Hacker News new | past | comments | ask | show | jobs | submit login
Post Office lied and threatened BBC over Fujitsu dev whistleblower (bbc.co.uk)
525 points by johndunne 9 months ago | hide | past | favorite | 298 comments



This Post Office scandal is currently ongoing in the UK. The Fujitsu developer in question confirmed what the Post Office was denying, that the Horizon software at the center of the scandal, had implemented methods for secretly editing accounts. Approx 700 postmasters (self-employed managers of Post Office branches) were held responsible when large amounts of cash appeared to have vanished from tills, resulting in prosecutions for fraud and theft. I know someone who was affected by this, who managed a now-closed Post Office branch here in Wakefield, UK and it was a life ruining ordeal for her. She was accused of stealing £1,000's in cash. I'm not sure if it was a bug or someone remotely changed the account records for her branch, but the campaign the Post Office ran to smear any accusations of wrongfulness on the part of the Horizon software is shocking.


> currently ongoing in the UK

To be precise it is finally getting some of the attention it deserves, both from the public and from the government.

The miscarriages of justice date from 1999 until 2015, and the high court ruling (about the software being faulty) that finally stopped the flow of convictions dates from 2019, almost five years ago. Very little happened since then, and in particular no one has been held accountable.

If that delay sounds absolutely bonkers to you then yes, that is what everyone else thinks as well.


> Very little happened since then, and in particular no one has been held accountable.

Even crazier. The Post Office just recently lowered(!) the amount of money they allocated for compensations: https://www.bbc.co.uk/news/business-67784706

They basically allocated a pot of money to pay the people they have harmed off. But these people had to actively go out and request their conviction to be overturned. Which of course many people were reluctant to do, since it means they would be upturning their life again, and going to court and finding lawyers and etc. They understandably have very little trust in the system. So Post Office just shrugged and decided they don't need to keep that much money around.


And all the while Horizon is still in use and still making money vanish - via both bugs and the £95 million paid to Fujitsu to keep it going for another two years: https://www.bbc.co.uk/news/business-67940125


> Even crazier. The Post Office just recently lowered(!) the amount of money

It's even worse: they're still fighting hard against the appeals, heaping more misery on the people trying to turn their lives around!


What exactly does ‘fighting hard’ mean? I got the impression that the judges weren’t very impressed with at least some of their appearances in court.


They're hiding/losing evidence such as emails and refusing to answer questions.


They offer token settlements, require the victim to provide lots of evidence they wouldn't have, and expect them to pay for their own lawyers to invoke legal arcana that would get them a just compensation.

https://www.taxpolicy.org.uk/2024/01/11/hss_scandal/


They hire expensive lawyers who are experts in making black look white.


I think you highlighted it right there. They’re fighting even the slam dunk appeals, which is fucking disgusting, in my opinion.


Sounds like lawyers are at the driving seat


IANAL but in my experience, the lawyers would say "doublecheck everything and if we're wrong, pay them so I don't have to spend a lot of effort litigating this". No, I would bet it's a combination of PR flacks and MBA/C-levels who would rather ruin lives than take a clear L on their record.


Effort = income, so I don't see why certain lawyers would not be willing to do the case.


Lawyers don't like losing cases.


This is the leadership instructing the lawyers to fight the case. They can stop it at any time but they choose to continue the misery of their victims instead of admitting fault.


Seems one of the former senior executives of Fujitsu now runs a gov't agency that handles contracts to digital services vendors like...Fujitsu.

Not sure how the legal authorities work in the UK but people have to be held accountable, regardless of political party. One would think the government's legal authorities have to act on behalf of the citizens not just in holding persons criminally responsible but also compensating victims.

https://democracyforsale.substack.com/p/tory-donor-fujitsu-p...


The little that happened can be summarized as: the Post Office CEO from 2015 to 2019 got a CBE when she stepped down.


For those not from the UK like myself that had to figure out what CBE is - it stands for a title called Commander of the Order of British Empire. It’s granted to honor notable service in various areas, including public works like the Post Office. This acronym is apparently common enough to people from the UK that news stories within the UK call it CBE without explaining what the acronym means, so your average UK citizen must know exactly what it means.

Most people from the USA are probably familiar with the term “knighthood” or “being knighted” from the UK which is referring to the same award process but higher ranking. The two titles above CBE apparently are what knighthood refers to, known as KBE/DBE (Knight/Dame Commander of the Order of British Empire) and GBE (Knight/Dame Grand Cross of the Order of the British Empire, the highest honor). So CBE is essentially the third highest honor that can be granted in this fashion.

Related to the story, it seems like the CEO in question was forced to give up the CBE title two days ago in relation to this scandal


There are a bunch of different orders you can get knighted in, the British Empire is just one of them, for example the fictional James Bond has a CMG, (Companion of the Most Distinguished Order of St Michael and St George), and the actor Daniel Craig who played him also has a CMG, although unlike Bond he has not turned down a KCMG (Bond turns down the knighthood because it makes you more of a public figure which is undesirable for an active secret agent whereas it's no problem for an actor).

The Order of St Michael & St George is also famous because it's how the "Yes, Minister" joke works: CMG stands for "Call Me God". And KCMG for "Kindly Call Me God" / What does GCMG stand for? / "God Calls Me God".

She was not yet "forced" to give it up, although that is likely the end result. These honours are notionally bestowed by the Monarch (so these days, Charlie) under advice, so a committee will decide that yup, Paula clearly shouldn't have this honour, take it away, and Charlie will sign the appropriate paperwork. What she's done so far is write asking that it be taken away, which is almost nothing.


Her name is Paula Vennells.

I take this opportunity to reinforce the association of her name with the scandal in future web searches.


So, Paula Vennells's Post Office scandal?


Yep, the same Paula Vennells that got a CBE in 2019 for services to the Post Office.

https://www.gov.uk/government/people/paula-vennells


Empire strikes back.


Interesting, thanks for sharing. Based on your comment I looked it up and found 6 other orders, including Order of Saint Michael and George that you mentioned. OBE is apparently not the most prestigious one, the highest and most prestigious one is apparently called The Most Noble Order of the Garter. Interesting slice of old royal UK culture.


Yes. The Garter and the Thistle (and the Order of Merit) are exclusively small and also in the personal gift of the sovereign. The Order of the British Empire is much larger and appointments are made on advice from the government.


Just to clarify, I doubt many people from the UK would know off hand what CBE stands for even though they know what a CBE is. The full name is pretty archaic in any case so it's basically just trivia at this point.


Really? I was under the impression this was common knowledge. Certainly within my family.


She said she will give it back. Which doesn't mean anything, King Charles would have to agree to it.

She didn't say she would give back the associated money she got.


She was CEO from 2012 and started at the Post Office in 2007 as group network director. She may not have started the miscarriage of justice, but she certainly doubled down on it.


She was also, until very recently, an Anglican minister.


  "Ordener hænger man paa Idioter,
  Stjærner og Baand man kun Adelen gier,
  men om de Mallinger, Suhmer og Rother,
  man ej et Ord i Aviserne ser.
  Dog, har man Hjærne,
  kan man jo gjærne
  undvære Orden og Stjærne."
(A verse from a satirical song from 1790 -- "orders are hung on idiots".)


Once that happens what is the process to overturn the old convictions?


> I'm not sure if it was a bug or someone remotely changed the account records for her branch...

From https://www.theguardian.com/uk-news/2024/jan/09/how-the-post...:

> One [bug]...would see the screen freeze as the user was attempting to confirm receipt of cash. Each time the user pressed “enter” on the frozen screen, it would silently update the record. In Dalmellington, that bug created a £24,000 discrepancy, which the Post Office tried to hold the post office operator responsible for.

The fact that this is even possible, apart from the sheer incompetency of a software design that permits it, means that no person can reasonably be accused of stealing cash if that accusation is based on records from this system.


> would see the screen freeze as the user was attempting to confirm receipt of cash. Each time the user pressed “enter” on the frozen screen, it would silently update the record

Consider the shittiest homegrown shopping portal probably doesn't do that and any commercial point of sale system absolutely won't do that either. The system has to be such a POS internally that no other vendor will take the liability for it.

Reminds me of the Therac-25 that killed people. This thing probably killed more people than that.


This was custom software on custom hardware. Bit different from some web app with built in debounce.


So is basically any point of sale system. Realllllly not an excuse.


The underlying paradigms are the same and it is inexcusable


Compounded with the fact that the issue was happening all over the country. With a crazy number of different people - and still the issue was not investigated as a possible bug. Oh right, then lied about the whole thing.


Any word on consequences for the software engineers involved?


Welp, it'll be a fine, paid with other people's money and that's about it.

Jail. The people who knowingly lied and sent people to prison need to be jailed. Not fined, not given a handie, not allowed to simply retire. J.A.I.L.

They callously wrecked people's lives, including some that committed suicide.


Jail is not enough of a deterrent for the kind of enormous damage some of the involved have caused to society. For such large-scale, fully intentional, proven harm to society out of nothing but self-interest over a long period of time, stronger penalties than jail must be applied.


Such as? (Bearing in mind the ECHR)


Perhaps forced bankruptcy to personally pay back compensation to the Post Office. Follow the money the way they do with terrorists.


Beating them with pool cues about the head and shoulders until their retinas detach would be a great consequence.


Would you sign up as an executor? Or would you rather have some other sadist to do it?


You have no idea how fast I would jump to be the one with the pool cue. They would have to reconsider light being the fastest thing in the universe.

It's not about sadism. It's about people getting deserved consequences for actions that greatly harmed a large number of people.

Me? I'm just tired of watching it all.

Treat people reasonably, and not be a Snidely Whiplash level of asshat or you get the pool cue.


Echr?



European Court of Human Rights.


I loosely followed the discussion here on HN, but I don't see any mention of anyone from the Post Office being arrested/prosecuted/sentenced for this.

It seems that some people there abused their power and need to cool down behind bars.


It's insane to me that most of the heat is being directed at Fujitsu. Sure, there's definitely some culpability there, but the Post Office (especially their legal team) holds the vast majority of the responsibility. There's a lot weighing in on the multi-year investigation that (has been) ongoing, but I can't help but feel like they're waiting for the public furor to cool down before releasing anything.


