UK court clears post office staff convicted due to ‘corrupt data’

Those postmasters defending charges of theft against them in the 2000s should not have had to prove that the computer system they were forced to use had bugs. In order to prosecute them in the first place, the Post Office should have had to prove, beyond a shadow of a doubt and without risk of bias, that the computer system was correct. So, independent review at the very least, not testimony from parties with a vested interest in the outcome. This mess was as much a failure of the UK legal system as it was of the active efforts of the Post Office and Fujitsu to deceitfully protect their own interests above the postmasters affected.<p>It&#x27;s like a murderer giving evidence against a random stranger and being believed at face value because they provided all the evidence first hand.

Private Eye magazine (a satirical investigative news magazine) has covered this for many years, and have an excellent report for anyone interested: <a href="https:&#x2F;&#x2F;www.private-eye.co.uk&#x2F;pictures&#x2F;special_reports&#x2F;justice-lost-in-the-post.pdf" rel="nofollow">https:&#x2F;&#x2F;www.private-eye.co.uk&#x2F;pictures&#x2F;special_reports&#x2F;justi...</a> [PDF]<p>Glad to see them finally have their names cleared, and can only hope prosecutions will follow as a result, utterly shameful how the Post Office, Fujitsu and others behaved. For example:<p>&gt; A Fujitsu programmer from the time, Richard Roll, who would become a key witness in the sub-postmasters’ high court case against the Post Office in 2019, told the Eye that Horizon was one the company’s few profitable contracts. Among other private sector deals, it was also lining up a key role in the mother of all government IT splurges, New Labour’s £12bn NHS IT project (Eyes passim ad nauseam). Fujitsu could ill-afford either bad publicity or the penalties that came with software faults. “We would have been fined,” said Roll, who worked at the company between 2001 and 2004. “So the incentive was to pretend it [software error] didn’t happen”, while running “a constant rolling programme of patches to fix the bugs”. Fujitsu “would basically tell the Post Office what they wanted to hear”. So prolific did Roll’s bug-fixing team become it won the company’s President’s Award for outstanding corporate contribution in 2002. And the quick-fix, ask-no-questions approach that suited Fujitsu financially enabled the Post Office to hold the line that blame for all branch shortfalls must lie with the sub-postmaster.The Fujitsu insider concluded that errors leaving sub-postmasters out of pocket were inevitable. Could that mean hundreds of them? “Given there were [about] 20,000 post offices when I was at Fujitsu and the sort of problems we were dealing with all the time, yeah,” he told the Eye. “Sounds reasonable.”

<a href="https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses-knew-about-Post-Office-Horizon-IT-flaws-says-insider" rel="nofollow">https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses...</a><p>&gt;For the first 10 years of Horizon’s existence, transaction and account data was stored on terminals in each branch before being uploaded to a central database via ISDN. Our source says this part of the system simply did not work.<p>&gt;“The cash account was a piece of software that sat on the counter NT box, asleep all day,” he said. “At the end of the day, or a particular point in the day, it came to life, and it ran through the message store from the point it last finished. It started at a watermark from yesterday and combed through every transaction in the message store, up until the next watermark.<p>&gt;“A lot of the messages in there were nonsense, because there was no data dictionary, there was no API that enforced message integrity. The contents of the message were freehand, you could write whatever you wanted in the code, and everybody did it differently. And then, when you came back three weeks later, you could write it differently again.”<p>And down further<p>&gt;Speaking to Computer Weekly in 2015, the anonymous source told us: “The asynchronous system did not communicate in real time, but does so using a series of messages that are stored and forwarded, when the network connection is available. This means that messages to and from the centre may trip over each other. It is perfectly possible that, if not treated properly, messages from the centre may overwrite data held locally.”<p>&gt;Four years later, former Fujitsu engineer Richard Roll wrote in a witness statement to the High Court: “The issues with coding in the Horizon system were extensive. Furthermore, the coding issues impacted on transaction data and caused financial discrepancies on the Horizon system at branch level.”<p>BUT the most important part<p>&gt;So far, nobody at the Post Office or Fujitsu has been held accountable

