back to article 150,000 lost UK police records looking more like 400,000 as Home Office continues to blame 'human error'

Estimates detailing the loss of criminal evidence records by the UK Home Office and the police show the figure leaping from 150,000 to 400,000. Nonetheless, in a statement issued on Saturday, the government department said it was working to restore the records using the magic of computer code. "Working with the National …

  1. Aladdin Sane

    Technical issue?

    PEBKAC

    1. Version 1.0 Silver badge

      Re: Technical issue?

      Competent system design would admit that PEBKAC is likely and should prevent permanent data loss - but this is only part of the problem. Data storage in this environment is complex, complying with legislation created by innocent politicians makes it even worse - particularly when the work is sub-contracted out to a bunch of programmers who's only experience with police data collection and maintenance is just a DUI ticket.

      1. don't you hate it when you lose your account Silver badge

        Re: Technical issue?

        Cock up jobs like this are all too regular. Can you imagine the damage if something like this happened in the airline industry. Oh, hang on...

      2. Doctor Syntax Silver badge

        Re: Technical issue?

        "Competent system design ... should prevent permanent data loss"

        They've been arguing for years that they're so good at preventing data loss that they can't delete records of innocent people despite having been told to do so by the courts.

        1. EnviableOne Silver badge

          Re: Technical issue?

          My first suspicion is the Housekeeping error was a new junior clerk that did just what the court requested

          However, its not like people learn from their mistakes

          OWASP top 10 2003 ≈ OWASP top 10 2017

      3. A.P. Veening Silver badge

        Re: Technical issue?

        innocent politicians

        There ain't no such critter!

        1. bitwise

          Re: Technical issue?

          **** ******** must be breathing a sigh of relief right now.

          1. sabroni Silver badge

            Re: **** ******** must be breathing a sigh of relief right now.

            Your mum?

      4. Anonymous Coward
        Anonymous Coward

        Re: Technical issue?

        innocent politicians

        Joke alert ?

    2. MyffyW Silver badge

      DoSAC

      I wonder whether Malcolm knows yet?

      If I remember correctly the missing data will be on usb stick in Glenn's top drawer.

      Best of luck to all those ploughing ahead with the "Fourth Sector Pathfinder Initiative"

    3. AlbertH
      Facepalm

      Re: Technical issue?

      PICNIC

      Problem In Chair, Not In Computer

  2. juice Silver badge

    The fickle finger of blame...

    > "The incident highlights the fact that IT practitioners should be accountable to independent professional standards"

    I've no doubt there's going to be an epic amount of recriminations in the wake of this. But I'd be wary of pushing all the blame onto the "IT Practitioners".

    There's clearly two issues here.

    The first lies in the processes which allowed a breaking change of this magnitude to get onto the live plaform.

    The second lies in the backup processes (or lack thereof) which mean that they've been unable to recover the data.

    In both cases, a significant factor will have been the amount of time/budget allocated, and the oversight from upper management.

    And neither of those are "IT" specific issues.

    E.g. I've worked in places where the response to rollout failures was to double down on process. The result was that things took much longer to roll out, and that the "coal face" IT people actually had less time to deal with the technical side of their job, since they were constantly having to complete paperwork and defend the need for said technical activities.

    As a result, customer-reported issues remained open for significantly longer. If they were fixed at all - the time/energy cost of fixing some things simply fell below the level where the effort could be justified.

    And at best, the number of issues remained pretty much the same. Since the new high-overheads process didn't address the underlying issues; they just slowed down the rate at which changes were rolled out.

    There's always going to be a balance of some sort - there has to be. But the blame definitely doesn't all rest at the feet of the IT people.

    1. Anonymous Coward
      Anonymous Coward

      Re: The fickle finger of blame...

      Wherever the finger points, you can bet it won't be at the PHBs (who, lets face it, are more likely to have had a hand in the mess by pinching the pennies somewhere along the line).

      1. Peter Gathercole Silver badge

        Re: The fickle finger of blame...

        "The incident highlights the fact that IT practitioners should be accountable to independent professional standards"

        Notice that it was the BCS that said this. What a surprise(*), as they've always been trying to make IT a chartered profession so that they could charge for qualification courses and exams.

        The only problem is that their certification will always be at least 5 years behind the current trends in software development, because of the time it takes to create the certification.

        (*) Yes, I've always been bitter, because they did not accept that my degree did not even exempt me from the BCS part 1 entrance exams, so I never joined.

        1. Anonymous Coward
          Anonymous Coward

          Re: The fickle finger of blame...

          We used to get membership of the BCS provided by our work. As far as I can tell, this consisted of a regular (quarterly?) copy of a very dry and dull magazine, and the ability to go to some meetings and talks that nobody ever bothered with, so our employer stopped paying for it, in favour of more useful things like Pluralsight subscriptions.

          1. Doctor Syntax Silver badge

            Re: The fickle finger of blame...

            At some point there was talk of scientists having to become members of the relevant charted institute so I joined mine whilst my degree counted for admission in case they made the MIBiol exam route compulsory (I'd long since promised myself no more exams ever). The talk came to nothing but what made the membership worthwhile was a section of the magazine. It turned out most/a lot of the members were teachers and there was always a selection of exam howlers.

          2. Anonymous Coward
            Anonymous Coward

            Re: The fickle finger of blame...

            I used to be a member of BCS through work many years ago. I just found it pointless, not worth it just to have MBCS after your name.

        2. TDog

          Re: The fickle finger of blame...

          "It is likely that a developer..."

          Should ignorant organisations make statements of justification based on opinions? This doesn't sound very professional to me. I am a member of the BCS and am uncomfortable with this sort of speculation being used for justification.

          1. Flywheel Silver badge
            Holmes

            Re: The fickle finger of blame...

            Me too.. and ..

            likely that a developer, test analyst and release manager would all have been part of the process leading up to the failure

            would imply that it could be an inside job, or am I reading too much into this?

            1. Anonymous Coward
              Anonymous Coward

              Re: The fickle finger of blame...

              @"or am I reading too much into this?" nah it is just BCS talking out of their Rs in the hope that they can shoehorn themselves into being seen as an authority.

              I looked at BCS back in the '90s and discovered that someone with a MCSE qualification and 5 years experience was in their top 25% of memberhip abilities. This was the time when brain dumps had all the questions and answers availible for every MS test and there was no confirmation that the person holding the certificates was the same as the one who took the tests. Surprising how many people apparantly took their tests in places like india and yet proved to be clueless about the subject.

              I personally didn't bother signing up with BCS to avoid being tarred with the same brush given my experience that actual expertise was not a requirement for membership.

    2. Len Silver badge
      Holmes

      Re: The fickle finger of blame...

      I am not sure if backups are really a problem here. This process might have actually require there to be no backups.

      The police WILL have records that they are not allowed to keep indefinitely and that will need to be permanently removed when certain criteria are met. Perhaps because by law they are only allowed to keep some record for X years. Or because the longer retention of some data is based on the outcome of court proceedings where a not guilty verdict might have a legal impact on retention of some records.

      The police SHOULD have a system that culls any data that meets these criteria and that data SHOULD not be retained in backups.

      The police MIGHT have a weekly automated job to delete all the records that have met the deletion criteria in the previous seven days. This process MIGHT have some manual requirements (because of a flawed design or because of a deliberate safeguard). If there is a human error involved this is where that might have happened. It may not be a coincidence that it happened at the start of the year. Perhaps someone accidentally changed something to the wrong year and an additional year of data was deleted. In a process that is meant to be legally irretrievable so no backups.

      Just speculating but it would explain a thing or two...

      1. Loyal Commenter Silver badge

        Re: The fickle finger of blame...

        I'd speculate that the thing that someone might have accidentally changed might relate to new requirements arising from political decisions to no longer being part of EU-wide policing, and the requirements to remove data relating to EU citizens outside of the UK that arise from that.

        This would also explain why the likes of Priti Patel have been so vague about what the actual cause was, because the long-and-short answer is her and her brexity cohorts.

        1. Doctor Syntax Silver badge

          Re: The fickle finger of blame...

          "why the likes of Priti Patel have been so vague about what the actual cause was"

          The last time the HO tried to brief their front person on techy matters all she thought she could remember was something about hashtags. I guess they're avoiding going there again.

        2. Len Silver badge
          Meh

          Re: The fickle finger of blame...

          That is not an unreasonable assumption with regards to the timing of the incident. It would, however, suggest that the UK government is serious about not breaching agreements. And they have a poor reputation with regards to sticking to their word when it comes to sticking to data agreements

        3. James Anderson Silver badge
          Thumb Down

          Re: The fickle finger of blame...

          FFS. You cannot blame everything on brexit.

          It’s far more likely that the PNC could retain more data for longer after leaving the EU.

          1. Big_Boomer Silver badge

            Re: The fickle finger of blame...

            Why not? The incompetents in charge of Brexit have f***ed up so many other things, why not this one. Perhaps they were trying to delete data acquired from systems that they no longer have legal access to post-Brexit. Perhaps there is to be an audit process to verify that they have actually followed EU data deletion procedures, and someone panicked because they never have and that could invalidate the "Deal".