> the Post Office (especially their legal team) holds the vast majority of the responsibility.

It really depends on what Fujitsu told which PO manager.


The Post Office also paid independent people to figure out where the problem is, and the answer was "Horizon is garbage, you can't rely on it". So, they fired those people.

https://www.bbc.co.uk/news/uk-england-lancashire-67921974

This a pattern we've seen before

1. "We aren't wrong, you are too involved to make an impartial decision. We need somebody independent to investigate"

2. "The independent investigation has finished, but we need to properly digest their report, so we can't tell you what they said yet"

3. "We've now realised the independent investigation was inadequate, everybody who worked on it was incompetent and its findings are useless so we've destroyed the report. We declare ourselves exonerated, we were right all along".

People tend to have this mistaken understanding of morality which assumes they're a good person and so therefore obviously what they did must be good (since they're a good person) and so they might need to uh, fix differences between the world as they've imagined it and the slightly less rosy reality.

For example sure, you know that stabbing Sarah in the throat resulted in Sarah becoming dead, but you had to do that, because you're a good person and Sarah was going to tell the Police that you'd stolen $18.5M from the business. You didn't steal that money! Sure, yes, you took the money and maybe you technically shouldn't have done that, but you had a 100% sure strategy for playing Blackjack and recovering the $800 000 you lost last month, except that you got a bit confused and lost all of the $18.5M, but that's not theft, that's just a minor mistake you will be able to soon fix, if only Sarah doesn't tell these lies about stealing and get you arrested. So you had to, it wasn't murder, it was really self defence. You're a Good Person!


> The Post Office also paid independent people to figure out where the problem is, and the answer was "Horizon is garbage, you can't rely on it". So, they fired those people.

A UK tradition!

> In 2009, the government came under fire when ACMD [Advisory Council on the Misuse of Drugs] chair David Nutt of Imperial College London was sacked for questioning government drug policy in public

https://www.chemistryworld.com/news/little-has-changed-in-uk...


As I understand it, there's an ongoing PPE thing as well.


Let me guess, they (also) only sacked people that went in one direction with respect to gov policy and not the other direction?


That implies that the Post Office didn't know about the true situation, but they most definitely did know about the issues, but continued to lie and fraudulently collect money from the sub postmasters affected whilst collecting bonuses for each successful prosecution.


In fact, they had recently shortlisted the lady in charge of the PO at the time to be the Bishop of London, because of course they had.


That's Paula Vennells and she was awarded a CBE for her role in running the Post Office. However, there's just been a petition that garnered over 1.2 million signatures for her to be stripped of her CBE and in response, she has "promised" to return it.

I, for one, don't believe her.


Apparently she can't "return" it, it has to be annulled by the British monarch.


I hope Charlie does that then, but it depends on whether he cares enough about it.

I think it would be fitting if a significant percentage of other people with CBEs started to return them with public statements about them not wanting to be associated with the likes of Paula Vennells.


It's not really on Charlie, any more than he's the one making the lists. His mother wasn't like "OH, we should honor that Post Office lady, I like receiving letters and I bet she's somehow responsible for that". She just got a list with Paula's name on it, along with various crooks, financiers, consultants, political hacks and maybe the odd charity worker.

Issuing Honours is something a Monarch does, but like declaring War or deciding what Laws should govern the country, they don't actually make decisions, that's a government problem.

So long as the general public were barely aware of a problem, this could skate along as not important for years, but now lots of people are angry because they saw a TV show and for once when they said "Hey this is terrible!" instead of "It's just a TV show it's not real you idiots" those of us who were paying attention are like "Yes, so what are you going to do about it?" which as we've seen puts pressure on government to actually do something.


To sort of answer my own question: - https://edition.cnn.com/2024/01/13/business/uk-post-office-f... - https://www.gov.uk/government/news/government-to-quash-wrong...

From the CNN article it seems like the police is going to get involved in this, so at least some good news for the people wrongfully prosecuted by the people charge of the Post Office.


I wonder if anyone thought that it seemed a bit far fetched for 100 postmasters to all steal money. Then when it was 200, it must seem doubly far fetched. Once 500 postmasters were caught "stealing" money, wouldn't someone wonder how they managed to hire 500 dishonest people. Typically when you catch one person you always wonder how many got away with it, so they catch 500 then there must be 5000 or 50 000 postmasters that were stealing without getting caught. How many post offices are there really in the UK?


>implemented methods for secretly editing accounts.

>not sure if it was a bug or someone remotely changed the account records

It seems to me that determining whether this was a bug or a deliberate backdoor that allowed someone connected to Fujitsu to change account values should have been one of the first priorities of the investigation. The CNN article I read before the BBC article didn't even mention this, it seemed to just imply that this was all a mistake or at worst the government/Fujitsu trying to coverup the fact that the software was shoddy.


Was it the post office itself that was dealing out charges? Like a post office inspector or whatever it's called? Or was it a normal police referral type thing?


Yes. The Post Office historically was wholly owned by the UK Government, so maintained its own private prosecutors instead of relying on the Crown Prosecution Service. This is why it was able to fight so hard to get convictions, they had the funds to pay their own expensive lawyers to do it.

This meant those that fought the charges and lost were then forced to "pay back" the money they "stole" and also pay the Post Office legal fees and being sent to prison. The scandal is sickening on literally every level you can imagine!


A good and sad example why trifecta and separation of powers is important in democracy.

No one should share the role of prosecutor, jury and judge.


It was only the prosecutor, not the judge or jury. The issue is that the Post Office lied to the judge and jury about their evidence.

There were a (relatively) small number of prosecutions from the CPS as well, which suffered from the same problem: the Post Office investigators gave the same bad evidence, which they used to convince a jury to convict.

I don't see how separation of powers helps here. I'm sure if I looked, I'd find cases in the USA where the police and/or prosecutors told a pack of lies based on dodgy evidence to secure convictions of serious crimes, too.


Prosecuting directly meant there was no outside eyes on a lot of the cases, no questions about if it was actually in the public interest to prosecute, or external assessment of the evidence before pushing for plea deals.

It's not a foolproof system, but I think most of the cases you'd find about 'dodgy evidence' would also mention a 'overly close relationship between police and prosecutors' - because fully independent prosecutors should be rejecting cases with dodgy evidence. The police can get a bit grumpy with CPS for being quite strict at times - but it holds them to work their next case properly.

The PO clearly managed to convince the CPS in a number of cases, but had they had to do that for all there would have been a lot less cases prosecuted in total, and I think there would have been questions about their system a lot sooner.

It might not have avoided the problem, but it would have been much needed additional oversight into what they were doing.


> It's not a foolproof system, but I think most of the cases you'd find about 'dodgy evidence' would also mention a 'overly close relationship between police and prosecutors'

So the separation of powers isn’t a magic solution to the problem then.


In the US the police are specifically allowed to lie to suspects, whereas British cops are not. If you can prove the police lied in a recorded interview or something used in evidence in court that's going to be a big problem for prosecutors in the UK but not in the US where it's expected.


We know they lied. Do we know specifically if they have been shown to have committed perjury?


I don’t think they perjured themselves which isn’t the same as saying they didn’t lie. It’s easy to not perjure yourself if you’re not asked the right questions.

The lie came from the fact they weren’t looking into their own evidence and realising something was up when they were prosecuting hundreds of sub-postmasters.


There’s been so much misconduct in public office I just wish there were some open and shut cases.


This was a regular court process, with an independent judge and jury. It’s just the prosecution was run directly by the post office and not the public prosecutor.

It still had very bad outcomes, and clearly with the prosecution not being independent enough, but it wasn’t an entirely closed process.


It's not quite regular. Normally, the (purported) victim and the prosecutor are not the same person. That's another thing that has been highlighted by this case: the fact that Post Office Ltd has inherited the ability to prosecute crimes committed against itself, rather than them being prosecuted independently by the Crown Prosecution Service.

(More on which at https://news.ycombinator.com/item?id=38969076)


> the fact that Post Office Ltd has inherited the ability to prosecute crimes committed against itself

Any private citizen or business in the UK has a right to prosecute crimes. It just costs a lot of money, so you can imagine how it's used (spoiler: large companies/wealthy individuals against poor people).


The Crown Prosecution Service also has the power to take over a case that is being prosecuted privately, and if they decide to take no further action on it, then the person/company that was doing the private prosecution no longer can.


You should have read the more-on-which first. (-:


The CPS also "successfully" prosecuted some cases based on the same evidence. If your key complainants are fabricating evidence that looks solid to a jury, separation of powers is not going to save you from the power of the state.

As I said in a related comment: if I looked hard enough, I imagine I'd also be able to find similar miscarriages of justice in the USA, too.


The key "complaints" of GP, as I understand them, are that being simultaneously the victim and prosecutor, the prosecutor-as-victim is more incentivized to use heavy handed tactics during the prosecution process.

Whereas a generic prosecutor has a bunch of cases of reports from victims that are not related to them, and thus if a case is not sufficiently strong, they'd normally just pick another case where the evidence is strong. They also have the responsibility to independently review the evidence from victims and police. These procedural checks didn't apply in the post office cases.

The procedural checks I mentioned above aren't fool-proof, but they're something.


> The key "complaints" of GP, as I understand them, are that being simultaneously the victim and prosecutor, the prosecutor-as-victim is more incentivized to use heavy handed tactics during the prosecution process.

I know what they wrote.

> The procedural checks I mentioned above aren't fool-proof, but they're something.

I pointed out the CPS itself also prosecuted cases based on the bad evidence provided to them, so the procedural checks also did nothing.


I think we're basically on the same page, diverging only on speculative items.

Do note that the fact that CPS prosecuted cases does not mean the CPS didn't throw out dubious cases. We only know the ones they did prosecute, but we don't know how many (if any) they did not prosecute. As I said, this is speculation.

I also speculate that if you send hundreds of fraud cases to the CPS they might be suspicious why the rate of criminal fraud among the post office workers is so high.

