The Post Office Horizon IT scandal

Over recent years, in hindsight a ridiculously long time, I’ve been following the painfully drawn out scandal of the Post Office’s Horizon accounting system. It’s very rare for an internal accounting system to attract massive publicity, but this has been a special case. Many lives have been ruined by a mixture of bad software and truly dreadful management.

Now that the legal case brought by the victims has been successfully concluded I want to set out some of the my thoughts, and explain why I am appalled at the way that the Post Office, and its IT supplier, Fujitsu, behaved. My criticisms are not moral judgments, but are based on my experience in IT auditing, fraud investigtion and software testing. The Horizon case had many features that should have alerted a good internal audit department to some fundamental problems.

In “Errors and accuracy”, part one of the three part series I wrote in 2020, I look at system and user errors, the level of accuracy that systems must have, and the lamentable attitude of the Post Office.

In the second part, “Evidence & the ‘off piste’ issue”, I explain why I was dismayed at the aggressive way that the Post Office investigated and prosecuted alleged fraudsters and did so even though its working practices, and those of Fujitsu, undermined confidence in the integrity of their systems and data. Having worked as an IT auditor on system audits and fraud investigations this is as an aspect of the case I found particularly shocking.

The final post of the initial series “Audit, risk & perverse incentives”, discusses how internal auditors have to be strongly independent and think about risk in a different way from the senior executives. The Post Office’s internal auditors do not seem to have been strong enough to do the job they were paid for.

I returned to the Horizon scandal in “Privileged accesses – an insight into incompetence at Fujitsu and the Post Office”. In this post I explain how Fujitsu and the Post Office failed to apply basic managerial controls to the holders of high user privileges. These were controls that, in my experience, should be set up carefully at the very start of an outsourcing contract.

I also discuss in some detail issues arising from the Horizon case in “Bugs are about more than code”. The judge in the Horizon court cases dealt at length with the question of system reliability and the nature of bugs. His findings have implications for the way that testers think about bugs, reliability and evidence.

In November 2020 the Digital Evidence and Electronic Signature Law Review (DEESLR) published my article about the scandal, “The Post Office Horizon IT scandal and the presumption of the dependability of computer evidence”. English law presumes that computer evidence is reliable unless some reason to doubt it is uncovered, either by the other side in the dispute, or by the provider of the evidence also disclosing weaknesses. My article explains in detail, and at length, why the nature of computer systems renders this presumption unjustifiable.

In November 2021 the DEESLR published a paper to which I contributed, “Recommendations for the probity of computer evidence”. This presented the case for replacing the presumption that computer evidence is reliable. My contribution was to ensure that the proposal was practical, that the documents expected of the providers of computer evidence would be readily available in organisations that managed their IT responsibly.

In June 2022 the authors of that paper followed up with a briefing note to make the same argument keep the topic visible, “The legal rule that computers are presumed to be operating correctly – unforeseen and unjust consequences”.

I wrote a second lengthy, heavyweight article for the DEESLR, published in March 2022; “The Post Office IT scandal – why IT audit is essential for effective corporate governance”. The Post Office implemented an elaborate and credible corporate governance model. However, the people responsible for applying that model clearly failed to do their job, as I explain. There were ample, clear warning signs that should have been prompted competent and responsible IT auditors to conduct a rigorous system audit of Horizon. It never happened.

In May 2022 I produced a 22 minute presentation for the Kent Centre for European and Comparative Law (KCECL), at the University of Kent, “The myth of perfect software – IT audit and governance aspects of the Post Office scandal” (yes, the title is a deliberate nod to Gerald Weinberg). This was for an event on 21st May devoted to the Post Office scandal.

The KCECL produced a video of the event, and published it here, along with my presentation and an interview with Rebecca Thomson, the Computer Weekly journalist who originally brought the scandal to public attention back in 2009.