Australia’s Defence Department Just Deepened Its Bet on Palantir. That Should Alarm Us.

 

Australia’s Department of Defence has quietly expanded its reliance on the US data analytics firm Palantir Technologies, awarding a one year contract worth about A$7.6 million to support its Cyber Warfare Division. The contract was awarded via limited tender, meaning no open competition was conducted.

This is not an isolated engagement. Public procurement records show that Defence has now committed more than A$26 million to Palantir since 2013, with a series of escalating contracts in recent years. A 2024 contract reportedly involved Palantir’s Foundry platform, its flagship data integration and analytics system. The most recent deal appears to extend that trajectory.

On paper, this may look like routine Information and Communication Technologies (ICT) procurement. In reality, it raises serious questions about sovereignty, procurement discipline, ethical risk and democratic accountability.

The procurement problem

Under Australia’s Commonwealth Procurement Rules (CPR), limited tender is permissible in defined circumstances such as genuine urgency, strict compatibility requirements, or where only one supplier can meet the need. It is not unlawful per se. But it is inherently exceptional. Competition is the mechanism by which value for money is tested.

When a contract extension exceeds the scale of the original engagement and is not subjected to open market testing, the burden of justification becomes heavier, not lighter. Defence must be able to clearly articulate which CPR condition was relied upon and how value for money was assessed in the absence of competition.

The “land and expand” model, in which a vendor embeds itself technically and then scales through extensions justified by compatibility, is well known in enterprise software. It is also a classic pathway to vendor lock in. Once data architectures, workflows and integrations are shaped around a single platform, switching costs rise dramatically. What begins as convenience can end as structural dependence.

For a department responsible for national defence, that should not be a casual trade off.

The sovereignty question

Palantir is not just another enterprise software supplier. It is deeply embedded in US national security, intelligence and law enforcement systems. It has been widely reported as a contractor to US immigration enforcement agencies and has entered into strategic partnerships with Israel’s Ministry of Defense in the context of ongoing conflict operations.

Those associations matter. They shape reputational risk, geopolitical signalling and alliance perceptions. They also raise legitimate public concerns about how data platforms designed for intelligence fusion and enforcement in other jurisdictions are being deployed within Australian government systems.

Australia is not merely buying software. It is purchasing architecture that can integrate, model and analyse sensitive operational data. In a Cyber Warfare Division context, that could involve high value datasets related to networks, personnel, capabilities or threat environments. Even if the scope is narrower than critics assume, the principle remains the same: core defence analytics functions are increasingly mediated by a US headquartered firm whose strategic priorities are not Australia’s to set.

If Australia aspires to sovereign capability in cyber and information operations, embedding foreign enterprise platforms at the centre of analytic workflows demands much more public justification than we have seen.

Ethics and privacy

Independent Senator David Pocock has criticised the scale and process of the contract, citing concerns about ethics and privacy in the absence of comprehensive reform to Australia’s privacy legislation.

Those concerns are not fringe. In the United Kingdom, the award of a large National Health Service data platform contract to Palantir triggered internal warnings about reputational risk and public trust. In the United States, municipal hospital systems have faced criticism for contracting with Palantir while the company simultaneously supports federal immigration enforcement operations.

The issue is not that Defence is somehow responsible for Palantir’s entire global portfolio. It is that reputational and ethical risk do not stop at the water’s edge. Australia’s defence procurement choices signal our tolerance for corporate practices elsewhere. They also shape domestic trust in how government data is handled.

When Defence awards contracts without open tender to a firm whose global footprint is so politically charged, the onus is on government to demonstrate that robust human rights, data governance and audit safeguards are in place.

The entanglement deepens

Palantir’s Australian presence has expanded well beyond Defence. Customers reportedly include the Australian Signals Directorate and the Australian Criminal Intelligence Commission. The Future Fund has publicly acknowledged an investment exposure to the company. Major corporations such as Coles, Westpac and Rio Tinto have also engaged its services.

The point is not to suggest impropriety in each case. It is to observe a pattern of deepening institutional entanglement. Once a single data integration architecture becomes common across agencies and sectors, interoperability increases but so does systemic concentration risk.

In defence terms, that is a strategic dependency question. If a vendor becomes indispensable to intelligence fusion, cyber analytics or operational planning, Australia’s ability to independently shape its technological future narrows.

What should have happened

If Defence believed that Palantir was uniquely positioned to meet urgent cyber warfare requirements, it should state plainly which CPR exemption was invoked and why no viable alternative supplier existed. It should publish, to the extent consistent with national security, the safeguards around data sovereignty, audit rights and exit strategy.

At minimum, the following questions deserve clear answers:

1. Which specific Commonwealth Procurement Rules clause justified limited tender?

2. What data domains connect to the platform and at what classification levels?

3. Where is the data hosted and under what assurance framework?

4. What contractual provisions ensure portability and prevent indefinite vendor lock in?

5. Was a human rights and reputational risk assessment conducted as part of procurement due diligence?

Absent transparency, public suspicion is rational.

A deeper strategic failure

This is not simply about A$7.6 million. It is about a mindset.

Australia’s defence establishment increasingly speaks the language of sovereignty and resilience. Yet in critical digital infrastructure it appears comfortable outsourcing core analytic functions to a foreign corporation whose primary accountability lies elsewhere.

That is a contradiction.

Limited tender may be technically compliant with procurement rules. It may even be defensible under narrow operational criteria. But governance is not just about rule compliance. It is about whether decisions align with long term national interest, technological independence and democratic accountability.

If Defence believes this trajectory strengthens Australia’s security, it should make that case openly. Until it does, the expansion of Palantir’s role inside the machinery of Australian defence will remain a decision that looks less like prudent cyber strategy and more like institutional complacency.

In matters of national defence, complacency is a luxury Australia cannot afford.

Why Palantir at all?

A final and unavoidable point is why Palantir Technologies attracts such intense scrutiny in the first place. The company was co founded by billionaire Peter Thiel, a prominent supporter of Donald Trump, and has built a substantial business around US defence, intelligence and immigration enforcement contracts, including systems used by Immigration and Customs Enforcement (ICE) in deportation operations. In January 2024 Palantir publicly announced a strategic partnership with Israel’s Ministry of Defense to support its ongoing war effort. That war has generated serious allegations of violations of international humanitarian law and claims of genocide that are currently before the International Court of Justice. Whether or not those legal claims are ultimately upheld, the fact remains that Palantir is directly engaged with a military campaign that has produced mass civilian casualties and unprecedented destruction in Gaza. 

When Australia embeds such a company deeper inside its own defence architecture, it is not engaging a politically neutral software vendor. It is aligning itself, however indirectly, with a firm whose global activities are at the centre of some of the most polarising and legally contested conflicts of our time.