I agree there's no evidence that the "private" prosecutions made things worse, but it surely didn't help, and deprived the system of an opportunity (whether it would have been taken or not) to prevent the miscarriages in the first place.


Honestly, the fact the Post Office were marking their own homework almost certainly made everything worse, in my opinion. I’m just taking issue with the idea that it was the sole cause, as we similar things happen under different systems, too.


> I know what they wrote.

Clearly you do not, as I made no complaint; but merely pointed out how it wasn't quite the regular court process that tomalpha said it to be, and pointed out another thing that has been highlighted by the case. As it has been. A lot more people know this about Post Office Ltd than used to, and it is oft-discussed when the subject comes up.


Post Office Ltd is not "the state". At least nominally. It was privatized at the turn of the 21st century. As I just said, one of the things that this has highlighted for people is that a private company has a normal practice of pursuing criminal prosecutions (for fraud in this case) privately, rather than via the Crown Prosecution Service which is normal practice for almost every other private company or organization when it comes to criminal matters.

More on which, again, at https://news.ycombinator.com/item?id=38969076. And more on the expected consequences of this coming to widespread public attention, and another private organization that is a prolific private prosecutor, at https://news.ycombinator.com/item?id=38969548.


You’re correct, it’s not any more. I’m saying it used to be ;-)


Prosecutor and victim, extremely bad combination when a powerful organization is involved.



So apparently in UK law, the post office carry out their own investigations before taking charges to court (effectively replacing the police for internal post office charges) which sounds mental to me.


Lots of people have told you that anyone can bring a private prosecution. But they aren't telling the whole story. Post Office Ltd, by being a successor to the government monopoly of four centuries, is in a rather strange legal position.

The royal mail had all sorts of powers, historically, as it was a royally sanctioned monopoly, with a charter. The process of privatization left some odd conventions around, such as that it was normal for Post Office Ltd to prosecute things privately, when this has been exceptional for most other entities.

The Post Office used to prosecute for television licence offences, for example, and that only went away relatively recently compared to some of its historic powers. Historically, it had a monopoly over telephones and telegraphy, and some of the powers that the Post Office had in the 19th century were things like compulsory purchase of anyone running private telephone or telegraph systems or prosecuting people for traffic offences on the highway just because there was a mail coach involved.

The Post Office Act 1953 granted the Postmaster General some very sweeping powers, and set the bar quite low for proving fraud against the Post Office: basically, the Postmaster General's say-so for some elements. The Postmaster General also had to give consent to all prosecutions of offences against the Post Office, effectively putting prosecutorial discretion in the hands of the Post Office. And the Postmaster General also had the power to collect the fines upon conviction.

And that's part of how we ended up with the situation at the start of the 21st century.


>prosecute for television licence offences

The idea that you need a license to own a television and receive broadcasts in the UK and that the government actively prosecutes people who watch TV without a license always boggled my mind. Surely there is a more economically efficient and less absurd way to fund the BBC.

https://en.wikipedia.org/wiki/Television_licensing_in_the_Un...


It's not quite that, anybody in the UK can bring a private prosecution in the UK if the want, so the Post Office was not a special case here. It's really uncommon today, due to the cost, etc. and what often happens is that the "Crown Prosecution Service' which is the government organisation repsonsible for prosecuting crimes normally can 'take on' a prosecution and then choose discontinue it, which effectively stops it. Note that this is only the case in England/Wales, in Scotland the system is quite different. With that said, there are several organisations that do it still - the Royal Society for the Prevention of Cruelty to Animals (RSPCA) still regularly brings private prosectuions.

Historically, all prosecutions were private, and later, the police who investigated them carried them out.


    Between 1999 and 2015, an estimated 3500 staff employed
    by the state-owned Post Office service were accused of
    fraud, theft or malicious accounting.

    Almost 700 of them were convicted in courts and some 230
    were jailed.

    Most were legally compelled to repay the amounts they
    were accused of fleecing, resulting in bankruptcies,
    marriage failures, substance abuse and even suicides.

    There was just one not-so-little problem – virtually all
    of those people were innocent
Thats a lot of accusations and prosecutions don't you think, for it to go unnoticed or uninvestigated for such a long duration, dont you think?

Doesnt the UK have independent non-political bodies that watch the watchers? What about protections for whistleblowers who call these things out?

Frankly that sounds Banana-Republic-ish and not something you would find in a first-rate advanced economy.

[1] Inside the incredible and devastating postal service scandal that could bring down the UK government

https://www.news.com.au/finance/work/leaders/inside-the-incr...


It's been called out for a long time. I remember reading about this scandal at least 5 years ago, and it was old news then. It's only blown up now because of a TV show based on it, and the government finally getting off their ass to have a public inquiry about it. That's what's so frustrating about it: it should have been bloody obvious way sooner that there was an issue, it should have stopped when someone actually voiced the issue, and then it should have been put right as soon as it was obvious it was false. Instead it has taken years and years and years of fighting before anything resembling putting it right has occured.


There has already been a public inquiry, note. It started in 2020. It was set up by Boris Johnson. Yes, I know.


David Davis mentioned this on News Agents. It seems like a holdover from when it was simply an arm of the state, where it made sense that it could just handle its own enforcement (since it carried the power of the Crown). It's absolutely something that needs to be stripped away in the modern day.


It's not really a holdover because the UK allows ANYONE to bring a private prosecution. They just have the resources to do it at scale.


There are legal arguments recounted in modern law textbooks that the whole idea of private prosecutions in England and Wales is a hold-over nowadays. The argument goes that since CPS decisions are subject to judicial review, the raison d'être for private prosecutions, that they allow for bad exercise of public prosecutorial discretion to be corrected by private persons, no longer exists, since the bad exercise of discretion now has another remedy.

There is a fair groundswell of opinion, already driven by the bad reputation that the RSPCA, another prolific private prosecutor, has garnered, against private prosecutions. The Horizon thing only serves to fuel this, and I wouldn't be surprised if there were not soon a proposal to do away with all private prosecutions on the back of these, despite the fact that Post Office Ltd and the RSPCA are institutional private prosecutors, and there's nowhere near as strong a case that personal private prosecutors are a problem.


Stephen Lawrence parents took the option of a private prosecution. Everyone must have access to justice.


Anyone can bring a private prosecution (in England and Wales, at least. Scotland and Northern Ireland have different legal systems).

The Crown Prosecution Service can take over any prosecution at the discretion of the Director of Public Prosecutions, but they didn't seem to know (and/or care) what the Post Office were doing.


It's likely they won't step in if the organisation in question has the resources to handle prosecutions at the required scale. The CPS did prosecute some cases but it's hard to blame them since they were being lied to by the Post Office investigators.


Although everybody keeps going on about private prosections somehow being culpable for the scandal, it doesn't seem likely.

Consider that in Scotland, private prosecutions are much rarer and are only permitted in certain circumstances. The post office could not and did not do private prosecutions in Scotland. So, as a result, do we observe lower rates of prosecutions in Scotland than in the wider UK? Nope!

In fact, in Scotland there were 100 convictions, vs 700 in the UK as a whole. The conviction rate per capita, and hence injustice rate, was actually higher in the part of the UK doing public prosecutions, than in the part of the UK doing private prosecutions. Not exactly a vote of confidence.


It’s the same in the US. The US Postal Inspector is federal law enforcement within the post office.


Not the same at all. The Postal Inspectors are law enforcement, not attorneys. They don't do prosecutions at all, the court stuff is handled by the regular Federal Attorney's who work for the Attorney General. The Postal Inspectors are basically a specialized FBI, but like the FBI, once the cuffs are on the suspect it's out of their hands. Though they may be called to testify, prosecution decisions are made by a different group responsible to different people- literally the first point of overlap in the chain of command between a Federal Attorney and a Postal Inspector is the President of the United States (the FBI, as also part of the Department of Justice, overlaps at the Attorney General).


I imagine that in the US, the actual prosecution is handled by US Attorneys though (the DOJ), and not the Post Office


> which sounds mental to me

Isn't this very similar to how the United States Postal Inspection Service works? (although I think they don't prosecute themselves, but refer matters to the prosecution.)

I heard they are quite formidable and not to be trifled with.


How is this different from the US Postal Inspection Service?


PIS are investigators, police. They are not prosecutors, they bring the information they collect to a US Attorney- who works for the Attorney General in the Department of Justice, not the Post Office- who actually conducts the court cases.

In Law and Order: Postal Inspectors Jerry Orbach is a Postal Inspector, Sam Waterston is the Federal Attorney, and the closest boss who intersects in their respective lines of authority is literally the President of the United States.


Wait until you hear that the overwhelming majority of civil and criminal cases are ajudged by amateurs (magistrates) without any formal law qualification, who just happen to be local "grandees" or pensioners...

The UK justice system is not fit for purpose - unless the purpose is to let the upper classes get away with (almost literal) murder.


Is there a podcast that talks about this?




It's absolutely disgusting, and it may also allow a murder to go free (or someone incorrectly jailed for murder if you believe them).

Also, strange seeing my hometown mentioned on here!


My wife and I watched Mr Bates vs the Post Office, recently, it was one of those watches where you spend a lot of time yelling "How the fuck?! What the fuck?!" at the screen because the malice and dishonesty was so deliberate, so persistently maintained, lest the "brand" be sullied.

I've been following this story for years, I know BBC's Panorama covered it in 2015, and was really surprised there wasn't more of an outcry in the UK about such blatant unfairness, guess technical cases like this are really helped by a TV drama with quality actors making it easily accessible to the general population, as soon as ITV aired the miniseries, the petition to have Vennall's CBE stripped jumped from 7K signatures to 700K+, and she said she would return it. (not the golden handshakes and "performance" bonuses though lol)

I just can't believe that no-one has been held criminally accountable (yet) for the sheer (to quote the judges in the civil case) affront to justice that this represented - whether it was Post Office Limited (POL) misleading (well, lying to) the courts, or Fujitsu employees lying in prosecutions, or POL deliberately withholding evidence in their role as a prosecutor (wild that this power to prosecute as transferred from Royal Mail to the spun off entity), and some of the cynically legalistic games they played (like asking the judge to recuse himself for being biased against them, to further delay the outcome of the civil suit).