The first bizarre part to me about this fiasco is that accounting, as a discipline, is one that is designed to catch errors. Put it another way: it assumes errors will occur. This is why in shops, for example, you&#x27;ll have manual stocktaking (ie let&#x27;s verify what&#x27;s in the store is what the computer thinks is in the store) and in any business you&#x27;ll have reconciliation processes to find and remedy errors.<p>This highlights a key part of systems design. A key question you should be asking is: what happens when this fails? Note that&#x27;s &quot;when&quot; not &quot;if&quot;.<p>So something like Horizon should be used to flag cases for reviews. If a branch is found ot have a cash shortfall suggesting possible theft then there has to be a reconciliation possible to identify if the computer system was wrong.<p>Bugs happen too. How do they ever have confidence in the system and fix bugs if they can&#x27;t determine if a given flag is a false or true positive?<p>But instead the system&#x27;s output was taken as gospel with no possibility of verification. I&#x27;m of the belief that if you can&#x27;t verify anything the system outputs, particularly for something in a discipline so used to verification as a concept, then that signal is worthless. The fact that convictions happened as a result of this is a crime. This is the UK and not the US so sadly that compensation will probably be limited to nonexistent.<p>As an aside, this is exactly why electronic voting should be outlawed. You need paper ballots (that can be counted electronically) as a verification measure. And the fact that we even have to debate that makes me sad.

Software is in the walls. At some point legislators are going to come and ask the question how we stop things like this happening and if the Fujitsu&#x27;s of the world don&#x27;t have an answer then we can expect regulation that will likely embed practices that don&#x27;t help.<p>I don&#x27;t think we take software reliability seriously enough, most of our focus is on speed of release, ever quicker cycles and it being OK to break things. This culture ruined these peoples lives. Things must change. This isn&#x27;t a unique issue to Fujitsu it is something most of the software industry is doing, this story could be about just about any piece of software.

This is unreal. Shitty software sending people to prison without anyone in the process considering what exactly is the likelihood of hundreds of postmasters simultaneously becoming thieves overnight.

<a href="https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses-knew-about-Post-Office-Horizon-IT-flaws-says-insider" rel="nofollow">https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses...</a><p>&gt;For the first 10 years of Horizon’s existence, transaction and account data was stored on terminals in each branch before being uploaded to a central database via ISDN. Our source says this part of the system simply did not work.<p>&gt;“The cash account was a piece of software that sat on the counter NT box, asleep all day,” he said. “At the end of the day, or a particular point in the day, it came to life, and it ran through the message store from the point it last finished. It started at a watermark from yesterday and combed through every transaction in the message store, up until the next watermark.<p>&gt;“A lot of the messages in there were nonsense, because there was no data dictionary, there was no API that enforced message integrity. The contents of the message were freehand, you could write whatever you wanted in the code, and everybody did it differently. And then, when you came back three weeks later, you could write it differently again.”<p>And down further<p>&gt;Speaking to Computer Weekly in 2015, the anonymous source told us: “The asynchronous system did not communicate in real time, but does so using a series of messages that are stored and forwarded, when the network connection is available. This means that messages to and from the centre may trip over each other. It is perfectly possible that, if not treated properly, messages from the centre may overwrite data held locally.”<p>&gt;Four years later, former Fujitsu engineer Richard Roll wrote in a witness statement to the High Court: “The issues with coding in the Horizon system were extensive. Furthermore, the coding issues impacted on transaction data and caused financial discrepancies on the Horizon system at branch level.”<p>BUT the most important part<p>&gt;So far, nobody at the Post Office or Fujitsu has been held accountable

<i>&gt; In the latest chapter of one of the biggest miscarriages of justice in English legal history, 39 people who were prosecuted</i><p>Meanwhile in the Netherlands, ~26000 people have been branded as fraudsters by the tax office due to a way too strict child benefits law. More than 100 probably entirely innocent people fled the country. Even the compensation that is now promised is only slowly trickling towards them, and likely to be snatched up by debt collectors - including even the tax office itself, which is still partly unrepentant. Okay, they haven&#x27;t been sent to jail directly, but the scale of this is huge.

For background and more information, Private Eye Special Report: &quot;JUSTICE LOST IN THE POST: How the Post Office wrecked the lives of its own workers&quot; (PDF) <a href="https:&#x2F;&#x2F;www.private-eye.co.uk&#x2F;pictures&#x2F;special_reports&#x2F;justice-lost-in-the-post.pdf" rel="nofollow">https:&#x2F;&#x2F;www.private-eye.co.uk&#x2F;pictures&#x2F;special_reports&#x2F;justi...</a>

&gt;So far, nobody at the Post Office or Fujitsu has been held accountable<p>And this is the most important part.

