Threat Tracker – bastionprivacy.org

Active

UK Government / Cabinet Office

GOV.UK One Login — National Digital Identity System

12 million users enrolled

Keir Starmer announced a national digital ID scheme in September 2025. Originally planned as mandatory for right-to-work checks, public backlash — including a petition with nearly 3 million signatures — forced a partial climbdown in January 2026. Digital right-to-work checks will still be mandatory for employers by end of Parliament (2029). The GOV.UK Wallet will store driving licences, veterans cards, and eventually every government-issued credential. One Login already has 12 million users enrolled, compulsory for new company directors from November 2025.

Name date of birth nationality residency status photo ID employment status biometrics

Active

UK Government / DSIT

GOV.UK Wallet — Unified Government Credential Store

Full rollout by 2027

The GOV.UK Wallet launched in January 2025 and will digitise every government-issued credential — starting with driving licences and veterans' cards, expanding to all credentials by end of 2027. It operates on the same credentials as One Login. A whistleblower told Liberal Democrat peers that One Login missed its 2025 deadline for securing critical systems and that a government red team was able to gain privileged access during testing in March 2025.

Driving licence passport immigration status benefit entitlements all government credentials

Active

UK Government / Home Office

eVisa System — Physical Immigration Documents Abolished

Affects all non-UK nationals

Physical residence permits are no longer valid. All migrants must prove right to remain via a share code linked to their eVisa — a digital-only record. No digital access means no ability to work, rent, or access services. This creates a digital dependency for millions of people with no analogue fallback, and requires ongoing government system access to verify one's legal status.

Immigration status biometrics employment history address history

Active

UK Government / Home Office

National Fraud Initiative — Cross-Departmental Data Matching

30 million+ people annually

The National Fraud Initiative matches data across government departments, councils, NHS, and other public bodies to identify fraud. Over 30 million people's records are matched every two years without their knowledge or individual consent. Data shared includes benefits, payroll, pension, council tax, housing, insurance, and electoral roll records.

Benefits payroll pension council tax housing electoral roll NHS records

Pending

Bank of England / HM Treasury

Digital Pound (CBDC) — Design Phase Active

Decision on build phase: 2026

The Bank of England and HM Treasury are in the active design phase of a Central Bank Digital Currency — the "digital pound". A decision on whether to proceed to the build phase is expected in 2026. The proposed platform model would record all transactions in a central Bank of England ledger. While officials claim it would not replace cash and would not give government access to personal spending data, no primary legislation guaranteeing these limits has yet been drafted. CBDCs by design enable programmable money — spending that can be restricted by category, location, or time.

All financial transactions spending patterns merchant data location of purchase

Active

UK Banks / FCA

Bank Branch Closures — Systematic Dismantling of Cash Infrastructure

6,000+ branches closed since 2015

Over 6,000 bank branches have closed since 2015. The UK lost 34% of its branch network between 2019 and 2024 alone — from 10,410 to 6,870 locations. In 2025 alone, 433 branches closed. A further 228 are scheduled for 2026. 5% of UK adults rely on cash for everything. The closure of physical banking infrastructure makes digital payment dependency inevitable for millions, disproportionately affecting the elderly, rural communities, and the digitally excluded.

Financial behaviour location data spending patterns

Active

HMRC

Real-Time PAYE Data Collection — Universal Earnings Surveillance

Covers all UK employees

HMRC receives real-time earnings data from every employer in the UK for every pay period. This data feeds directly into the Universal Credit system and other benefit calculations. HMRC is expanding the scope of real-time data collection to include self-employment income, rental income, and other earnings streams through Making Tax Digital — creating a comprehensive real-time financial profile of every working person in the UK.

Employment earnings employer identity pay frequency tax codes NI contributions

Active

HMRC / FCA

Crypto Asset Reporting — Full Exchange Surveillance

Mandatory from 2026

The UK is implementing the OECD Crypto-Asset Reporting Framework (CARF) requiring all UK crypto exchanges to report customer transaction data to HMRC from 2026. Exchanges must collect and report customer identity, wallet addresses, and transaction values. This creates a comprehensive surveillance record of every crypto transaction for every UK user of regulated exchanges.

Crypto wallet addresses transaction history exchange identity asset types fiat values

Active

Palantir Technologies / FCA

Financial Conduct Authority — Gotham Intelligence Platform

Undisclosed

The FCA operates Palantir's Gotham platform for financial market surveillance and intelligence analysis. The same platform used for police and defence intelligence is applied to financial transaction data across the UK's financial system. No public competitive tender was disclosed.