And the crap they pulled with the Second Sight independent analysis that they commissioned themselves...

I was just reading the Clarke Advice(s), and god-damn, I can't see how any former POL executives can claim "we honestly believed all that stuff we said in court, honest", after their own goddamn independent legal advice told them "stop these prosecutions, like now, your expert witness is full of shit" The 2nd Clarke Advice is a great read too, basically "STOP TRYING TO HIDE EVIDENCE, JESUS CHRIST".

Oh, and some of the code that turned up from Horizon in an internal Fujitsus report is egregiously bad (how do I turn x into -x or -x into x? What's -(-x)? nevermind, I got this), from what I've read, the team that wrote Fujitsus was considered low skilled and mocked by other groups within Fujitsu as basically a group of clowns merely lacking a circus.

Clarke Advice 1: https://www.postofficescandal.uk/wp-content/uploads/2022/10/...

Clarke Advice 2: https://www.postofficescandal.uk/wp-content/uploads/2022/10/...

Fujitsu report: https://www.postofficehorizoninquiry.org.uk/sites/default/fi...

Discussion of recusal application by Court of Appeal: https://taxpolicy.org.uk/assets/recusal_judgment.pdf


I highly recommend reading Private Eye's special report, Justice Lost In The Post https://www.private-eye.co.uk/pictures/special_reports/justi... [PDF]

Private Eye were one of the few people reporting on this regularly. I've been reading about it in there for close on ten years, and am still astonished that it's taken this long to really hit home what happened to these individuals. Bravo to the makers of the recent show that's brought it back into the spotlight. It's truly shocking what the Post Office and Fujitsu did, and one can only hope prosecutions arise from this.

For anyone working in IT, there are lessons to be learned here about what impact software can have on individuals' lives, and bravo to any whistleblower that came forward to speak out.


It's more shocking than that. It's just one example of a culture of corruption that pervades government and government-adjacent contracting in the UK.

Fujitsu acted like thugs not just to save face, but because important shareholders would lose money if the truth came out.

Also, this kind of thing:

https://www.opendemocracy.net/en/fujitsu-post-office-scandal...

The PM's father in law is the head of Infosys. The PM's wife still has significant holdings in Infosys. Infosys and Fujitsu have a close partnership.

And so on. It's corrupt from top to bottom. The UK government is effectively the marketing wing of the huge public sector corporates, who invariably seem to have senior Tories and Tory donors on their boards.


While I don't disagree with the overall premise, Rishi Sunak has only been an MP since 2015 and this scandal has been going since 1999 so I am not sure the relationships you present:

Rishi Sunak -> Wife (Met 2004, Married 2009) -> Father -> InfoSys -> Fujitsu

Add up to any proof or even suggestion of corruption - just rich people know other rich people.


Yeah I dont know how Infosys-Fujitsu having a "close partnership" directly implies anything or implicates anyone.

Every big business has dozens if not hundreds of "partnerships".

I dont think someone at Fujitsu managing a big account like the UK post office would go out of their way to screw something up or cover something up because a partner company's co-founder happens to be F-I-L of the UK PM? Like what's the incentive here?


It's also ignoring the fact that if Fujitsu was rolled up tomorrow, Infosys would probably be better off for it, gaining a bunch of contracts that Fujitsu previously had.


Yeah, he was born in 1980. This scandal started when he was 19 and at Uni.


> It's corrupt from top to bottom.

I’m sure that you already know about it, but the bit that gets me is the Russian oligarchs and their money, honours, property and influence.

Assignations, poisoning etc and still the situation is tolerated.


This is specific to the Conservative Party as being the ones essentially bribed by the Russian state.



As opposed to spying for the Russian state, like Labour MPs.


> I highly recommend reading Private Eye's special report

Agreed. For those more audio inclined, I linked to these in another comment but I originally discovered their reporting on this via their "Page 94" podcast:

https://www.private-eye.co.uk/podcast/49

https://www.private-eye.co.uk/podcast/95


Yeah. It's baffling to me that Private Eye covered this in explicit, specific detail a decade ago and there were essentially no consequences for many years after.

(I have the same feelings as mhh__ in https://news.ycombinator.com/item?id=38967529. Just a remarkable and extremely slow miscarriage of justice.)


I also wonder what responsibility the courts hold, seeing as folks were prosecuted and jailed on just IT evidence.

I mean how in the world can you accuse and convict someone of theft when there is zero evidence outside of the IT system. And how in the world was the IT system never scrutinized?

I personally think the prosecutions were a sign of the times when people were still far too trusting of computer systems. I feel like these days, everyone would realize that there would be at least reasonable doubt as to the accuracy of the system, yet when these prosecutions were mostly taking place it feels like everyone just assumed the system was perfect.


Add that also the Post Office was a trusted institution, the CEO at the time being also a prominent person in the Church.


> there are lessons to be learned here about what impact => a mgmt crowd with zero skills and integrity <= can have on individuals' lives

A friendly yet rueful amendment.


If this scandal was about incompetence only, it would be outrageous.

But this was at least a deliberate, criminal cover up at the expense of hundreds of innocent people, maybe worse, implemented with tools intended for fighting serious crime. It seems unbelievable that this could happen in a civilized country.


They had Operation Ore in the early 2000s, thousands of innocent people were arrested and it resulted in 44 suicides.

https://www.theguardian.com/technology/2007/apr/26/comment.s...

https://insidetime.org/newsround/massive-miscarriage-of-just...


That article says 39 suicides and wikipedia says 33.



It also remains to be seen whether there will ever be any accountability. So far there has only been the promise to hand back a CBE.


Paula Vennells handing back her CBE doesn't get remotely close to accountability. Many won't feel a sense of closure until she's aggressively prosecuted and languishes in a prison cell for the rest of her years. I'm actually surprised at the restraint shown by ITV in her depiction, because in real life she bears many of the hallmarks of a cartoon villain.


I agree with the sentiment, but it's important to add that this should only happen if it's proven to the criminal standard of proof, in a court room, that she was complicit.


the legal responsibility of a director is different. she is accountable (along with other senior directors) for issues caused by the company

"A director can be found to be personally liable for a company offence if they consented or connived in an illegal activity, or caused it through neglect of their duties."

https://www.girlings.com/latest/when-does-a-director-assume-...

so she either knows about this or is negligent - either way jail time should be given


Why can't we apply the same standard of proof that was used to prosecute and sentence innocent people in this scandal?


Because two wrongs doesn't make a right.


On the contrary. Applying unjust law to the powerful and well connected people is the best and quickest way to get such law removed.


Why can’t this burden of proof be applied when giving out awards? The various paedophiles and fraudsters might be caught earlier.

Another one today:

https://www.theguardian.com/uk-news/2024/jan/12/british-cond...


Which isn't even legally permissible, there is no way to 'give it back' (although you could stop using the title) - it can only be taken from you, which has to be done by the king on recommendation of the prime minister.


Yeah, that's what I thought. Her promise to return the "honour" looks to me like an attempt to avoid having it seized off her.

These "honours" (knighthoods, peerages etc.) should now be referred to as "disgraces". Liz Truss handed out an honour for roughly each four days of her incumbency as Prime Minister, nearly all to crazies from the extreme right of the Conservative Party. We already have way more peers than can actually be stuffed into the House Of Lords.


> These "honours" (knighthoods, peerages etc.) should now be referred to as "disgraces".

Boris Johnston’s attempts to knight his father and Russian oligarchs donating money to the conservatives for titles are examples of this.


Not to mention that “Owen” woman who nobody seems to know anything about but is this spitting image of his ex-wife and has that trademark Johnson shade of hair.


I can’t think of an instance where giving it back has been refused. It certainly won’t in this instance


I can't think of an instance when it's been given back. You get a notification that you're being considered for an honour; if you're going to turn it down, you do it at that stage, before it's been conferred.


For someone not familiar with the acronym, what is CBE?

A quick search shows me 371 different matching acronyms, ranging from the "Calgary Board of Education", to "current best estimate", to "Central Bank of Egypt".


"CBE" refers to Commander of the most excellent order of the British Empire [0] which is a title conferred by the monarch on those deemed to have performed especially well in the service of the nation.

So you can see how its value might be diluted by this instance.

[0]: https://en.wikipedia.org/wiki/Order_of_the_British_Empire


Commander of the Order of the British Empire (CBE) This is awarded for having a prominent but lesser role at national level, or a leading role at regional level. You can also get one for a distinguished, innovative contribution to any area. https://www.gov.uk/honours/types-of-honours-and-awards


Interesting, thanks! I would have thought that'd be shortened to "COBE".


That "O" would exist in pretty much all British honours, so it's just redundant.

The levels of the order (which is the only one used on a regular basis, post-WW2) are MBE/OBE/CBE/KBE/GBE.


It's not just that. "of" and "the" are often omitted from initialisms, possibly as a lingering effect of, and false transferral of the conventions from, Latin where "of" is just the genitive case and "the" does not exist.

"Rolling on the floor laughing" should properly be "ROTFL" but usually is "ROFL", and that example is nothing to do with Britain or the honours system. "Member of Parliament" is "MP" not "MOP". "Batchelor of Science" is not "BOSc." but is "BSc.". And so on.

I suspect that "Lord of the Rings" is only "LOTR" because the sort of people who use "ROTFL" are the sort of people who even read the appendices to Tolkein and got there first. (-:


The O we were talking about is for "Order" :D

(Btw in the '90s, when it mattered, ROTFL was ROTFL and that was that... Now get off my lawn.)


One should rather ask why the UK still hands out orders that have 'British Empire' in their title :)


Wait until you hear about the House of Lords and hereditary titles.


Unfortunately I know it already. The more you know about the UK legal and political system the less it looks democratic


To be fair they are slowly making their institutions conform to a more democratic outlook.

For example, their Supreme Court finally moved out of the House of Lords in 2009... (so much for "separation of powers" before that, even though they were joined only in name...)


