AI governance

Anthropic Pentagon Contract: A Moral Stand or a Moving Target?

di
Skep analyzes Anthropic's Pentagon contract dispute — a moral red line or a moving target tied to hallucination benchmarks

TL;DR: Anthropic refused the Pentagon’s demand to remove AI safeguards, lost a $200 million contract, and OpenAI took it the same day. Then Amodei quietly resumed negotiations. The Oprah interview framed this as a moral stand. The actual timeline tells a different story.

What actually happened: the timeline the Oprah interview skipped

On February 24, 2026, Defense Secretary Pete Hegseth gave Anthropic a deadline: allow unrestricted use of Claude “for all lawful purposes” or lose the $200 million Pentagon contract. Anthropic refused, publishing a statement saying the Pentagon’s language “was paired with legalese that would allow those safeguards to be disregarded at will.” Amodei wrote publicly: “we cannot in good conscience accede to their request.” The Pentagon cancelled the contract and designated Anthropic a “supply chain risk” — a classification normally reserved for companies linked to foreign adversaries.

The same day, the Pentagon struck a deal with OpenAI. Amodei reportedly sent an internal message to Anthropic staff calling the OpenAI deal “safety theater” and the messaging around it “straight up lies.” Pentagon official Emil Michael called Amodei “a liar with a God complex.” The public framing was clean: Anthropic stood on principle, OpenAI didn’t. Two and a half million users reportedly moved to Claude in the weeks that followed.

What the Oprah interview did not mention: within days of the public rupture, Amodei had quietly resumed negotiations with Emil Michael — the same official who had called him a liar. Those talks were reported by the Financial Times and Bloomberg in early March. The red line had already started moving before the cameras were set up for Oprah.

The “not ready” argument is a timeline, not a principle

When Daniela Amodei clarified the position during the Oprah interview, her phrasing was telling: the models are “not ready for this use case” at present. Not “we will never do this.” Not “this is categorically wrong.” The refusal was framed as a technical pause, not a moral absolute.

That framing has a specific implication. If the limit is readiness, then the question isn’t whether Anthropic will eventually work with the Pentagon — it’s when the internal metrics say the models are ready. And those metrics are not public. Anthropic tracks hallucination rates, safety margins, and reliability benchmarks under internal programmes that nobody outside the company can audit. The moment those numbers cross an undisclosed threshold, the “not ready” position becomes “ready,” and the moral argument quietly retires.

Frontier model hallucination rates have improved from 3 to 8 percent in 2023 to roughly 1.0 to 2.5 percent in 2026 on summarization benchmarks. On long-tail factual queries — the kind that would matter for intelligence analysis or classified document review — rates remain at 15 to 40 percent. That gap is the unofficial deadline. When engineering closes it, the public posture will shift. The only question is how loudly.

The Palantir arrangement already crosses the line in everything but name

There is a further complication that rarely surfaces in the coverage. Anthropic maintains a partnership with Palantir, which supplies Claude-powered interfaces to defence clients under a separate API tier. Military analysts already use Claude to interrogate sensitive documents. The foundation model that civilian Pro users access is the same one reaching the defence sector through a vendor intermediary.

This arrangement allows Anthropic executives to say accurately that they have no direct uniformed customer while the underlying reasoning engine already reaches the Pentagon. The “supply chain risk” designation sits alongside an active indirect supply chain. The architecture of the refusal is a licensing construct, not a technical barrier. Removing Palantir as the intermediary would not require new training runs or architectural changes — it would require a contract amendment.

Why Anthropic cannot afford to reverse course loudly

This is where your read of the situation matters more than the article originally acknowledged. Two and a half million users came to Anthropic in part because of that public refusal. They came because Anthropic said something that sounded like a values statement, and they believed it. That audience is not monolithic — some are developers who care primarily about capability, others are users who specifically chose Claude because it felt like the alternative to the “move fast, sell to anyone” model.

If Anthropic formally reverses the Pentagon position — not through a quiet Palantir workaround but through a publicly acknowledged direct contract — the reputational cost is asymmetric. The users who came for the values statement will notice. Some will leave. Gemini and open-weight alternatives exist and are improving. The switching cost for a user who chose Claude for ethical reasons rather than raw capability is low.