Financial transactions market data firm intelligence individual financial profiles

Active

Open Banking Implementation Entity / FCA

Open Banking Mandate — Forced Financial Data Sharing

10 million+ users affected

Open Banking regulations compel banks to share customer financial data with authorised third parties via APIs, upon customer consent — though consent mechanisms are often buried and opaque. The UK's Smart Data schemes planned under the Data (Use and Access) Act 2025 will extend mandatory data sharing beyond banking to energy, telecoms, and other sectors. Once data leaves a bank, individuals have limited visibility of how it is used, combined, or sold.

Full transaction history account balances payee details recurring payments spending categories

Active

UK Government / Home Office

Investigatory Powers Act — Secret Apple iCloud Backdoor Demand

Affects all UK iCloud users

In February 2025, the UK Home Office issued a secret Technical Capability Notice under the Investigatory Powers Act 2016 demanding Apple create a backdoor into its end-to-end encrypted iCloud Advanced Data Protection service — granting UK intelligence services access to encrypted data stored by users worldwide. Apple removed Advanced Data Protection from UK users entirely rather than comply. The order was issued in secret — users were not informed. 239 civil society organisations signed a joint letter demanding the order be rescinded.

All iCloud data: photos documents messages health data location history backups

Active

UK Government / Ofcom

Online Safety Act — Mandatory Age Verification & Content Scanning

Covers all major platforms

The Online Safety Act 2023 requires platforms to implement age verification for adult content and to proactively scan for illegal content. Ofcom has powers to require platforms to deploy "accredited technology" to scan private encrypted messages for child abuse material — effectively mandating client-side scanning that breaks end-to-end encryption. Platforms face fines of up to 10% of global turnover or blocking in the UK for non-compliance. Privacy experts warn the scanning infrastructure cannot be limited to one content category once built.

Private messages images video content user identity age verification documents

Active

UK Government / Home Office

Investigatory Powers Act — Bulk Data Collection Powers

Entire UK population

The Investigatory Powers Act 2016 and its 2024 amendments give GCHQ and other agencies powers to collect bulk personal datasets — defined as datasets where the majority of people included are not of intelligence interest. Under a "low or no expectation of privacy" standard, this includes web browsing data, communications metadata, location data, and financial records collected in bulk without individual suspicion or warrant. Providers must notify the Home Secretary before making security changes to products.

Web browsing communications metadata location data financial records content of communications

Active

Ofcom

Online Safety Act — Private Companies as State Censors

All UK internet users

The Online Safety Act deputises private companies — Meta, Google, X, TikTok — to enforce government content standards or face existential financial penalties. Platforms must remove content Ofcom designates as harmful, maintain systems to assess and mitigate "risks", and produce annual transparency reports. The definition of "harmful but legal" content is determined by regulators without democratic oversight, creating a framework for the government to suppress legal speech through private intermediaries without direct censorship.

All user-generated content private messages user identity posting behaviour account history

Active

UK Government / DSIT

Online Age Verification — Identity Linked to Internet Access

Affects all UK internet users

Ofcom regulations under the Online Safety Act require platforms hosting adult content to implement robust age verification. Approved methods include photo ID upload, credit card checks, and facial age estimation. Privacy-preserving methods are in development but not yet widely available. The infrastructure required to verify age at scale creates a database linking real identities to browsing behaviour — with no guarantee of how that data is stored, shared, or used by verification providers.

Photo ID facial biometrics credit card identity browsing behaviour platform accounts

Active

Palantir Technologies / NHS England

NHS Federated Data Platform — 56 Million Patient Records

£330,000,000

Palantir's Foundry platform was awarded a £330M contract to build the NHS Federated Data Platform — providing a single integrated view of patient data across 56 NHS trusts covering 56 million people in England. The company has CIA-linked origins, Peter Thiel as co-founder, and runs the MoD's Gotham defence intelligence platform through a separate but interoperable contract. No competitive tender was held for the initial contract. There is no guaranteed firewall preventing patient data from crossing into defence or policing use.

Patient records diagnoses medications appointments mental health GP data surgical history

Active

NHS England / NHSX

General Practice Data for Planning and Research (GPDPR)

55 million patient records

NHS Digital (now NHS England) collects GP records for 55 million patients — including diagnoses, referrals, medications, and coded clinical data — and makes this available for research and planning. Opt-out is available but not well publicised. Data is shared with NHS approved researchers, commercial pharmaceutical companies, and government agencies. Previous iterations of the scheme were paused following public backlash but were subsequently resumed in modified form.