But contrast the situation of the United State of America, whose "Supreme Court" rather than an independent institution is in fact filled with partisan hacks to such an extent that it appears many on the Right felt that it was worth the obvious downsides of Donald Trump as President to get more Supreme Court justices.

Even the Law Lords (as they were typically called when the exact same body existed as notionally part of the House of Lords prior to becoming the UK's Supreme Court) were way more independent than that. A Government minister can say "No" to the pick of the committee which independently chooses candidates for this job, but they can't pick for themselves, the committee can just give them the same name again until (inevitably) the minister gets replaced with one who doesn't say "No".

It would in theory be easier for a British government to abolish their Supreme Court than for the US government, but in reality in both cases it would cause a constitutional crisis. The UK is quite capable of having a constitutional crisis, you don't need to write your constitution down to do that, but it isn't very likely.


This is the one you need: https://en.wikipedia.org/wiki/Order_of_the_British_Empire

The CBE in particular: Commander of the Most Excellent Order of the British Empire (CBE)

Yes, the UK still refers to the British Empire.


I bet Paula Vennells is lying about that. It sounds like some kind of PR statement to deal with the petition getting over a million votes to strip her of her honour.


Does a CBE confer some benefits?


Not really. It's shiny. It's like a real life ding/chievo/whatever you call them these days.

It's important enough that you can write it on like headed notepaper without seeming like a complete jerk. If I see somebody sent me a letter from "A Smith CBE" that seems reasonable I guess they have a CBE, how about that - if they write "A Smith BA(Hons)" I know they're a terrible person - who cares that you have a fucking undergraduate degree? Am I supposed to be impressed?

One more notch up makes you a knight. So, if you're collecting and this is early in your career that's a good sign you could get there. For example when I was a research student 20+ years ago, my Head of Department was looking to get herself some Honours, and these days she's Dame Wendy.

But like, it doesn't come with a heap of money or anything as far as I know. You briefly get to meet Charlie I guess, but I met his previous wife once (when I was a kid) and she was just some woman, so I doubt he's any different.


I once read a quote that "most of UK is a -third world country- desperately clinging to London to prove otherwise."

This doesn't help.


The simile is more colourful (and simplistic) than the reality.

The poverty levels are extreme in some parts of the U.K. that are far away from London and the high population density belt that goes through Birmingham to Manchester, lower than in some of the places in the E.U. that one thinks of as the poorer places in Europe. And the infrastructure gets almost zero attention and lip service from London-centric thinking. (Remember the cancellation of the northern parts of HS2?)

But some things are the same as London. I'd mention some, but they would be highly ironic given the subject headlined. (-:


I think the best way forward is for everyone involved in it at Fujitsu and the Post Office gets prosecuted for taking part in a criminal conspiracy to pervert the course of justice.

Certainly Paula Vennells should absolutely be in prison for her oversight and deliberate destruction of people's lives.


It's always the cover-up that makes it truly terrible. Like Watergate ... or when police misbehave in general ... it's always the desperate cover-up.


It does shatter the illusion somewhat.


I was reading an interesting bit today (https://read.uolpress.co.uk/read/electronic-evidence-and-ele...) about the "presumption of reliability" that can occur in cases involving "mechanical instruments" which is extended to include software.

I think the idea that complex systems are assumed to always be correct is... dicey at the best of times and even more so when it's critical to a criminal case.


> complex systems are assumed to always be correct

..absent evidence to the contrary. But in the Post Office case, the Post Office had all the evidence, and refused to disclose it. As far as I'm aware, failure to disclose evidence that might help the defence is perverting the course of justice. I don't know why no manager's been charged.


It's worse than that - there was evidence that Fujitsu could remotely affect the different branch computers with at least one person seeing it happen before their eyes and the Post Office absolutely denied that it was possible or had ever been possible.


Yep that's a huge challenge. The other one is that individual defendant's are unlikely to be able to afford the expertise needed to analyze a large complex setup, even if the details of the system (e.g. source code) are made available.


Yes it's an interesting point. At first I was horrified that it is so, but then the alternative is to require proof that a system is reliable, which no one could provide. It would need to be somewhere between, talking about best endeavours or something. It sounds messy however you approach it.


It is very tricky. In some industries you see things like device certification and regular external testing requirements (e.g. weights and measures) but applying that to the very fast moving world of software would be .... tricky, to put it mildly.


It would not be tricky it would just cost a little money and annoy someone who is incompetent because you would force competency on them. Open source projects by volunteers have better testing than systems like this.


For some computer functions it makes sense, such as audit logs and other basic operations e.g. timestamps. For complicated accounting software, there should definitely be some kind of proof of correctness such as being self consistent and having sufficient auditing and logging systems.


It was actually intended to stop people challenging the reliability of things like speed cameras.


Yes, that's an interesting case as cameras are routinely calibrated, but the software is closed source which I think is a mistake. It should be possible to challenge whether a system is operating correctly if you have decent evidence against it e.g. GPS tracking. I do think that modern cars should be fitted with a black box device with the owner having ultimate control over access to it, so they could submit it for evidence to prevent miscarriages of justice.


> I do think that modern cars should be fitted with a black box device with the owner having ultimate control over access to it, so they could submit it for evidence to prevent miscarriages of justice

I’m not sure this is workable: if the owner had control, there’d be a cottage industry of people offering to fake evidence against camera tickets. If the owner doesn’t, it’d get requested by police and insurance routinely and since most drivers regularly break local traffic laws that’d have a big negative impact on the owners, which makes me think it’s politically infeasible. Insurance companies might try to mandate that but I imagine they are very careful about changes which could shift customers.


I think those issues could be overcome by using encryption and checksums for the logs with the decryption key held by a third party that would read and release the data on request by the owner or in criminal cases where the owner was a victim.

The more likely model is that the insurance companies own and provide the black boxes in return for reduced premiums from the owner.

The current situation is that some drivers run their own dashcams and can choose to provide video evidence, but that could be open to abuse if someone very carefully edits the video and no-one spots it.

I agree that the drivers shouldn't be forced to self-incriminate - the police should be using their own evidence which could well be from other drivers submitting their own driving data/video.


I think "presumed to be operating normally for certain devices is certain oversight and testing requirements are met" is reasonable.

Definitely ought to be open source.

I wonder whether the black boxes insurance companies like to push would provide the evidence required?


This is actually one of the few applications of blockchain techs that makes sense - as a write-only store of transactions for auditing purposes, it's potentially very practical.


I agree, but wouldn't there be problems with the speed and cost in electricity. Also, would it need to be a single logging blockchain shared by everyone or I would imagine there could be issues with every computer system running its own blockchain - would that make it easier to fake?


> I agree, but wouldn't there be problems with the speed and cost in electricity

It's either that or it's vulnerable to 50%+1 attacks.


>wouldn't there be problems with the speed and cost in electricity

proof of stake blockchains don't have those issues


I can believe this as going thru something along the same lines with my housing association and met police, and it is shocking how many people who focus upon being seen to do a job and lie to cover up their mistakes have grown over the past few decades in the UK.

I shudder at how many scandals never come to light as the process to clear things up and get the truth out is an uphill battle. Oh and my local MP is Ed Davey, who is deeply linked to this PO scandal, though in fairness, he does seem to be singled out over all the others who did less on their watch.

I somehow wonder if society is on a path of race to the bottom at times and amazed how it works with all the flaws that just seem to grow.

Heck whilst typing this I get an email from police about some bail I never attended and yet again, it's the wrong person and has nothing to do with me beyond causing me more grief and stress. I don't even have a criminal record and due to do jury duty later this year, which is unlikely as being driven to wits end.


If you are going though something similar, don’t forget to let Private Eye know.


Think I did poke them a couple of years ago, never heard back. Oh well, way more evidence now and have it somewhat in-hand. Just so slow going thru the process and even then, getting evidence together and data requests and the level of failures just compounding. As so wide and kinda sureal that it is hard to believe. Police and housing covered up and protected an abuse addict (police informer) and ignored so many safty concerns and evidence that people dead due to it and past people who tried to speak out, either dead or gaslighted. Even tried that on me and sadly for them I recorded evidence for years and now case of bring all their failures to light in the open. Let alone all the housing failures that just keep growing. Fact my gas supplier identified fault in gas safty in october that they still not fixed and my concerns that impacted not only my flat but all the other flats (it does as i checked) and entire estate as fault when built and as such making every gas and electrical safty certificate for past 25 years invalid. Seems to fall on deaf ears, even HSE (Health and Safty Executive) seem to be, well they should fix it and toothless. Yet this is just nothing and whole list of failures by them that they already under investigation. Let alone all my findings and damming evidence. The the Met Police.

But hard to really deal with it due to PTSD of it all and decade of abusive neighbours who literally tried to get me killed and not only proof of that ignored but made out the other way around when it is clear as crystal with evidence submitted that is not only untrue but downright blatant lie. Police ignored that and more so, much more in past that it is a history of pure and utter failings and criminal.

Glad I have video and audio recordings proving it and that includes meetings in which police and housing lie and damming as hell. Yet, you would think somebody would care, but dam as I'm not alone in these situations. But look at Post Office scandal - how many people died over that and efforts to get to light. Then the pressure to pursue the truth and effort when others died trying.

It is scary how often things get covered up. There again, I used to work for the BBC and mindful how things can get swept under carpets and ignored like Jimmy.


Are you saying that your neighbours literally tried to have you killed, you have strong evidence of this, and the police did nothing?

Because… that’s just not really true, is it. It’s hyperbole, like most of your comment.

Not to say that you are not going through bad things, but blowing a potentially minor thing up into someone literally trying to have you killed isn’t going to get people to take you seriously.


Look up 'Power to the Proletariat' on yt. No lecturing, just great tips for dealing with the uk cops. After a while you see the same, same tricks they use.


Used to read Private Eye in the 90’s as a teenager. I thought they were a satire mag - what is their interest in these kind of stories?


They have always had a strong slant on investigative journalism. The whole back section (and quite a lot of the front tbh too) fall into that. The writing can still be acerbic but the journalism is hard hitting.