Anthropic is not naive about this. The Oprah interview was not accidental — it was a moment of narrative management, reframing a messy and ongoing negotiation as a clean moral stand. The timing, three months after the contract collapse and in the middle of resumed talks, suggests the interview served a specific function: locking in the brand association with safety before the engineering roadmap makes the current position untenable.

What to actually watch: the metrics, not the soundbites

The practical task for anyone trying to understand where Anthropic’s actual limits are is straightforward: ignore the interviews and watch the benchmarks. When internal safety metrics for long-tail factual reliability cross the threshold that Anthropic considers acceptable for high-stakes classified use, the position will change. It may change through a carefully worded announcement about “expanded mission alignment.” It may change through a Palantir contract extension that nobody covers. It may even change through a direct Pentagon deal framed as a breakthrough in responsible AI deployment.

What it will not do is announce itself as a reversal. The framing will be continuity. The substance will be exactly what Amodei said in February he would not do. Track the hallucination benchmarks, not the prime-time appearances. The safety argument will expire when the numbers allow it to — and the numbers are already moving in one direction.

Palantir’s NHS Contract: Parliament Just Called It an Unacceptable Risk. Nobody Is Moving

di
Skep reacts to Palantir's NHS contract — Parliament calls it an unacceptable risk but the government hasn't moved

TL;DR: Palantir has access to NHS data covering 55 million patients. The “unlimited access” headline was technically wrong, but the real problem is worse: a £330m contract with no enforceable oversight, no public audit trail, and a government that just ignored Parliament calling it an unacceptable risk.

The contract exists, and the access is real

Palantir won a £330 million contract to run the NHS Federated Data Platform in November 2023. This is not speculation. The contract is public, and its scope covers data from approximately 55 million patients across England. The platform connects existing NHS data systems so hospitals and integrated care boards can manage waiting lists, theatre schedules, and discharge planning.

Amnesty International UK called the arrangement “unlimited access” in a May 2026 report. That framing made headlines, but it is technically inaccurate. The contract specifies role-based access controls, and Palantir cannot freely query individual patient records without a legal basis under UK data protection law. The word “unlimited” does a lot of rhetorical work that the contract text does not support.

What the contract does grant is broad. Palantir is the platform operator. That means its engineers have privileged access to the infrastructure that processes pseudonymized data. Pseudonymization is not anonymization: it is technically reversible, and the NHS retains the keys. But whether those keys are adequately protected depends on implementation details that are not publicly auditable.

The gap between the contract text and what Amnesty described is where the actual story sits. It is not about a company running wild with patient files. It is about a governance framework that trusts the operator too much and verifies too little.

The governance model is the vulnerability, not the technology

Most coverage of this story frames it as a privacy problem. It is more accurately a governance problem. Palantir’s platform, Foundry, has technical access controls that can be configured to restrict data access at a granular level. The NHS has written policies on who can see what. On paper, the safeguards exist.

The issue is enforceability. The contract lacks independent oversight mechanisms with real teeth. The National Data Guardian has an advisory role but cannot block decisions. NHS England can audit Palantir’s data usage, but audit reports are not published proactively. There is no mandatory breach notification standard tied to public disclosure.

This is consistent with how Palantir operates elsewhere. In Argentina, the company deployed a system called the Social Digital Twin that integrates education, medical, and economic data across government agencies. The pattern repeats: the technology is competent, the contract is legal, and the transparency is minimal.

The UK’s contract includes a clause prohibiting Palantir from using NHS data for anything beyond the contracted services. But the contract also allows NHS England to add new use cases through change requests without a new procurement process. That means the scope can expand by administrative decision rather than public debate. The governance structure assumes good faith.

This is not a technical failure. It is a deliberate design choice to prioritize operational flexibility over verifiable constraint.

Three concrete things that would make this arrangement safer

It is easy to say “cancel the contract.” It is harder to do, and it avoids the question of what would replace the platform. NHS data interoperability genuinely needs improvement, and the platform addresses real operational problems. The question is how to constrain the arrangement so that trust is not the only safeguard.