GP records diagnoses medications referrals mental health codes long-term conditions

Active

UK Government / DHSC

NHS App as Digital Identity Layer

35 million+ users

The NHS App — with over 35 million users — is being expanded beyond health into a general identity and credential platform. It already hosts COVID vaccination records, GP access, prescription ordering, and organ donation status. Plans are in development to integrate NHS App credentials with GOV.UK One Login, creating a convergence between health identity and government identity. Once health data and identity data are linked in a single system, the firewall between them effectively disappears.

Health records vaccination status prescriptions appointments organ donation identity credentials

Active

UK Biobank / NHS Genomics

Genomics England — National DNA Database

500,000 participants, expanding

Genomics England holds the genome sequences of 500,000 UK participants. The NHS Genomic Medicine Service aims to sequence every person diagnosed with certain conditions. Genomic data is the most permanent personal data that exists — it cannot be changed, it identifies not just an individual but their entire biological family, and it can reveal predisposition to future disease, ancestry, and traits. Commercial partnerships allow pharmaceutical companies to access this data.

Full genome sequences family relationships disease predispositions ancestry trait data

Active

DWP / NHS England

NHS to DWP Health Data Sharing — Benefit Assessment Surveillance

Affects all NHS patients claiming benefits

The Department for Work and Pensions has established data sharing pipelines with NHS England to use medical records in benefit eligibility and fraud assessments. Patients seeing a GP or specialist may have their clinical records shared with the DWP without their knowledge or specific consent. This conflates healthcare with welfare surveillance and has a chilling effect on people seeking medical help if they believe it may affect their benefits.

GP records specialist referrals mental health diagnoses disability assessments treatment history

Active

Metropolitan Police / 13 UK Forces

Live Facial Recognition — 50,000+ Faces Scanned Daily

National rollout planned

Live Facial Recognition is deployed by 13 of 43 police forces in England and Wales as of March 2026, with a national rollout planned. The Met Police scanned over 50,000 faces per day by mid-2025. The watchlist has grown from under 7,000 names in 2022 to over 16,000 in 2025. South Wales Police scanned 1.6 million faces in 14 deployments resulting in 15 arrests — a 0.001% hit rate. An Asian man was wrongfully arrested due to a false positive in January 2026. No specific legal framework exists — the Home Office consultation closed February 2026.

Facial biometrics location time of day association data watchlist matching

Blocked

Palantir Technologies / Metropolitan Police

Met Police Investigations Platform — Blocked

£50,000,000

The largest policing data contract ever proposed in the UK — £50M for Palantir's Gotham platform — was blocked by Mayor Sadiq Khan in 2023. The Met failed to present a strategy to MOPAC, conducted no competitive tender, and considered only Palantir as a supplier. The Met had previously run a secret internal surveillance trial on 46,000 staff without consent, deliberately keeping the initial contract value under £500K to avoid procurement oversight. The force continues to seek an alternative route to a similar capability.

Criminal records intelligence files surveillance data informant records investigation data

Active

Palantir Technologies / Ministry of Defence

MoD Gotham Defence Intelligence Platform

£240,000,000

The Ministry of Defence operates Palantir's Gotham platform for defence intelligence analysis. The same company and platform family also holds NHS patient data (Foundry) and FCA financial intelligence data. There is no guaranteed legal firewall preventing data from crossing between these systems. Palantir's platforms are designed to integrate disparate data sources — their commercial value lies precisely in this interoperability.

Defence intelligence military personnel threat assessments geospatial data signals intelligence

Active

National Highways / Local Authorities

ANPR Network — 50 Million Plate Reads Per Day

Entire UK road network

The UK operates one of the world's largest Automatic Number Plate Recognition networks. Over 50 million vehicle movements are recorded daily across the national network of fixed and mobile ANPR cameras. Data is held for up to two years and is accessible by police forces, the DVLA, and other agencies. Combined with journey time data from smart motorways and toll systems, this creates a comprehensive record of the movement of every vehicle — and by implication, every driver and passenger.

Vehicle registration location time journey pattern vehicle make/model associated driver data

Active

Transport for London

TfL Journey Data — Every Journey Logged and Retained

10 million+ daily journeys

Transport for London logs every Oyster card and contactless payment journey — tap in, tap out, time, location, route — and retains this data. TfL holds journey data for 13 weeks for Oyster users and longer for registered cards. This data has been shared with police on request. Combined with facial recognition cameras at stations and ANPR on buses, TfL's network provides a near-complete map of movement for millions of Londoners.