I&#x27;m sure it&#x27;s a coincidence that Fujitsu was also heavily involved in the NHS IT fiasco which cost the NHS £10B. &#x27;the biggest IT failure ever seen&#x27;. The Fujitsu UK chairman is also a large Conservative party donor of course - also a complete coincidence. <a href="https:&#x2F;&#x2F;www.vice.com&#x2F;en&#x2F;article&#x2F;59x7wz&#x2F;fujitsu-uk-sues-department-health-simon-blagden-tory-donor" rel="nofollow">https:&#x2F;&#x2F;www.vice.com&#x2F;en&#x2F;article&#x2F;59x7wz&#x2F;fujitsu-uk-sues-depar...</a>

The link out to another story[1] has some interesting details...<p><i>&quot;In December 2019, at the end of a long-running series of civil cases, the Post Office agreed to settle with 555 claimants.</i>&quot;<p>So settlements in 555 of the original 700+ prosecutions.<p><i>&quot;It accepted it had previously &quot;got things wrong in [its] dealings with a number of postmasters&quot;, and agreed to pay £58m in damages. The claimants received a share of £12m, after legal fees were paid.&quot;</i><p>But 80% of the settlement money went to lawyers. Ugh.<p>[1] <a href="https:&#x2F;&#x2F;www.bbc.com&#x2F;news&#x2F;business-56718036" rel="nofollow">https:&#x2F;&#x2F;www.bbc.com&#x2F;news&#x2F;business-56718036</a>

An (IMO) Interesting question is how to reduce the risks of things like this happening.<p>Where evidence from IT systems is being used as a large part of a prosecution, it seems that it should have some kind of scrutiny as to how those systems operate.<p>One option would be allowing the defence to see details of how the system works, testing that was done and known bugs, but that would require a lot of expensive work by legal defence teams, especially where the system is complex.<p>Another option would be some kind of certification of IT system operation, but again it would be hard&#x2F;expensive to do and very incompatible with rapid development techniques.

Presumably to put someone in prison for being a money thief, one would need to prove where that money went...<p>Were all these people accused of theft with not a single record of the yachts they bought with all the money they supposedly stole?<p>I would assume most of these people would be able to turn over a complete financial record of their lives (ie. I was paid £x, I paid taxes of £y, and here is a bank statement showing how I spent it, and here is whats leftover). How exactly can you imprison someone for theft of money if they can present that?

Also - more technical background: <a href="https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses-knew-about-Post-Office-Horizon-IT-flaws-says-insider" rel="nofollow">https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses...</a>

Such a terrible story. I&#x27;m surprised it hasn&#x27;t been more prominent within the tech community. Many dozens of lives were ruined.

Did no one ever ask where was the money? These people all had these huge short falls, why did no one go to find the cash?<p>That&#x27;s financial crimes 101

&gt; The Post Office settled the civil claim brought by 555 claimants for £57.75m – amounting to £12m after legal costs – without admitting liability<p>That&#x27;s some £20&#x27;000 each. A pittance for years of suffering and inability to work.

<a href="https:&#x2F;&#x2F;www.judiciary.uk&#x2F;judgments&#x2F;hamilton-others-v-post-office-limited&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.judiciary.uk&#x2F;judgments&#x2F;hamilton-others-v-post-of...</a><p>The judgment is blistering.

This and the John Deere bug posted earlier make me a bit concerned over the accumulating evidence of unreliable software ruining people&#x27;s lives...<p>What can be done? Mandatory audits, pen testing?<p>If this is an organizational problem, more vacation? limiting overtime? rethinking employee incentives?

A shocking injustice. Innocent people went to prison for years. There was clearly a cover up at Fujitsu and the Post Office, and those accountable should now be prosecuted.

&gt; software engineer Richard Roll<p>Risky click.

Unfair but as a spectator so frustratingly lacking any proper answers. It seems nobody could ever even work out if any money was missing or not. Let alone why. No closure. Just official judgement that no one knows...

BBC radio 4 did a thing about this, even when the post office knew they kept going throwing people in prison. It&#x27;s so depressing. What&#x27;s also depressing is that people trusted this software. How did the defence teams never question it properly the first time. I mean if it&#x27;s a ledger, prove it works.