They continue to honour one of their very earliest columnists with "The Private Eye Paul Foot Award for Investigative and Campaigning Journalism". It's a big part of the magazine.

https://www.private-eye.co.uk/paul-foot-award


The tv comedy show ‘Have I Got News For You’ covers much of the same ground. It’s a good show if you like (their) politics.


Well one of the panel hosts is the editor of the private eye


They have been reporting on this story extensively for years.


https://en.wikipedia.org/wiki/Le_Canard_encha%C3%AEn%C3%A9

Satirical papers aren't always about fun and jokes -- the good ones often break important stories before the serious papers.

They often use code to write things they would otherwise be sued for:

https://en.wikipedia.org/wiki/Tired_and_emotional


It may be that you didn't understand what satire is? If everything is fine, satire is redundant. This sort of investigative journalism is closely allied to the work of the satirist.


Time to read some Kafka.


Read it, I'm living one of his greatest unwritten novels that Black Mirror episodes seem more like documentaries than they should.


or watch 'Brazil'


My favourite Christmas movie!


I can tell you like it warm and cozy...


>I somehow wonder if society is on a path of race to the bottom at times and amazed how it works with all the flaws that just seem to grow.

Bureaucracies don't scale well.


I am absolutely flabbergasted. At least for American public companies, SOX compliance requirements make it impossible for something like this to ever happen without an explicit authorization in place. The rule is simple: every destructive action (think mutable) needs to have one requester and one approver.

As long as it is logged in some system, you’re golden. This is somewhat enforced through regular publicly disclosed audits. I suppose that’s what Ernst and Young did when they noted in an audit that Fujitsu has unrestricted access to modify accounts without the postmasters knowledge, and this poses risk.

What strikes me as bizarre is that no regulatory body took any action on that report. Maybe the report was private, I’m not sure - I don’t know how things work in the UK. In any case, this really takes your trust away from public institutions. You’re left to wonder, if this was possible, what else might still be possible?


I've worked on HR software for a large organization in the US that relatively frequently gets sued on hiring decisions.

One of the features that the customer desired was essentially an overriding, free-form, editor for the recorded information, as part of the "get all of the information for a case to be submitted to the court" bit.

We didn't do it, because the entire development team thought it was ridiculous, and the person requesting it retired before issue boiled over.


Here is the Wikipedia page on the topic. The issues started already in 90s and dragged without a proper fix, people committing suicides as the result

https://en.m.wikipedia.org/wiki/British_Post_Office_scandal#....


I have been reading about this in private eye for maybe a decade, nothing happens, TV show? Instant progress overnight.


That seems to be one of the points that the BBC article is making, too. Panorama, one of the BBC's highest profile current affairs shows, points this out in 2015, and nothing happens. Post Office Ltd even pats itself on the back that nothing comes of the BBC programme. ITV dramatizes it in 2024, not even handling it as news, and it's immediately Conservative government priority.


Some bright spark at CCHQ realised it could be weaponised against both Ed Davey (Leader of the Liberal Democrats, and former Post Office minister 2010-2012) and Keir Starmer (Leader of the Labour Party, and former Director of Public Prosecutions 2008-2013).


Which continues the theme, really.

That the British public is not motivated by a BBC Panorama documentary in 2015 or by ten years of Private Eye coverage or by 15 years of Computer World coverage, but only finally by a dramatization by ITV; says much the same as the fact that politicians believe that people will swallow the mud slinging that the Director of Public Prosecutions or the Parliamentary Under-Secretary of State for Business are responsible for private prosecutions pursued by Post Office Ltd itself, not by the CPS and not by a government ministry for (by then privatized) business affairs.


They're probably angling to use it against Keira Starmer because he was DPP


"Keira Starmer" - good job me


It's an election year.


A key point from BBC here is that the post office was doing damage control with a PR team as well as legal threats. Pretty successful it seems.


One has to wonder how bad the justice system has to be if a trial is unable to surface the truth in this rather trivial case.

And it failed multiple times.


England's legal system is still riddled with the legacy of feudalism. The private prosecution mechanism used by the Post Office was first used in the 17th Century.

Note that Scotland has its own legal system and it is generally saner. Not sure if any sub-postmasters were prosecuted in Scotland.


> Scotland has its own legal system and it is generally saner

Scotland's legal system prosecuted and jailed Craig Murray. It also prosecuted Alex Salmond, who was unanimously acquitted by a jury; but Craig didn't benefit from a jury. The chief prosecutor is a member of the government, and controls police investigations.

In the case of a political prosecution, I wouldn't describe the Scottish system as "saner".


Yes, Craig Murray's imprisonment was a travesty. Saying a legal system is saner than England is pretty much damning with faint praise, it's such a low bar to clear.


Craig Murray identified complainants who's identity had been protected by court order.

What did you expect to happen?


Not really; that's "jigsaw identification", i.e. identification is only possible by combining multiple reports. It was not possible to identify complainants just by reading Craig's blog. Other journalists, whose writings could be used to directly identify complainants, were not prosecuted.


Did he supply a crucial missing piece of the puzzle then?


The prosecution case was that he provided a piece of the puzzle. I have no reason to believe it was a crucial piece.

I was reading his blog while all this was going on. Despite my curiosity, I was unable to get any clues about who the letter-women were. But I'm not Scottish, I'm not involved with the Scottish National Party, and I don't hang around with SNP politicians (or any politicians).

Perhaps someone who mixed in those circles could have found clues; I understand that several Sottish journalists published pieces from which a knowledgeable reader could deduce who was being referred to. But I believe Murray was pretty scrupulous in avoiding violating the judge's order.

I think it's obvious he was persecuted for his trenchant support of Alex Salmond.


That reminds me of one of the cases against Tommy Robinson (in 2018). As far as I could tell from abroad, he really didn't disclose anything that hadn't already been disclosed in traditional media.

https://en.wikipedia.org/wiki/Tommy_Robinson_(far-right_acti...

And even if he did -- there is something wrong with a justice system that would let that lead to these guys going free:

https://en.wikipedia.org/wiki/Huddersfield_grooming_gang

Reading the dates (years!) relevant to the case is enough to make anyone shutter -- first complaint taken seriously (allegedly) was in 2011 and the arrests didn't happen until 2017.

Some cases seem to be more about politics than about the law (let alone justice).

---

Do I have to say it? I probably do. I think Robinson is an idiot. A football hooligan who seems to have oppositional defiant disorder.

He is also right that there is a problem with Muslim crime in the UK -- and their grooming gangs seem to be a huge problem and there has indisputably been a cover up of it.


My recollection is that there was no crucial piece that was not around the same time also reported in the mass media. Why this was dismissed as apparently not being relevant as a defence was confusing (if I recall correctly, something about media being self-regulating through a professional association and blogs not being so, which doesn’t seem to matter when a reporter in the media did the exact same thing with no consequences that Murray was jailed for)


> Craig Murray identified complainants

He didn't. His reporting included facts that the police and judge claimed could be used to identify people. Many of these facts were also public knowledge anyone following the case likely already knew. These were the same police who brought the failed charges against Salmond. The entire case stinks of corruption and many people including Noam Chomsky have publically backed Murray.

[0] https://www.thenational.scot/news/18486299.global-figures-in...


Look, if at judge warns me that I have published information that may be used to identify an person who's identify is under legal order and I continue and repeatedly publish further information that may be used to identify the person what do you expect to happen?


>Not sure if any sub-postmasters were prosecuted in Scotland.

They were, though through the usual public mechanism by the Procurator Fiscal


Partly its to do with the people in the courtroom not knowing enough about IT, so that when the Post Office claimed their massive late 90s XML based hub-and-spoke database with 13,000 spokes was 'robust' it was taken as a given. Whereas anyone in IT could look at the architecture and think "well, there's bound to be all kinds of bugs in there".

I mean, they had expert witnesses and stuff. But I've been reading about this in Private Eye for years, and as an IT person you read it and think 'yes those people are totally being fucked over because the organisation is hiding the bugs that obviously lurk in their enterprisey system' whereas for non-technical people it was less obvious.


Surely they could have checked the accounting and then verified what products and services were sold and what the total owed should have been.

If there were duplicated entries, they would have stuck out like a sore thumb.

So even before the system came into question, basic accounting should have been used.


Yes, you’d think so, but the Post Office “auditors” didn’t do that and just blindly believed what the computer said the balance should be.


And judges sent people to jail based on that. They should all lose their positions.


The post office was acting as victim, investigator, and prosecutor and simply lied or withheld evidence to ensure that the defence had nothing to work with and the jury had nothing to contradict that view. It's absolutely batshit levels of corruption and there must be severe consequences.


What is clear about this is that the system couldn't even balance the books (which has been obvious for years, to anyone in the UK following the story).

If the computer says "You took £x thousand and only banked £Y thousand", the first thing to do is audit the receipts and (unless there were fraudulent entries being made, while noting this was allegedly not possible) as the first rule of forensic accounting is 'follow the money'.

What's so bad here is that the executives of a well respected UK institution acted purely from a profit/reputational motive, and dug themselves deeper and deeper into the hole as a result.

More scarey part of this is that it's Minority Report - "Computer says you're guilty, end of story". Positive take would be the courts are less likely to believe the 'computers are infallible' line in the future.


Watched the Mr Bates 4 part series, and a few things didn't make much sense to me.

The balancing. Perhaps because more was cash, but I would have expected some logging to have shown "at 4pm, the account had cash on hand of X pounds. at 4:08pm, the account had 2300 pounds less". Would that not have been useful? But watching (yes, it was a dramatization, but it didn't seem like much), it seems like PO did not want to admit any fault, ever, at all, and just kept sticking to that far beyond the time when they could have just cut their loss, held up their hands, and said "hey - problem identified, we'll fix it".

If I sold 5000 pounds of stuff, and should have received 5000 pounds, and... I have 5000 pounds on hand, but the computer says I have a shortfall 1000 pounds... how is that defensible?

Where did the money 'go'? If I had 4000 pounds on hand, but the computer then said I should have 6000, and I'm short 2000 pounds... why wasn't that discpreancy noted?

