Menu Close

Post Office scandal reveals a hidden world of outsourced IT the government trusts but does not understand

A Post Office sign hanging on a British high street

The convictions of 39 Post Office workers were quashed on April 23 after the UK’s court of appeal heard that the crimes for which they’d been accused were in fact caused by the organisation’s Horizon IT system.

The system, supplied by Japanese IT services provider Fujitsu, had erroneously registered cash shortfalls in Post Office branches, leading to hundreds of convictions of theft, fraud and false accounting between 2000 and 2014. The scandal is one of the biggest miscarriages of justice in British history.

But the Post Office scandal reveals a wider issue. After decades of outsourcing IT systems, government officials no longer have control over technologies that can ruin people’s lives. To avoid future scandals, we need to take responsibility for the digital systems at the heart of governance – instead of just scapegoating IT firms and their products when things go wrong.

Computers in government

Computer systems have been in government for nearly 70 years. The Post Office was actually the first UK department to introduce such a system, developing the world’s first digital programmable computer in 1943, later used for code-breaking at Bletchley Park during the second world war.

Read more: The female enigmas of Bletchley Park in the 1940s should encourage those of tomorrow

But like most departments, the Post Office outsourced their computer systems to huge global computer services providers in the 1990s. They then seemingly ignored them wherever possible, believing in the huge contract value as a guarantee of trustworthiness and reliability.

That’s despite the fact that Horizon, which was riddled with bugs and errors when it was implemented in 1999, has been involved in a number of scandals, errors and failures in the following decades.

This latest scandal is a classic case of officials putting blind faith in computer systems as definitive sources of information and truth. And this attitude goes far beyond the Post Office – across the departments of state.

Outsourcing IT

Over the years, government departments in the UK stopped innovating with technology, and have started contracting it all out to computer services providers. From the 1990s, the UK became a global leader in the “mega IT contract”.

For instance, HMRC’s 1994 outsourcing contract with EDS was, at the time, the largest IT outsourcing contract in the world. The next contract, won by Cap Gemini-Ernst and Young (CGEY) in 2004, had an initial value of £4.3 billion and was so complex that on news of the award, CGEY’s share price went down.

A phone showing the HMRC logo
HMRC has a history of handing out giant IT contracts to help it manage departmental duties. Ascannio/Shutterstock

During this period, the National Audit Office (NAO) produced a stack of politely damning reports on government IT outsourcing – about cost overruns, failed projects, error-ridden systems and troubled contract relationships. But these “one more IT disaster” stories bored the mainstream news media to tears.

No one was interested in “legacy systems” like Horizon. They were ignored in public administration scholarship, myself a lonely outlier in writing my PhD and first book about them. But these complex mega contracts meant that departmental officials knew nothing about the systems on which they relied.

Many of these flawed systems linger on in government. After decades of problems with computerisation, the Department for Work and Pensions struggled for another decade to build its new universal credit system alongside legacy systems. In a 2018 report, the NAO identified nearly £1 billion in additional running costs from operating the systems in parallel, and highlighted new errors and payment delays that also caught the attention of Human Rights Watch.

In 2020, another NAO report found that Border Force staff were relying on a 26-year-old system to check whether suspects and persons of interest were trying to enter the UK. The outdated system was no longer fit for purpose, and delayed updates had cost the taxpayer £173 million.

Who’s responsible?

Legacy systems represent an accountability vacuum: whole tranches of government administration for which nobody feels responsible. The implications of this blind trust in the power of computers and the companies that supply them to government are ever more important today.

The Post Office’s Horizon system was not particularly complicated, nor did it affect policymaking. But today’s data-intensive technologies will be used increasingly to inform decisions about people’s lives: how long prison sentences should be, which people should cross borders, whether children should be taken into care or what their examination results should be.

Read more: A-level results: why algorithms get things so wrong – and what we can do to fix them

Last summer, the Prime Minister himself blamed a “mutant algorithm” for Ofqual’s exam results fiasco, which saw A-level students assigned lower grades if they lived in disadvantaged areas. The debacle was actually the fault of a rather prosaic statistical method that was not overseen by experts. Scapegoating unaccountable algorithms is convenient, but it misses the point that without accountability and transparency, government IT systems can lead to a multitude of harms.

We tend to let the technological tide wash over us, as if it’s an unstoppable force. But we can build in controls. At The Alan Turing Institute, we have set up the Public Policy Programme to help government realise the potential of the latest generation of data-intensive technologies, and have produced the first official guidance for the safe and ethical use of AI in the public sector.

The Post Office scandal shows that the same mechanisms should be applied to elderly legacy systems and unexciting algorithms. Today’s government is completely dependent upon its digital estate. We need to build accountability and transparency into this forgotten, hidden, mystery world to get the kind of digital technology we want. The kind that doesn’t ruin people’s lives.

Want to write?

Write an article and join a growing community of more than 185,600 academics and researchers from 4,982 institutions.

Register now