are trying to use data analysis to identify people and situations that are classified as risky.

The mass data evaluation initially makes use of the data sets that already exist at the police authorities. The analyzes become more diverse and promise increasing precision the more data and different types of data they can use. On the one hand, this leads to the police authorities accessing external databases that are made available to them by other authorities or that are bought on the market. In the future, this could also be personal data, for example from data dealers and other companies. On the other hand, the development means that the police - not unlike Facebook, Google & Co. - develop their own interest in collecting and storing as much data as possible beyond their work on a specific issue.

Even if this development is still in its infancy in Germany under the key words “data mining” and “big data”, it is becoming apparent that it will affect police work comprehensively and will fundamentally change it. In doing so, it not only undermines central data protection principles such as purpose limitation in particular. The evaluation of mass data in the police goes hand in hand with an increasing focus on prevention: Potentially problematic issues and people should be identified and dealt with by the police as early as possible. This idea is of course not new - the new forms of data evaluation, the identification of risks and hazards in advance, however, promise that it can also be implemented.

The use of the Palantir software is part of the development of a considerable forward shift in police intervention when risks and threats are dealt with. At the same time, it is highly doubtful to what extent such risks can actually be accurately determined. Last but not least, there is a risk that the data evaluations will only reproduce the distortions, prejudices and discriminatory practices that are written into the police data. Because the results of such evaluations are only as neutral and differentiated as the data on which they are based.

Would you like more critical reporting?

Our work at netzpolitik.org is financed almost exclusively by voluntary donations from our readers. With an editorial staff of currently 15 people, this enables us to journalistically work on many important topics and debates in a digital society. With your support, we can clarify even more, conduct investigative research much more often, provide more background information - and defend even more fundamental digital rights!

You too can support our work now with yours Donation.

About the author

Guest Post

Guest contributions are contributions from people who do not belong to the netzpolitik.org editorial team. Sometimes we approach authors and publishers to ask them about guest contributions, sometimes the authors approach us. Guest contributions do not necessarily reflect the opinion of the editors.
Published 06/03/2019 at 12:00