Peter Thiel’s data-mining company is using War on Terror tools to track American citizens. The scary thing? Palantir is desperate for new customers.
High above the Hudson River in downtown Jersey City, a former U.S. Secret Service agent named Peter Cavicchia III ran special ops for JPMorgan Chase & Co. His insider threat group—most large financial institutions have one—used computer algorithms to monitor the bank’s employees, ostensibly to protect against perfidious traders and other miscreants.
Aided by as many as 120 “forward-deployed engineers” from the data mining company Palantir Technologies Inc., which JPMorgan engaged in 2009, Cavicchia’s group vacuumed up emails and browser histories, GPS locations from company-issued smartphones, printer and download activity, and transcripts of digitally recorded phone conversations. Palantir’s software aggregated, searched, sorted, and analyzed these records, surfacing keywords and patterns of behavior that Cavicchia’s team had flagged for potential abuse of corporate assets. Palantir’s algorithm, for example, alerted the insider threat team when an employee started badging into work later than usual, a sign of potential disgruntlement. That would trigger further scrutiny and possibly physical surveillance after hours by bank security personnel.
Over time…all ended when the bank’s senior executives learned that they, too, were being watched, and what began as a promising marriage of masters of big data and global finance descended into a spying scandal. The misadventure, which has never been reported, also marked an ominous turn for Palantir, one of the most richly valued startups in Silicon Valley. An intelligence platform designed for the global War on Terror was weaponized against ordinary Americans at home.
Founded in 2004 by Peter Thiel and some fellow PayPal alumni, Palantir cut its teeth working for the Pentagon and the CIA in Afghanistan and Iraq. The company’s engineers and products don’t do any spying themselves; they’re more like a spy’s brain, collecting and analyzing information that’s fed in from the hands, eyes, nose, and ears. The software combs through disparate data sources—financial documents, airline reservations, cellphone records, social media postings—and searches for connections that human analysts might miss. It then presents the linkages in colorful, easy-to-interpret graphics that look like spider webs. U.S. spies and special forces loved it immediately; they deployed Palantir to synthesize and sort the blizzard of battlefield intelligence. It helped planners avoid roadside bombs, track insurgents for assassination, even hunt down Osama bin Laden. The military success led to federal contracts on the civilian side. The U.S. Department of Health and Human Services uses Palantir to detect Medicare fraud. The FBI uses it in criminal probes. The Department of Homeland Security deploys it to screen air travelers and keep tabs on immigrants.
…JPMorgan was effectively Palantir’s R&D lab and test bed for a foray into the financial sector, via a product called Metropolis. The two companies made an odd couple. Palantir’s software engineers showed up at the bank on skateboards.
As Metropolis was installed and refined, JPMorgan made an equity investment in Palantir and inducted the company into its Hall of Innovation, while its executives raved about Palantir in the press. The software turned “data landfills into gold mines,” Guy Chiarello, who was then JPMorgan’s chief information officer, told Bloomberg Businessweek in 2011.
The founder of Palantir is extremely well connected. Here’s how his life might appear in the company’s model.
Cavicchia was in charge of forensic investigations at the bank. Through Palantir, he gained administrative access to a full range of corporate security databases that had previously required separate authorizations and a specific business justification to use. He had unprecedented access to everything, all at once, all the time, on one analytic platform. He was a one-man National Security Agency, surrounded by the Palantir engineers, each one costing the bank as much as $3,000 a day.
Senior investigators stumbled onto the full extent of the spying by accident. In May 2013 the bank’s leadership ordered an internal probe into who had leaked a document to the New York Times about a federal investigation of JPMorgan for possibly manipulating U.S. electricity markets. Evidence indicated the leaker could have been Frank Bisignano, who’d recently resigned as JPMorgan’s co-chief operating officer to become CEO of First Data Corp., the big payments processor. Cavicchia had used Metropolis to gain access to emails about the leak investigation—some written by top executives—and the bank believed he shared the contents of those emails and other communications with Bisignano after Bisignano had left the bank. (Inside JPMorgan, Bisignano was considered Cavicchia’s patron—a senior executive who protected and promoted him.)