Also.. what was the motivation behind all the changes? The whistleblower seemed to indicate this was remote people at horizon "fixing" things by hand. Were these all just 'accidents' no one owned up to? The drama seemed to indicate there was some intentional retaliation against some people, but it couldn't have been intentional in all cases. But also... it doesn't sound like anyone at Horizon stole that money, they were just changing figures in a system.


One of the bugs in the system was that one of the data entry screens which postmasters recorded their takings would routinely freeze. If you hit "Return" again whilst the screen was frozen it would silently submit the figures again. So if you had £4000 of takings and submitted, got the frozen screen bug and hit return again then the Post Office thought you had £8000 of takings.

These were _incredibly obvious_ duplicate entry errors when the Post Office investigated but they blindly took the system as perfect and automatically assumed criminality on the part of the postmaster.

NOTHING about this makes any sense if you assume people on the Post Office/Fujitsu side were acting in good faith.


> These were _incredibly obvious_ duplicate entry errors when the Post Office investigated but they blindly took the system as perfect and automatically assumed criminality on the part of the postmaster

They did not blindly take the system as perfect, but instead they were well aware of the errors and instead decided to bully the sub postmasters and gain bonuses for successful prosecution. They knew exactly what they were doing and took pains to hide any evidence of the shortcomings of Horizon.


Outside of ego/reputation, I can't see what the coverup provided. Maybe that's all it was. Crazy.


You're about 1 or 2 steps away from reinventing double entry bookkeeping. Buy yeah in a proper accounting system you'd have those entries which would be easy to check, and nobody would be able to remove or edit them and the system would keep track of who was responsible for which entry.

This system works well enough that it can be done with pen and paper. Perhaps consolidating some stuff from time to time (but keeping the calculations for X years).

As far as I can tell Horizon wasn't playing by the rules, either because of bugs or because of badly designed secret admin access (maybe to fix those bugs, but you can guess how well that goes).


What shocks me the most is the amount people who pleaded guilty (who claim they are innocent) to receive a lesser sentence.

I'd equate that to torture.


Isn’t that the general issue with plea deals? Unless you are wealthy, pleading out is often the better choice.


The entire US criminal justice system revolves around plea bargains


For anyone who thinks the parent is exaggerating: 97% of all convictions in the US is due to the plea bargains.


This is why plea deals should be considered a violation of any notion of rights to a jury trial, fair trial, or similar. It is like the right to vote, where voting for the wrong party might end up with you going to prison.


This whole horizon system story is fascinating for so many reasons. One thing I don't understand though is exactly what the bug was?

For context, it led to (sometimes huge) discrepancies in what it thought should be in the till based on sales data from the day.

I don't build systems anything like Horizon, so this is probably a massive over simplification, but surely tracking stock and cash in tills should be really simple? Does anyone know if there are public details on what exactly the technical bug was?


There wasn't just one bug, there were many. One of them was due to a "missing payments node", but there were many software faults, including rounding errors, data corruption, and issues with synchronization between local and central databases.

Two bugs are detailed here: https://www.theguardian.com/uk-news/2024/jan/09/how-the-post...

> One, named the “Dalmellington Bug”, after the village in Scotland where a post office operator first fell prey to it, would see the screen freeze as the user was attempting to confirm receipt of cash. Each time the user pressed “enter” on the frozen screen, it would silently update the record. In Dalmellington, that bug created a £24,000 discrepancy, which the Post Office tried to hold the post office operator responsible for.

> Another bug, called the Callendar Square bug – again named after the first branch found to have been affected by it – created duplicate transactions due to an error in the database underpinning the system: despite being clear duplicates, the post office operator was again held responsible for the errors.

There weren't just bugs, either Fujitsu had the ability of modifying or adding transactional records remotely, but always denied they had the ability to do so, as did the Post Office.


Haha, obviously you haven’t worked in any large enterprises before that aren’t software companies. Basically the business rolls dice and comes up with some random requirements and then tries to change those requirements constantly until you end up with software that looks so hideous nobody understands anything about it and all the chopping and changing leaves the code in a complete mess with lots of bugs. The problem is the people making these requests do not understand the costs, if they were building a house they wouldn’t dig up the foundations on a whim, but because software is so ephemeral it seems (to them at least) cost free.


https://www.judiciary.uk/wp-content/uploads/2019/12/bates-v-...

I have only skimmed this so far but it seems there were many bugs.

Also this stood out to me.

> 4. Fujitsu inserted transactions. These are injected into branch accounts by Fujitsu. They may be performed in order to ‘balance’ a discrepancy. These do NOT require acceptance by SPMs in the same manner as TCs and TAs.


>Fujitsu inserted transactions

They inserted transactions for corrections of discrepancies where you could not see they were authored by them; it was just assumed the postmaster did.

They did not let postmasters know about this; probably an order by the post office.

These corrections where incorrect, and caused discrepancies to increase; they mixed plus and minus sign quite often.

They added lines of code to the system running on the counter in the local post office.

They used the message store system like wild west without defining a data schema.


> They inserted transactions for corrections of discrepancies where you could not see they were authored by them; it was just assumed the postmaster did.

Then prosecuted the postmasters for inserting transactions, because "only the postmaster can insert transactions".


It was a bunch of different bugs

We're trying to figure out the architecture over on this other thread - https://news.ycombinator.com/item?id=38954516

But basically it was based on a sortof replicated XML database that sent text files back and forth, so the basics of synchronisation and consensus were just not covered properly. e.g. if someone kept pressing a key when the screen was frozen, duplicate transactions got created. Or if they turned their machine off earlier than 5pm, end-of-day processes did not get run properly. Or if their node was trying to synchronise with the central node a bit later than normal and the central node was doing a 'reindexing' operation, their messages got lost. Lots of edge case synronisation bugs basically.

edit: also here's a good computerphile video about the bugs https://www.youtube.com/watch?v=hBJm9ZYqL10


>One thing I don't understand though is exactly what the bug was?

It was not only the bugs but also the UX and the overall process that made things worse.

The system did things that the postmaster was either unaware of, or did not intend to do. When there was a customer session and a session time-out occurred it was changed into an actual transaction without the postmaster intending it; like you have a shopping cart on an e-commerce site and it transforms the shopping cart automatically into a sale after timeout.

There were screen freezes and when the postmaster pressed enter while the screen freeze happend, it multiplied the amount of money, without the screen being updated.

Postmasters are responsible for discrepancies, and when they called the telephone support they were occasionally told "not to worry, it will sort itself out". There were corrections from the outside and postmasters sometimes waited for weeks and even months for these corrections to happen to resolve the discrepancies. Sometimes they never happened.


There's a computerphile video on youtube where a prof goes through A, C, I and D and gives an example where each of these went wrong. Professionally speaking, it's shocking.


Hey you're right, from two years ago, good catch https://www.youtube.com/watch?v=hBJm9ZYqL10


> surely tracking stock and cash in tills should be really simple?

You'd think so, except they wanted a custom system built at incredible expense.


The thing is: the higher ups thinking that postmasters where routinely stealing and the fact Fujitsu altering records without logging was standard shows a culture where you can bet those higher ups are used to steal and think everyone does it.


I have a tangential question to this whole debacle: I'm a developer who worked on a lot of safety critical stuff. I think I know a lot about that. But never worked with "money stuff". What are the best practices in this regard?

I understand this whole thing is not just a software development failure. But it also feels as if the Fujitsu developers had done a better job we wouldn't be having the whole debacle.

So what are the best practices with a system like this? Are there good and practical books for example on the topic?


A good start might be the French "NF525" law, which lays down legal standards for how cash registers should work. https://www2.ikosoft.com/en-gb/all-knowledge-about-the-nf525... / https://www2.ikosoft.com/en-gb/cash-security-software-how-to...

"Any software with nf certification must not allow any concealment of data essential for VAT assessment. It must be equipped with a system for identification and tracing of all processes and information relating to collections.

Concerning the registration, the security is done by electronic signature. All information recorded in the cash register system cannot be modified or deleted. Errors and returns are automatically considered as new transactions.

As regards the retention of data, the minimum period imposed by the standard is six years. Furthermore, during a tax audit, an archiving system must facilitate the interventions of the tax authorities, by quickly restoring the data necessary for the calculation of VAT.

Note that archiving is systematic before any purging procedure. This rule ensures that the data is available at each intervention of the administration’s agents."

It's perhaps a bit more like signed git commits than blockchain; the requirement is that every transaction be signed and immutable. If "corrections" are required, the correction has to be appended to the log leaving the original in place. I believe there's also a requirement to feed all this receipt data to the tax authorities.


Here's a system audit manual from Jan 2000, part of the inquiry evidence. Lets figure out how this thing worked.

https://www.postofficehorizoninquiry.org.uk/evidence/pol0002...


There is also a detailed description of the system in [1].

An interesting incidence/problem report is in [2] at 1h:03m:00s, where an replication error in their Riposte message store system is described. After a defect counter hardware was replaced, it will fill its empty store with messages from other counters.

[1] "Technical Appendix to Judgment (No.6) “Horizon Issues”", https://www.judiciary.uk/wp-content/uploads/2022/07/bates-v-...

[2] "Alvin Finch - Richard Coleman - Day 54 AM (17 May 2023) - Post Office Horizon IT Inquiry", https://www.youtube.com/watch?v=H0_-ebCVU5k&t=3780

[3] Steven Murdoch: "What went wrong with Horizon: learning from the Post Office Trial", https://www.benthamsgaze.org/2021/07/15/what-went-wrong-with...


See also the Fujitsu whistleblower, Richard Rolls’ witness statement https://www.postofficehorizoninquiry.org.uk/evidence/witn007...



<Senior Post Office managers briefed the BBC that neither their staff nor Fujitsu - the company which built and maintained the Horizon system - could remotely access sub-postmasters' accounts, even though Post Office directors had been warned four years earlier that such remote access was possible.>

Jeez, as I'm betting almost all readers of HN know, if it's connected to the internet, it's not always secure. I'd suggest this is a blatant lie, the truth of which could have easily been verified by asking their in-house tech. After being told by Fujitsu about remote access possibilities, they didn't want believe them?