Journey origin destination time frequency payment card identity top-up locations

Active

Home Office / Mobile Network Operators

Mobile Network Location Data — Bulk Collection and Sale

All UK mobile users

Mobile network operators in the UK are required to retain communications data — including location data derived from cell tower connections — for 12 months under the Investigatory Powers Act. This data is accessible by police, intelligence agencies, and other public bodies via production orders. Beyond law enforcement, aggregated location data is sold commercially by data brokers who buy it from operators, creating a parallel commercial surveillance economy operating largely outside public scrutiny.

Cell tower location movement patterns call metadata device identity roaming data

Active

UK Police Forces

Retrospective Facial Recognition — Mass Identification from Archives

Applied to 127 arrests post-2024 riots

Retrospective Facial Recognition allows police to run database searches against CCTV footage, social media images, and other archived material to identify individuals after the fact. Following the 2024 summer disorder, retrospective FRT led to 127 arrests. Police forces hold biometric databases of custody images from anyone who has ever been arrested — including those subsequently acquitted. These can be run against retrospective FRT searches without individual suspicion.

Facial biometrics custody images CCTV archive social media images public event footage

Active

UK Government / Home Office

Prevent Programme — Political View Reporting in Public Services

Mandatory in schools, NHS, universities

The Prevent duty requires teachers, doctors, university lecturers, social workers, and other public sector workers to report individuals they believe are at risk of radicalisation. In practice, referrals have included people expressing legal political views — anti-war sentiment, Palestinian solidarity, environmental activism, and criticism of government policy. The scheme operates without judicial oversight, creates a chilling effect on legal political expression, and has been criticised by multiple independent reviews for disproportionately targeting Muslim communities.

Political views religious beliefs associations online activity social connections

Active

UK Government / Home Office

Public Order Act 2023 — Criminalisation of Protest

Affects all UK residents

The Public Order Act 2023 introduced new offences including "locking on", "tunnelling", and "obstruction of major transport works". It gave police powers to impose conditions on protests that cause "more than minor" disruption — a threshold so low that effectively any effective protest can be stopped. It also introduced Serious Disruption Prevention Orders, allowing courts to ban individuals from attending protests before any offence is committed. The Act was used against Just Stop Oil, Palestine solidarity marchers, and other groups.

Protest attendance political association location data organising communications

Active

Counter Terrorism Internet Referral Unit / Home Office

CTIRU — Removal of Legal Online Content

Hundreds of thousands of URLs removed

The Counter Terrorism Internet Referral Unit operates as a police unit that requests the removal of online content it considers terrorist-related — without a court order. Platforms comply voluntarily to avoid regulatory risk. Content removed has included journalism, academic research, historical documentation, and political commentary. There is no independent judicial review of removal decisions and no appeal mechanism for content creators.

Online content publisher identity associated accounts posting history

Active

UK Government / Home Office

Nationality and Borders Act 2022 — Criminalisation of Asylum Seekers

Affects all asylum seekers

The Nationality and Borders Act made it a criminal offence to arrive in the UK without prior authorisation — effectively criminalising the act of claiming asylum by irregular route. Under international law (the 1951 Refugee Convention), people fleeing persecution have the right to claim asylum regardless of how they arrive. The Act's data implications include biometric registration, GPS monitoring tags, and extensive data sharing between the Home Office, police, and foreign governments on asylum seekers' movement and associations.

Biometrics GPS location family connections country of origin communications financial transactions

Active

UK Government / DSIT

Data (Use and Access) Act 2025 — Expanding State Data Powers

Entire UK population

The Data (Use and Access) Act 2025 — which received Royal Assent in 2025 — significantly expands the government's ability to share and reuse personal data across public sector bodies. It creates a framework for Smart Data schemes mandating data sharing in sectors beyond banking. It weakens GDPR-derived protections by broadening the definition of legitimate interests and scientific research. Part 2, which gives legal force to the digital identity trust framework, came into force in December 2025.

All personal data held by public sector bodies financial data health data identity data

Active

DWP

Universal Credit — Real-Time Financial Surveillance of Benefits Claimants

6 million+ claimants

Universal Credit claimants are subject to real-time monitoring of their bank accounts, earnings, and financial behaviour. The DWP receives automated data feeds from HMRC and has direct data access agreements with banks and building societies. Claimants must report all financial changes within a set timeframe or face sanctions. The system disproportionately surveils people in poverty — creating a two-tier society where benefit dependency means accepting financial surveillance as a condition of receiving support.

Bank statements earnings savings spending property ownership relationship status household composition