There&#x27;s a great 10 episode Podcast on this debacle on BBC Sounds:<p><a href="https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;sounds&#x2F;series&#x2F;m000jf7j" rel="nofollow">https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;sounds&#x2F;series&#x2F;m000jf7j</a><p>It&#x27;s really well paced and includes contributions from many of the sub-postmasters affected by this scandal.

What&#x27;s more likely, hundreds of Postmasters where thieves or the system had a few bugs. How did this even happen?

Another article on the same<p><a href="https:&#x2F;&#x2F;www.theverge.com&#x2F;2021&#x2F;4&#x2F;23&#x2F;22399721&#x2F;uk-post-office-software-bug-criminal-convictions-overturned" rel="nofollow">https:&#x2F;&#x2F;www.theverge.com&#x2F;2021&#x2F;4&#x2F;23&#x2F;22399721&#x2F;uk-post-office-s...</a><p>As a software person, I would like to read a more detailed post-mortem on the issue from a code, engineering and project management point of view: e.g. who built this software, when, with what process, with what safeguards, and how did they fail? Was it in-house or outsourced, and if so, to who? Did it run on-premises? What checksums, what backups? What lessons, if any, did they learn and what can we learn?

Related articles that submitters and commenters have pointed out:<p><a href="https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;news&#x2F;business-56859357" rel="nofollow">https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;news&#x2F;business-56859357</a> (also from today)<p><a href="https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses-knew-about-Post-Office-Horizon-IT-flaws-says-insider" rel="nofollow">https:&#x2F;&#x2F;www.computerweekly.com&#x2F;news&#x2F;252496560&#x2F;Fujitsu-bosses...</a><p><a href="https:&#x2F;&#x2F;www.private-eye.co.uk&#x2F;pictures&#x2F;special_reports&#x2F;justice-lost-in-the-post.pdf" rel="nofollow">https:&#x2F;&#x2F;www.private-eye.co.uk&#x2F;pictures&#x2F;special_reports&#x2F;justi...</a> [pdf]<p><a href="https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;sounds&#x2F;series&#x2F;m000jf7j" rel="nofollow">https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;sounds&#x2F;series&#x2F;m000jf7j</a> [podcast series]<p>Edit: posted later but might as well add it here:<p><i>Convicted Post Office workers have names cleared</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26924882" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26924882</a> - April 2021 (152 comments and counting)<p>Some past related threads - pretty sure there have been others:<p><i>UK Post Office: Error-laden software ruined staff lives</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26905528" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26905528</a> - April 2021 (3 comments)<p><i>UK legal system assumes that computers don&#x27;t have bugs</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=25518936" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=25518936</a> - Dec 2020 (24 comments)<p><i>Post Office scandal: Postmasters celebrate victory against convictions</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=24661321" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=24661321</a> - Oct 2020 (2 comments)<p><i>Faults in Post Office accounting system led to workers being convicted of theft</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=21795219" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=21795219</a> - Dec 2019 (103 comments)<p><i>Post Office hires accountants to review sub-postmasters&#x27; computer claims</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=4143107" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=4143107</a> - June 2012 (1 comment)

“It is hard to imagine a more stupid or more dangerous way of making decisions than by putting those decisions in the hands of people who pay no price for being wrong.” – Thomas Sowell

Outrageous that so many people&#x27;s lives were blown up by this. Relieved to hear the court ordered in their favour.<p>I wonder if the post masters can now go after the Post Office for damages?

A lesson to test your code and take action based on costumer feedback. I’m curious to learn what was Fujitsu’s position during those investigations.

The company I work for ships hundreds of packages through RM. The RM tech I&#x27;ve seen is a mess. Makes me wonder what it&#x27;s like behind the scenes. Just one lowlight I&#x27;ve come across, this comment can be found in the HTML for one of their portals:<p><pre><code> &lt;!-- $Revision: #6 $ $Change: 54072 $ $DateTime: 2004&#x2F;02&#x2F;16 15:56:30 $&quot; --&gt;</code></pre>

There&#x27;s a short but good podcast about the trial and how it affected people here: <a href="https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;sounds&#x2F;series&#x2F;m000jf7j" rel="nofollow">https:&#x2F;&#x2F;www.bbc.co.uk&#x2F;sounds&#x2F;series&#x2F;m000jf7j</a>

The idea that 700 people in the same job were all committing the same crime and constantly getting caught is insane. This is a perfect example of Orwell&#x27;s description of fascist Britain, where the people are made slaves of the state.

They made a computer that can&#x27;t add

&gt; the convictions of 39 former postmasters ... the UK&#x27;s most widespread miscarriage of justice.<p>There&#x27;s no way this is true.<p>&gt; There were more than 700 prosecutions based on Horizon evidence. The commission and the Post Office are asking anyone else who believes their conviction to be unsafe to come forward.<p>On second thought, I guess it may be, since even after the abuse was proven they are still holding innocent people on false charges.

Crappy software sends people to prison. Crappy software keeps people in prison (<a href="https:&#x2F;&#x2F;www.techdirt.com&#x2F;articles&#x2F;20210222&#x2F;12462746295&#x2F;arizonas-24-million-prison-management-software-is-keeping-people-locked-up-past-end-their-sentences.shtml" rel="nofollow">https:&#x2F;&#x2F;www.techdirt.com&#x2F;articles&#x2F;20210222&#x2F;12462746295&#x2F;arizo...</a>)

The Real travesty here is that people can&#x27;t afford to pay for their lawyers (let alone a software expert or QA to actually look at the code or test it) , they aren&#x27;t entitled to representation, so they have no option but to plead guilty.

<i>Repeating this comment that I posted yesterday...it is unfair?</i><p>Will any developers involved in this horrible scandal ever will be held accountable for their work?<p>I wonder if the developers who were responsible for such a bug-infested piece of software realise their work has destroyed people&#x27;s lives? (They presumably never met the users of their software or were so distant from end-users that they never considered the consequences of their actions.)<p>Do those developers even realise it was their incompetence that caused untold misery? Or are they completely detached from the events in this scandal and see themselves as simply cogs in the &#x27;system&#x27; and thus blameless?<p>Blame must be apportioned to management. But also I feel it&#x27;s too easy as a developer to see yourself as part of a team and thus absolved of any individual blame. You&#x27;re subsumed in the &quot;team&quot; - and ultimately no-one takes responsibly.<p>Even with management at fault, one cannot deny that it was the developers who produced absolute garbage.<p>I hope the developers who worked on this system, no matter how much they feel they are not responsible for the failure of this project, will reflect on how the impact of software they built had devastating consequences on people&#x27;s lives.

Of <i>course</i> it&#x27;s Fujitsu, purveyor of nearly every nonfunctional hit-and-run government IT contract in the UK and Ireland.<p>As far as I can gather this malignancy escapes permanent legal destruction primarily by shedding all of its staff every 20 minutes

Nick Wallis has been documenting the entire thing here for a long time: <a href="https:&#x2F;&#x2F;www.postofficetrial.com" rel="nofollow">https:&#x2F;&#x2F;www.postofficetrial.com</a><p>Today&#x27;s update isn&#x27;t there yet but should be shortly.

As: a postmaster<p>When: I use this software<p>Then: I should not be falsely imprisoned for 3 years.

I&#x27;m saving this article to show developers that your software can ruin lives. It doesn&#x27;t have to be used in aerospace or health care to matter.

What is the restitution in these cases? Will the victims be compensated for their losses and will the UK Gov and Fujitsu be held responsible?

It&#x27;s well worth listening to the radio show linked at the bottom of the article to understand just how heartbreaking this story is.

Was there actual wrongdoing that the buggy system allowed and made difficult&#x2F;impossible to trace or was it bugs all the way down?

A reminder to people who think they are safe from their government because they’ve “done nothing wrong” or “have nothing to hide”

I hope the people who served time get millions. I hope the people who covered it up go to prison.

Anyone expect that Post Office Ltd. and Fujitsu will face any significant repercussions?<p>Yeah, me neither.

This is insanity. We need legislators, lawyers and judges who are tech competent.

An undermentioned problem: how could something this bad have held up in court?

duplicate -ish<p>175 and 53 comments also posted 3 hours ago: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26913183" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26913183</a>

Anyone have more technical detail on the software or the bugs therein?

This is a similar story.<p>When ATMs were introduced in Canada in the 70s&#x2F;80s, it was common to believe they were infallible. When customers claimed they were short-changed by machines, often they were prosecuted for fraud or attempted theft.<p>I&#x27;m sure HNers can think of dozens of ways a machine could be wrong ...<p><a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Automated_teller_machine" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Automated_teller_machine</a><p>Also, regarding the Postmaster article, note that somebody working on that project would likely face great difficulty in convincing anybody there was a systems problem.

Typical BBC, not mentioning the man who committed suicide.