The system was originally connected via private ISDN lines so that wouldn’t have been a factor for the first cases.


Last I heard they were trying to rebuild Horizon on "AWS and JavaScript". I wish I was joking.


There is a cloud-based system which will be the successor of Horizon legacy (from 1999) and Horizon online (from around 2010).

>Is Horizon still being used? >Yes. There have been several versions of Horizon since its introduction in 1999 and the current version of the system, introduced from 2017, was found in the group litigation to be robust, relative to comparable systems. But we are not complacent about that and are continuing to work, together with our postmasters, to make improvements. We will be moving away from Horizon to a new IT cloud-based system that will be more user-friendly and easier to adapt for new products and services. This is currently being developed with the involvement of our Postmasters.

via: https://corporate.postoffice.co.uk/en/horizon-scandal-pages/...


This kind of comment (not your actual comment) shows the pitifully simplistic people making crucial decisions in UK public IT. On prem vs off prem has nothing to do with this yet cloud is phrased as a key tenet of improvement. I suppose give it a few years it'll be described as "LLM ready" too.


Some important context that might be useful for fellow confused readers:

A new four-part dramatisation about the Horizon scandal aired from January 1st - 4th in the UK.

As a result, the scandal became a popular topic for discussion publically and in the media, as well as introducing the issue to a whole bunch of people who were unaware

I was a bit confused myself as to why this was getting coverage out of the blue until I learned about the ITV series yesterday

https://en.wikipedia.org/wiki/Mr_Bates_vs_The_Post_Office


I was wondering when this was going to breach the Zeitgeist. I've been reading about it for a while now. I'd really love to watch the recent show about it (that apparently triggered the awareness of it in the U.K.) but I can't find a way to watch it on any of my streaming services in the U.S. Does anyone know how to see it in the States?


It was an ITV series which isn't a streaming service, as such. You may be able to access the Radio series though which is well worth a listen. https://www.bbc.co.uk/programmes/m000jf7j


ITVX is, purportedly, though.

I have some relatives who tried out ITVX for the first time especially to watch the drama, which they didn't catch as it was broadcast. They reported that ITVX was almost unusable, and also that the app crashed their telly and caused it to lose the ability to output sound until they rebooted the telly and let it go through an update cycle. "BBC iPlayer is much better." came the grumble down the telephone. (-:

I told them that it was ITV, which has 4 channels and is almost bound to repeat it.


Addendum: ITV duly repeated it, as predicted, 3 days after I wrote that; and the relatives tell me that they happily watched it on broadcast.


True, ITVX or whatever it was called before actually worked OK but then they updated it and made it quite terrible.


I'd recommend pirating it and it's easy enough to find through the usual trackers.


For those who don't want to pirate it, there is a summary which tells the story using scenes from the TV series.

>Post Office Scandal Explained https://www.youtube.com/watch?v=LdQQib3rmkE


ICL originally had contract AFAIK. It seems to me that the disappeared funds could have gone to people with access to the system and not just a result of accidental coding. International Computers Limited existed as a commercial entity and brand from 1968 to 2002, it was finally and completely absorbed into Fujitsu.


> It seems to me that the disappeared funds could have gone to people with access to the system

How could that happen outside of the Post Office? ICL/Fujitsu had remote access to all the remote boxes and could add/amend records without any audit trail and without knowledge of the sub postmasters, but I can't see how they could get money to go into their own pockets unless they entered into a deal with the sub postmaster operating the branch. Hypothetically, they could delete some transactions and then the sub postmaster would have more money in their till than accounted for and could split the proceeds. (I don't think this ever happened).


The disappeared funds were briefly covered in the programme. Standard accountancy practice when you've got mystery funds is to record them in a 'suspense account' and if it comes to light where the dough came from, you update your records. If no one comes forward after x years you just have to treat it as free money from who-knows-where.


Is the Post Office a private company? Why are they using phrases like 'protect our brand?'


Yes, Post Office Ltd is a private company. It was privatized at the turn of the 21st century, and there are odd holdovers from the four centuries of it being a royal monopoly with sweeping powers, more on which at https://news.ycombinator.com/item?id=38969076.


No idea if the t.v. show is good but the radio 4 show most certainly is:

https://www.bbc.co.uk/sounds/brand/m000jf7j

Check that out to see how the U.K. establishment works.


The TV series is very good, but it's quite tough going in places.


..and THIS is why you need a strong, independent Internal Audit dept, with serious, educated, trained IT Auditors.

News like that make me very angry.

From the little I find to read, looks like it would take a 'basic' IT Auditor could in a few days figure out (and fail) basic ITGCs.

And it amazes me when I hear the term "DevOps" (cringe). But hey, I get it.. we need to make money, A LOT of money, and we need to make it FAST because of reasons (competition, greed, lack of talent, timing, etc.). Who has time and money to spend on Dev/Staging/Prod? Only stupid highly regulated environments need to be stupid enough to do this..

Going back to the story, THIS happens, people go to prison, people die. I have (in my IT Audit years) discovered/uncovered SO MANY tragic things.

And what scares me.. when I see YC 'offsprings' hiring and 99.9% of jobs are "stuff-building/money-making". Zero audit roles. And I am not angry because "damn - please hire me".. it's that how many of these places have an experience, IT savvy auditor? Not someone's cousin that is an accountant.. (no disrespect - it will take a CPA 10+ years to not be tricked).

And with that, I leave you with a friendly note on IT Auditors find and hire one with strong IT knowledge/background. They are worth their weight in Latinum!!


To be fair, neither of the two organisations responsible for Horizon over the period in question - Fujitsu Services, formerly ICL Pathway - in any way resemble your pastiche of "YC Offspring" startups.

Indeed, they were the exact opposite: huge multinationals with presumably gigantic legal, infosec and HR policy departments who could probably jump through the various compliance hurdles required by this procurement process in their sleep.

By comparison the startups you're complaining about usually take years to reach sufficient maturity to take part in large public sector procurement processes like this.

Clearly in this case maturity and scale were not a bulwark against incompetence, opacity and mendacity. Indeed the opposite - as I type this the Post Office's lawyers Herbert Smith Freehills are making mealy mouthed justifications for witholding reams of technical evidence from the public enquiry for months. It's disgusting, and as someone running a small business and endlessly having to justify our commitment to information security, data privacy and transparency I find the hypocrisy infuriating.


I cannot blame the contractors. I can only blame the Royal Mail/Post Office.

On the world of RACI, the client is always the A. I don't expect the guy who gets paid to be honest. I expect the payer to do their checks.

And stuff like that could have been picked up but an ITGC audit, Project Audit (reqs), SOX, any type of break/smoke test.. and so on..

Somebody dropped the ball - hard. This could have been prevented and/or detected and/or corrected.

Having served as Internal Audit for many many years, I get angry because I/someone in my line of work should have caught this.

Now.. WTF was the internal audit of Royal Mail/Post Office? Why isn't the CAE brought in for questioning and what was the scope of their audits?

Yes, definitely NOT YC company. But I don't see any YC companies hiring auditors, only engineers ;)


You definitely should blame the contractors.

It's become very clear as the public enquiry has progressed [1] that Fujitsu were:

- aware of several bugs - including ones they'd fully understood the cause and mechanics of - that would induce double-counting of transactions

- aware that criminal prosecutions were underway against users of the system in which just such double-counted transactions would clearly have had a material impact on the case and the evidence aduced

- failed to raise the above in a timely manner, either to the Post Office who had directly requested audit logs, to external auditors, or to the justice system itself

[1] https://www.theguardian.com/uk-news/2024/jan/17/post-office-...


So who did alter the records? Were employees at Fujitsu stealing or just fucking around?


As far as I can tell, employees at Fujitsu couldn't get the money; they used the remote access feature to correct the errors that resulted from the bugs. According to the show, this was often done sloppily, so that a £3,000 discrepancy would turn into a £6,000 discrepancy, instead of being reduced to zero.

These changes via remote access were not logged.

There was also a point in the drama where the Fujitsu support staff talked a subpostmaster through fixing the errors herself; that is, accounts could be tampered with without using remote access.

I suppose all this unaudited frigging with balances was enabled to cover up the fact that Horizon had serious bugs.

What I'm waiting to find out is why the Post Office managers were so desperate to protect the reputation of Horizon, that they were willing to risk being charged with perverting the course of justice.


> What I'm waiting to find out is why the Post Office managers were so desperate to protect the reputation of Horizon, that they were willing to risk being charged with perverting the course of justice.

They received bonuses for each successful prosecution and it would be career suicide for any of them to blow the whistle.


I get that the investigators, lawyers and lower-level managers were being encouraged with bonuses to cover-up the Horizon shortcomings, and use settlement offers to browbeat subpostmasters into exhonerating Horizon.

What I haven't learned yet, is why senior management wanted so much to exhonerate Horizon, that they would hand out bonuses to investigators, and to inquiry witnesses who gave "the right" testimony. The Post Office doesn't have a lot of money; it only broke profit in about 2014.

It can't be that the senior management were responsible for commissioning it, and screwed up; most of the people who did the comissioning will have retired. Similarly, the system was comissioned under a Labour government, and nobody from that era is still around. So I suspect it's the civil service, whose policies and cultures can outlive any human.


They were bullied and given leniency if they didn’t speak ill of the shortcomings


Why would anyone allow Fujitsu to gain new contracts?


but has any of this made any of you intelligent middle class people with best access to self-education ever doubt our social organization based on a monopoly on the use of violence in a geographical area?


This couldn't happen if the transactions were on a blockchain


Or better accounting, testing, logging and administration standards, which would be necessary with or without blockchain.


After the latest bullshit from the BBC I can't trust anything they say, I need to check their sources on everything and honestly it's so tiring I just ignore their stuff. There are better sources for news. Like, credible sources


This is an article that heavily mentions the BBC, the broadcaster of Panorama, being threatened by the Post Office. Other than the Panorama production company, whom chose to be interviewed by the BBC, in this instance where else would you go for a direct source?

If I were to hazard a guess, you haven't chosen to read the article, and have no motivation to actually substantiate your distrust for them past a vague "it's bullshit".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: