back to article 150,000 lost UK police records looking more like 400,000 as Home Office continues to blame 'human error'

Estimates detailing the loss of criminal evidence records by the UK Home Office and the police show the figure leaping from 150,000 to 400,000. Nonetheless, in a statement issued on Saturday, the government department said it was working to restore the records using the magic of computer code. "Working with the National …

Page:

          1. The Frog People Believe

            Re: The fickle finger of blame...

            Well I hope you never look after a system I rely on! Mirroring is absolutely NOT the same as a backup. Mirroring means that mistakes are replicated over; there is a distinct differences between disaster recovery and backups.

          2. Anonymous Coward
            Anonymous Coward

            Re: The fickle finger of blame...

            "Yesterday's article mentioned that there used to be a backup in the form of a complete mirror-server at a different location, but that was lost in a fire several years ago and so far not replaced."

            <needlescratch/>

            Wait, what?

            In a former life I did some work which involved the PNC. One day in mid 2005 we lost all our connections. Turns out that the backup system we were using was in a building that was unfortunately close to a certain oil depot that had just explosively disassembled itself...

            PLEASE tell me they haven't been running on a single system since then... !?

            Mind you, having experienced PITO as a customer I wouldn't be surprised...

        1. Loud Speaker

          Re: The fickle finger of blame...

          A system with zero backups? Seems . like criminal negligence<P>

          FTFY

    1. Cynic_999 Silver badge

      Re: The fickle finger of blame...

      I have little doubt that Priti Patel has been hard at work and is spending many hours every day trying to decide who is the most convenient (and expendable) person to blame. Just like many of those whose records have been deleted, the question of guilt or innocence is completely irrelevant when compared with what is the most expedient.

    2. Anonymous Coward
      Anonymous Coward

      Re: The fickle finger of blame...

      <fingers in ears>

      Na na, I can't hear you.

      The Management.

  1. illiad

    I did note to my network admin (a couple of years ago, using win 7) that it was a bit unnerving that the rightclick 'delete' was perilously close to the 'rename' and 'create shortcut' function... don't worry that what the bin is for... a big problem is, if it is on a network share, it **does not** go to the bin, but disappears..

    1. Anonymous Coward Silver badge
      Linux

      Samba can have a virtual recycle bin for just this situation.

  2. chivo243 Silver badge
    FAIL

    400,00 up from 150,000

    can I get 500,000? going once, going twice, sold to plods without a working backup?

    1. Loyal Commenter Silver badge

      Re: 400,00 up from 150,000

      If government IT overruns are anything to go by, you can probably whack another 0 on the end of that.

      1. A.P. Veening Silver badge
        Joke

        Re: 400,00 up from 150,000

        you can probably whack another 0 on the end of that.

        I would insert it somewhere in the middle, where it blends in ;)

      2. Kane Silver badge
        Joke

        Re: 400,00 up from 150,000

        "If government IT overruns are anything to go by, you can probably whack another 0 on the end of that."

        Unfortunately that would mean exceeding the Excel row limit.

  3. Anonymous Coward
    Anonymous Coward

    I heard...

    The statement I heard was that the deleted data was of people released without charge. In the event that this statement was actually true, isn't that what is supposed to happen?

    1. goodjudge

      Re: I heard...

      That was the original story I heard too, but both the volume and range have expanded since then.

      There's been years of campaigning against police retention of data from those who are interviewed then released (or to use a technical term, "innocent"), or from mass 'round up the usual suspects' attacks on demonstrations. (Anyone remember kettling?) The police / government response was not much more sophisticated than "No. Shan't. Remember Ian Huntley?", despite him and that case being a red herring in this context. A lot of people will not be unhappy that those records have now been lost due to an admin SNAFU. Losing actual criminal records and those for investigations in progress is a little more serious.

      1. Doctor Syntax Silver badge

        Re: I heard...

        "A lot of people will not be unhappy that those records have now been lost due to an admin SNAFU."

        And a lot of people will be very unhappy on account of being caught out after claiming it couldn't be done.

    2. Sykowasp

      Re: I heard...

      What if this wasn't an accident? As everyone points out, this should be nearly impossible on a mature system like this, which should have backups and lots of barriers in front of operations such as this.

      All you need to know is that an unnamed MP was recently released without charge for a (heinous) alleged crime. Perhaps there are other, unreported, cases as well relating to Tory MPs, or donors.

      So this was potentially a planned data loss to remove the records relating to this, covered up with other deleted records, in a needle in a haystack method. They'll gloriously say they recovered 90% of the records in due course from backup or paper trail, but the rest of the paper trail for the critical records will have been disappeared. Did

      Yeah, it seems far fetched and conspiracy theory like, and I'm not a fan of these in these times, and it most likely was poor backup practices and system access control. But still.

      1. Doctor Syntax Silver badge

        Re: I heard...

        If I hear that somebody has been released without charge I assume it was because there was no provable case against them and that they are, therefore innocent. That is a basic principle of the English justice system (no "not proven" stuff here), has been for centuries and hopefully, despite the longings of the HO and intelligence services, will continue to be. It applies to everyone. It applies to Tory MPs and donors. It even applies to YOU. And if you think about it a little you'll realise that the reason that it applies to Tory MPs, donors and everyone else is so that it can apply to you. And if you do a little more hard thinking you might realise that that is the most valuable protection you can have under the law.

        Meanwhile, those of us who've actually had the job of investigating allegations of criminal behaviour appreciate just how important it is that the subjects of those investigations do go unnamed.

        1. Primus Secundus Tertius

          Re: I heard...

          @Dr Syntax

          "...they are, therefore innocent."

          Not necessarily. Sometimes the Scottish position of 'not proven' is appropriate.

          1. Doctor Syntax Silver badge

            Re: I heard...

            Let me quote something with a little emphasis:

            That is a basic principle of the English justice system (no "not proven" stuff here)

          2. tiggity Silver badge

            Re: I heard...

            Not proven is only when people go to court though, as opposed to taken into custody but not charged

        2. This post has been deleted by its author

      2. Nifty Silver badge

        Re: I heard...

        Tending to agree here. Never let a good conspiracy theory go to waste.

      3. A.P. Veening Silver badge

        Re: I heard...

        As everyone points out, this should be nearly impossible on a mature system like this, which should have backups and lots of barriers in front of operations such as this.

        I think you are overlooking the minor detail of this being government IT, so hardly mature and apparently without backups. Besides that, those barriers also seem to have gone AWOL (assuming they ever existed).

    3. Anonymous Coward Silver badge
      Alien

      Re: I heard...

      That's what was supposed to happen; what the goal of the exercise was. It is not what actually happened.

  4. Pete B
    Joke

    I'd be checking the bank balance of the DBA involved.

    1. Anonymous Coward
      Anonymous Coward

      Some crime is cash only.

      * Even if a mistake it is a crime this happened.

  5. iron Silver badge

    Nice of the BCS to blame the developers. This was probably user error compounded by worse management error because there were no backups.

    I've always thought the BCS irrelevant to my profession. I'm glad I never joined despite getting the hard sell a few times.

    1. Down not across Silver badge

      Of course they do. They have an agenda. They've been for decades trying to make IT chartered profession where they can have out of date, expensive certifications.

      Must've been over 2 decades ago when I looked and was like how much? For what? Sod that...

      With hindsight, yes they are irrelevant.

      1. TimMaher Silver badge
        Facepalm

        Absolutely. I had completely forgotten about them until they surfaced in this article.

    2. 2+2=5 Silver badge
      IT Angle

      > Nice of the BCS to blame the developers. This was probably user error compounded by worse management error because there were no backups.

      Shirley, the BCS statement is making the point that it wasn't just the developer's fault because there were other people in the chain that should have checked as well but either didn't or also missed it?

      1. MrReynolds2U

        That is an interesting point. Maybe the BCS were alluding to the fact that PHBs are largely completely unqualified and that to rise to a position of authority in IT, you should be professionally qualified.

        1. Wibble

          AKA the Peter principle: people rise to the level of their own incompetence.

          There's too many managers around that can't do the job of the people they're managing. Whilst there's *some* skilled and talented managers who understand this and effectively delegate and manage, alas they're a rare commodity outnumbered many times over by clueless management numpties throwing their (light) weight around.

    3. Wibble

      "Quick, call the BCS" .. said nobody.

      They're fine for academia (one ass-u-me s), but not when working at the coal face with unqualified 'managers' and dubious processes. Much like attempting to read 3 volumes of The Art of Computer Programming (Knuth) - which would probably qualify as membership, but you wouldn't get a job.

  6. IGotOut Silver badge
    Coat

    Go on....

    ...see if the new guy will fall for the old DROP TABLE gag.

    1. Loyal Commenter Silver badge

      Re: Go on....

      My money's on forgetting the WHERE clause in a DELETE statement. I've seen a couple of people manage that one.

      1. MrReynolds2U

        Re: Go on....

        Yeah, a quick take-offline, restore and apply recent transactions from logs before re-onlining overnight and hoping nobody noticed the 2 hour outage. Been there. I deliberately mistype the initial parts of SQL statements now so they will fail in case I accidentally run them and then have an "Oh F**k" moment.

        1. Loyal Commenter Silver badge

          Re: Go on....

          As a matter of course, I would generally write any DELETE statement as SELECT * first and check it returns the results I want.

          Then, before running it, select the contents of the affected table(s) into backups, along the lines of SELECT INTO TABLENAME_20210119 * FROM TABLENAME.

          Then, where practical to do so, start a transaction before running the DELETE and only commit it if I get the expected number of records reported. I say "where practical" because you might not always have the tempdb space available.

          Of course, if you do actually want to zero out a table, you should be using TRUNCATE anyway, unless you have a particular need to be able to reverse the transaction log.

      2. Anonymous Coward
        Anonymous Coward

        Re: Go on....

        I have even done it myself.

        OTOH I have multiple tape drives and an auto-loader.

      3. anothercynic Silver badge
        Facepalm

        Re: Go on....

        Ohhhhh yes. Did that one (recently). Regretted it instantly. Had to reconstruct data (thankfully that was possible). Oy gevalt.

    2. James Anderson Silver badge

      Re: Go on....

      Apparently the data base is Adabas ... so “DROP TABLE” would be a syntax error.

      1. Loyal Commenter Silver badge

        Re: Go on....

        Unless they are using the Adabas SQL gateway apparently. Adabas is not a RDBMS I'm familiar with, but Google is your friend (in this context).

        1. 2+2=5 Silver badge
          Joke

          Re: Go on....

          > Unless they are using the Adabas SQL gateway apparently. Adabas is not a RDBMS I'm familiar with, but Google is your friend (in this context).

          When I were but a stripling starting out in the business there were job ads a plenty for Adabas and Natural. I nearly thought about re-training but never did. Eventually of course it was crushed by Oracle out-marketing everything even vaguely close as a competitor.

          However it has made me suddenly realise that the poor person responsible is more likely to have made the mistake through senility rather than youthful exuberance!

          1. Loyal Commenter Silver badge

            Re: Go on....

            When I were but a young'un, it was a case of get any job you can, and in my case, it turned out to be Equinox on Novell Netware (shudder). I was asked now to do anything with that now, I'm not sure that I could remember a single thing about it. And that's the way I want it to stay.

  7. Anonymous Coward
    Anonymous Coward

    UK Data Protection law and GDPR

    I had heard that the PNC has not been compliant with this legislation for years.

    Scuttlebutt has it that it was the implementation of rules to become compliant which went wrong, and that this problem goes back to sometime in last year so some data will have rolled off their DR backups. If that was the case, then the rules to make sure that data that should be completely purged, even from the backups may have been incorrect.

    Under UK and previously EU law, the police to not have catre blanche to keep information gathered from suspects forever. If someone is arrested for a crime, then the police can take and store information about the person. If they are subsequently released and the charges dropped, or go to trial and are cleared of the crime, then the police are bound by law to delete the fingerprints, DNA and other data that they've collected after a certain period of time.

    Anybody convicted of a crime will have their records stored forever (incidentally, this is sometimes quoted as being why police will take fingerprints from people who are stopped for minor motor offenses, even when the data has no bearing on the crime - "it's standard procedure, sir"). Once someone has been convicted, the police have the right to keep any data they've collected whether it was needed or not.

    This deletion policy does not please the police. They would really like to build up a complete database of all the people in the country whether they've been found guilty of a crime or not. If I were to put my conspiracy hat on (the one with the tin foil lining), this news story could be a deliberately created attempt to shock the people and government into a policy change to allow them to keep more information for longer.

    Within the last decade, I heard a broadcast interview about the police's DNA retention policy with who ever was the chief of ACPO at the time, where he repeatedly called people who had been arrested but not yet tried as "criminals" instead of "suspects" (not even "potential criminals"), even after being pulled up by the interviewer on more than one occasion. I'm sure that some members of the police regard all of the public as criminals who just have not yet been caught yet!

    1. alain williams Silver badge

      Re: UK Data Protection law and GDPR

      In theory backups should be cleaned as well, but in practice that is usually not practical.The important thing here is putting the deleted data "beyond use". So it might still be on a tape/... but it cannot be accessed through normal use/mechanisms.

      1. Val Halla

        Re: UK Data Protection law and GDPR

        Their recovery plan has definitely put the deleted data beyond use. It's not just the backup that failed, their DRP has clearly failed too.

    2. Doctor Syntax Silver badge

      Re: UK Data Protection law and GDPR

      repeatedly called people who had been arrested but not yet tried as "criminals" instead of "suspects"

      A crime is committed by one or more culprits and yet reports will almost inevitably say "suspect" instead. I suppose referring to suspects as "criminal" is the logical extension.

    3. Sandgrounder

      Re: UK Data Protection law and GDPR

      "Anybody convicted of a crime will have their records stored forever"

      That is not true. Only personal data from category 1 and 2 crimes are kept forever. Data from minor offences like traffic violations has to be deleted after a fixed period of time.

  8. Noonoot

    Did someone say Fujitsu?

    Is this the same Fujitsu that was the centre of attention in the post office post master scandal?

    1. Anonymous Coward
      Anonymous Coward

      Re: Did someone say Fujitsu?

      Fujitsu are the hardware supplier in this instance. The software is maintained by someone else.

      (anon because the "someone else" is another division of my employer)

    2. Mike Richards Silver badge

      Re: Did someone say Fujitsu?

      And the Libra magistrates court system that was memorably described as 'one of the worst IT projects ever seen' by the Commons Public Accounts Committee:

      https://www.computerweekly.com/news/2240049341/Courts-Libra-system-is-one-of-the-worst-IT-projects-ever-seen

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021