Graph database company Neo4j has acquired intelligence platform GraphAware, pitching an air-gapped, no-kill-switch stack for police and government agencies wary of US-controlled spy tech. The deal lands the same day Europe unveiled its Technological Sovereignty Package, sharpening a debate about who really controls the data held inside public sector software.
Neo4j has acquired GraphAware, an intelligence analysis platform built on its graph database, and is positioning the combined product as an alternative to Palantir, the US data-mining firm whose software increasingly underpins Western policing and intelligence work. The pitch is unusually blunt for a database company: the system can be deployed in an air-gapped environment, does not call home, and, in the words of GraphAware CEO Michal Bachman, "no one can turn it off."
That phrasing is not marketing flourish. It speaks directly to a fear that has moved from think-tank papers into government procurement meetings over the past year. The concern is that software supplied by US vendors, even when running on European soil and holding European citizens' data, remains subject to American legal authority. If a US court or agency compelled a vendor to act, the customer might lose access to its own systems or have its data exposed, with little recourse.
What happened
Neo4j, which makes one of the most widely used graph databases, bought GraphAware, a firm that had already built an intelligence platform on top of that database. GraphAware's product competes with Palantir's Gotham, the system designed for defense, intelligence, and law enforcement agencies that connects scattered records, surveillance feeds, and case files into a single searchable picture of people and their relationships.
Neo4j CEO Emil Eifrem told The Register that the "no-kill-switch kind of thing" is "increasingly becoming a requirement." The acquisition had been in the works for some time, but the announcement arrived on the same day the European Commission unveiled its European Technological Sovereignty Package, a set of measures aimed at strengthening Europe's own capacity in semiconductors, AI, cloud, and open source. The convenient overlap let Neo4j frame a commercial product launch as a contribution to a continental policy goal.
The legal basis for the worry
The sovereignty anxiety is grounded in a specific and well-documented gap. Under US law, particularly the CLOUD Act, American authorities can compel US-based providers to hand over data they control regardless of where in the world that data physically sits. A server in Frankfurt does not place the data beyond the reach of a US warrant if the operator answers to US jurisdiction.
The abstraction became concrete in June 2025, when Microsoft, under oath in a French court, conceded it could not guarantee that data held on its servers would stay beyond the reach of American authorities if those authorities demanded access. For European data protection officers, that admission confirmed a tension that the EU's own General Data Protection Regulation is supposed to manage. GDPR restricts transfers of personal data to jurisdictions that do not offer equivalent protection, and the lawfulness of moving European data into systems reachable by US legal process has been litigated repeatedly, most prominently in the Schrems cases that twice struck down transatlantic data-sharing frameworks.
An analysis of European dependence on US technology identified Identity and Access Management as a particular weak point, with Microsoft's Entra ID operating as a near-monopoly with few credible alternatives. Control over identity is control over access, and a single dependency there can function as exactly the kind of leverage point critics describe as a kill switch.
Why the architecture matters
GraphAware's argument rests on how the software is built rather than on promises about how it will behave. According to Bachman, customers are not locked into any third party to keep the system running, because it is based on open architecture and open standards. The underlying Neo4j database follows an open-core model, and queries are written in Cypher, a query language closely aligned with GQL, the recently standardized open graph query language.
"Nothing in the platform modifies the data in a proprietary way. So if you want to export it, you can export it," Bachman said. That is the practical test of vendor lock-in. If data can leave in an open format, a customer can switch suppliers or run the system independently. If it cannot, the customer is dependent on the vendor's continued cooperation and good standing.
The deployment model carries the rest of the weight. The stack can run on-premises or in a private cloud, with the customer controlling where it sits and where data is stored. Crucially, it can run air-gapped, fully disconnected from the internet, which removes any technical channel through which a remote party could disable it or pull data out. Palantir, by contrast, is mostly delivered as software-as-a-service in the public cloud, though it too can be deployed in private cloud or on-premises configurations.
For an agency holding sensitive records, the difference is meaningful. An air-gapped, exportable, open-standards system reduces the number of outside parties who can interfere with operations or compel disclosure. It does not eliminate every risk, since the vendor still ships updates and the customer still has to secure the deployment, but it changes the threat model from "trust the provider's jurisdiction" to "control your own infrastructure."
Impact on users and the public
The people whose data sits inside these platforms are not the customers. They are the subjects: individuals logged in police intelligence systems, healthcare patients, and members of the public whose records flow into government databases. They have no say in procurement and limited visibility into how their information is processed or who can reach it. That is why digital rights advocates treat the choice of intelligence platform as a civil liberties question and not merely a technical one.
In the UK, scrutiny of Palantir has intensified. Lawmakers last week warned that the firm's growing footprint across the public sector represented an "unacceptable point of weakness" and pressed the government to use the 2027 break clause in the NHS Federated Data Platform contract, which is built on Palantir's Foundry system. The platform handles health data for tens of millions of people, and concentrating that data in a single US-controlled system raises both sovereignty and accountability concerns. Separately, Palantir won a £9 million contract to run UK firearms licensing, placing records on guns, explosives, and poisons into the hands of a CIA-backed vendor.
Palantir's leadership has shown little interest in softening the controversy. CEO Alex Karp said last year the founders set out to build a company that could "power the West to its obvious innate superiority," and earlier claimed AI would mean Western economies no longer need immigration. For agencies weighing reputational and political risk alongside technical fit, those statements are part of the calculation.
Eifrem framed the acquisition partly in cultural terms, pointing to a decades-long decline in trust in centralized institutions and a media environment fragmented by social platforms and podcasts. Whether one reads that as healthy decentralization or as erosion of shared institutions, the commercial logic is consistent: agencies and citizens increasingly want systems they can audit and control rather than black boxes operated from elsewhere.
What changes
For now, the most concrete shift is that buyers in the intelligence and law enforcement market have a second serious option with a different ownership and deployment story. Competition matters here because monopoly in critical public infrastructure is itself the risk that sovereignty policy is trying to address. An exportable, open-standards alternative gives procurement officers leverage they did not previously have, even with vendors they ultimately stick with.
The harder questions are not resolved by an acquisition. Open architecture reduces lock-in but does not by itself guarantee strong oversight of how intelligence platforms are used, what data they ingest, or how the relationships they infer affect real people. Air-gapping protects against remote interference but can also make external auditing harder. Sovereignty and accountability are related but not identical, and a system that no foreign government can switch off can still be misused by the agency that runs it.
What the deal does signal is that digital sovereignty has graduated from policy rhetoric to a feature buyers will pay for. When a database company markets "no one can turn it off" as a headline benefit, the market has already concluded that the kill switch is real enough to design around. For users whose data sits inside these systems, the useful test will remain the same regardless of which vendor wins: who controls the data, who can compel its disclosure, and whether anyone outside the organization can be held to account for how it is used.
Comments
Please log in or register to join the discussion