Mandatory published audit logs with data access granularity. The single highest-impact reform would be requiring Palantir to publish structured audit logs showing every data access event: who queried what, when, and under which legal basis. These logs should be pseudonymized where necessary but machine-readable and independently reviewed. If Palantir cannot produce this for commercial sensitivity reasons, the data should not be on their infrastructure.

A sunset clause tied to NHS-owned infrastructure. The contract should include a binding timeline for migrating the platform to NHS-owned and operated infrastructure. Palantir can build it, configure it, and train NHS staff on it. But the end state must be an NHS-controlled environment where Palantir is a vendor, not an operator. Without this, the arrangement becomes permanent by default.

A public change request register. Any change request that expands data scope or adds a new use case should be published on a public register before implementation, with a mandatory comment period. This does not require new legislation. It can be written into the contract as an operational requirement. Sunshine is the cheapest and most effective regulatory tool available.

These are not radical proposals. They are standard governance practices in regulated industries. The fact that none of them are in the current contract is the real story Amnesty should have led with.

June 3, 2026: Parliament moves. The government doesn’t.

On June 3, 2026, the cross-party House of Commons Science, Innovation and Technology Committee published a 70-page report calling Palantir “an unacceptable point of weakness” in the UK public sector. The committee recommended that the government exercise the 2027 break clause in the NHS contract and either develop an in-house replacement or find a UK-owned alternative more compatible with British values.

The same day, Palantir won a new £9 million contract to build a national firearms database. No competitive tender. The committee’s report was published in the morning; the new contract was announced in the afternoon.

The government has not responded publicly. The contract stands. The governance gaps remain. The parliamentary pressure is real, but without a formal government commitment to exercise the break clause before February 2027, the recommendation is advisory. Palantir knows it.

Who needs to care about this now versus who can monitor

If you work in NHS IT, clinical governance, or data protection, this affects your professional obligations immediately. You may be asked to integrate with the platform or handle data that flows through it. Document your questions in writing. Ask about audit trail access. Ask about your obligations under UK GDPR when pseudonymized data moves through a third-party platform. If you get ambiguous answers, escalate in writing.

If you are an NHS patient, your individual records are not at higher risk today than they were before Palantir’s contract. The NHS already shares data with hundreds of third-party vendors under similar governance arrangements. The Palantir deal is larger in scale and higher in profile, but the structural privacy risks are not novel. If you are concerned, the most effective action is to request a National Data Opt-Out, which prevents your data from being used for purposes beyond your direct care.

If you are a policymaker or journalist, the angle worth pursuing is not “Palantir has unlimited access.” It is “Palantir’s contract lacks enforceable constraints, and Parliament just said so out loud.” That is a solvable problem with specific, boring regulatory answers. The drama distracts from the fix.

Operating as if governance will not save you

The NHS chose Palantir because it needed a platform that works at scale, and Palantir has a demonstrated track record of making complex data interoperable. The problem is that the contract treats governance as a secondary concern rather than a primary requirement. That is not unique to Palantir. It is how most large government IT contracts work.

The operational conclusion is straightforward. If you are responsible for NHS data governance, operate on the assumption that the platform provider will have access to more data than the contract implies. Not because Palantir is malicious, but because platform operators always have privileged visibility, and the controls that limit that visibility are only as good as their enforcement. Document everything. Demand audit trails. Build your own monitoring where possible. Do not rely on contractual language as your only defense.

The Amnesty report got attention. The parliamentary committee added institutional weight. But the fix is enforceable transparency, and that is entirely achievable if anyone with authority decides it matters before February 2027.

Powered by
I cookie necessari abilitano funzioni essenziali del sito come accessi sicuri e regolazioni delle preferenze di consenso. Non memorizzano dati personali.
Nessuno
I cookie funzionali supportano funzioni come la condivisione di contenuti sui social media, la raccolta di feedback e l’attivazione di strumenti di terze parti.
Nessuno
I cookie analitici tracciano le interazioni dei visitatori, fornendo dati su metriche come numero di visitatori, frequenza di rimbalzo e fonti di traffico.
Nessuno
I cookie pubblicitari forniscono annunci personalizzati basati sulle tue visite precedenti e analizzano l’efficacia delle campagne pubblicitarie.
Nessuno
Powered by