JPMorgan officials debated whether to file a suspicious activity report with federal regulators about the internal security breach, as required by law whenever banks suspect regulatory violations. They decided not to—a controversial decision internally, according to multiple sources with the bank. Cavicchia negotiated a severance agreement and was forced to resign. He joined Bisignano at First Data, where he’s now a senior vice president. Chiarello also went to First Data, as president. After their departures, JPMorgan drastically curtailed its Palantir use, in part because “it never lived up to its promised potential,” says one JPMorgan executive who insisted on anonymity to discuss the decision.
Palantir, in a statement responding to questions about how JPMorgan and others have used its software, declined to answer specific questions. “We are aware that powerful technology can be abused and we spend a lot of time and energy making sure our products are used for the forces of good,” the statement said.
Much depends on how the company chooses to define good. In March a former computer engineer for Cambridge Analytica, the political consulting firm that worked for Donald Trump’s 2016 presidential campaign, testified in the British Parliament that a Palantir employee had helped Cambridge Analytica use the personal data of up to 87 million Facebook users to develop psychographic profiles of individual voters. Palantir said it has a strict policy against working on political issues, including campaigns, and showed Bloomberg emails in which it turned down Cambridge’s request to work with Palantir on multiple occasions. The employee, Palantir said, worked with Cambridge Analytica on his own time. Still, there was no mistaking the implications of the incident: All human relations are a matter of record, ready to be revealed by a clever algorithm. Everyone is a spidergram now.
Thiel, who turned 50 in October, long reveled as the libertarian black sheep in left-leaning Silicon Valley. He contributed $1.25 million to Trump’s presidential victory, spoke at the Republican convention, and has dined with Trump at the White House. But Thiel has told friends he’s had enough of the Bay Area’s “monocultural” liberalism. He’s ditching his longtime base in San Francisco and moving his personal investment firms this year to Los Angeles, where he plans to establish his next project, a conservative media empire.
As Thiel’s wealth has grown, he’s gotten more strident. In a 2009 essay for the Cato Institute, he railed against taxes, government, women, poor people, and society’s acquiescence to the inevitability of death. (Thiel doesn’t accept death as inexorable.) He wrote that he’d reached some radical conclusions: “Most importantly, I no longer believe that freedom and democracy are compatible.” The 1920s was the last time one could feel “genuinely optimistic” about American democracy, he said; since then, “the vast increase in welfare beneficiaries and the extension of the franchise to women—two constituencies that are notoriously tough for libertarians—have rendered the notion of ‘capitalist democracy’ into an oxymoron.”
Thiel went into tech after missing a prized Supreme Court clerkship following his graduation from Stanford Law School. He co-founded PayPal and then parlayed his winnings from its 2002 sale to EBay Inc. into a career in venture investing. He made an early bet on Facebook Inc. (where he’s still on the board), which accounts for most of his $3.3 billion fortune, as estimated by Bloomberg, and launched his career as a backer of big ideas—things like private space travel (through an investment in SpaceX), hotel alternatives (Airbnb), and floating island nations (the Seasteading Institute).
He started Palantir—named after the omniscient crystal balls in J.R.R. Tolkien’s Lord of the Rings trilogy—three years after the attacks of Sept. 11, 2001. The CIA’s investment arm, In-Q-Tel, was a seed investor. For the role of chief executive officer, he chose an old law school friend and self-described neo-Marxist, Alex Karp. Thiel told Bloomberg in 2011 that civil libertarians ought to embrace Palantir, because data mining is less repressive than the “crazy abuses and draconian policies” proposed after Sept. 11. The best way to prevent another catastrophic attack without becoming a police state, he argued, was to give the government the best surveillance tools possible, while building in safeguards against their abuse.
Legend has it that Stephen Cohen, one of Thiel’s co-founders, programmed the initial prototype for Palantir’s software in two weeks. It took years, however, to coax customers away from the longtime leader in the intelligence analytics market, a software company called I2 Inc.
In one adventure missing from the glowing accounts of Palantir’s early rise, I2 accused Palantir of misappropriating its intellectual property through a Florida shell company registered to the family of a Palantir executive. A company claiming to be a private eye firm had been licensing I2 software and development tools and spiriting them to Palantir for more than four years. I2 said the cutout was registered to the family of Shyam Sankar, Palantir’s director of business development.