          2. Loyal Commenter Silver badge

            Re: The fickle finger of blame...

            True, you can't blame everything on brexit, but we have left data sharing agreements with EU-wide policing, which would affect systems like this, and the timing is spot on.

            I've no evidence that this is the cause, but it does fall into the "puppy sitting next to a pile of poo" category.

          3. sabroni Silver badge
            Facepalm

            Re: FFS. You cannot blame everything on brexit.

            Blame brexit? Who would be daft enough to do that when it's provided all these wonderful advantages to us?

            I mean, we wouldn't have ploughed ahead with a stupid policy with no obvious advantages, would we?

            I think we should give the £250 million we're saving a week to our nhs heroes!

            Not the foreign ones though, obv.

            1. Anonymous Coward
              Anonymous Coward

              Re: FFS. You cannot blame everything on brexit.

              Jesus there are some stupid twats when it comes to the EU and Brexit. There are 4 things you should think of:

              1. Good things about the EU.

              2. Bad things about the EU.

              3. Good things about Brexit.

              4. Bad things about Brexit.

              If all you know of and repetitively bleat on about is 4, then I suggest you get your head out of your backside and do some research. If you think the EU is all honey and light then get your head out of your backside and do some research. Put some nuance into your arguments and then come back from the proctologist because brexit brexit blah blah shows a real lack of thinking.

              1. Loyal Commenter Silver badge

                Re: FFS. You cannot blame everything on brexit.

                Indeed, 1 and 2 manifestly exist (although I've never seen any in the 2 category that were particularly convincing*, or which didn't apply more generally to our own system of government**, and which didn't seem like a reasonable trade-off for the benefits gained), and number 4 is becoming more apparent by the day. Some concrete examples of 3 please, or can we safely strike that one from the list?

                In the 1970s, when we originally joined what was then the EEC, the UK was known as the "Sick Man of Europe", and joining the bloc literally saved our economy. That name is going to be applicable again really soon, and in more than one sense, if you look at the most recent weekly COVID death figures published today which give us "world-beating" mortality figures.

                *I've seen plenty of whining about the ECB, the Euro, the Schengen borderless zone (but oddly, never the other aspects of the Schengen, like the police data sharing), all things which clearly did not apply to the UK when it was a member with its OPT OUT.

                **Such as the "bureaucrat" argument, which conveniently ignores the fact that the EU has around 30K civil servants, as opposed to the 300K in Whitehall, and one of the points of 28 27 countries working together is to reduce bureaucracy through economies of scale.

                Anyway, some examples of 3 please. Anyone? You, behind the tumbleweed?

                1. Anonymous Coward
                  Anonymous Coward

                  Re: FFS. You cannot blame everything on brexit.

                  The point is for you to do the thinking. Its a common character trait I've found that rabid supporters of the EU really like someone else to do their thinking for them. If its someone with a foreign accent to make them feel all special and sophisticated then even better.

                  If you think criticism of the Euro is whining then you need to shut-up or do some reading. It's fundamentally flawed and its supporting fiscal policy doesn't scale to the eurozone. Even the EU themselves acknowledge that.

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: FFS. You cannot blame everything on brexit.

                    The point is for you to engage in debate and support your argument. You're doing neither.

                    List the benefits of brexit for a normal uk citizen.

                    Go on.

                    You need more than one for a list.

                    1. Loyal Commenter Silver badge
                      Joke

                      Re: FFS. You cannot blame everything on brexit.

                      Nah, most modern languages support lists with zero members.

                  2. Loyal Commenter Silver badge

                    Re: FFS. You cannot blame everything on brexit.

                    If you think criticism of the Euro was a valid reason for the UK to leave the EU, then I suggest you look in your wallet and see whether it has Euros in it.

                    Before our free movement was taken away, I had the privilege of travelling freely to several countries inside the EU, and also within the common market but which are not EU members. Some of these countries have the Euro (France, Italy, Germany, Greece, Spain, Portugal), some do not (Czechia, UK, Iceland). The utility of the Euro is a matter entirely for those countries that use it.

                  3. Loyal Commenter Silver badge

                    Re: FFS. You cannot blame everything on brexit.

                    It's a "common character trait" I've found for supporters of brexit to characterise those who question their reasoning as "rabid". It's almost as if they think an ad-hom attack on others will somehow strengthen their argument. They confuse "winning" an argument with bullying someone into submission.

                  4. AlbertH
                    Holmes

                    Re: FFS. You cannot blame everything on brexit.

                    Brexit is just the start of the collapse of the whole EU project. When it was a trading organisation (the EEC that the UK joined in the '70s), it actually helped the economies of its members. During the '90s, it morphed into a grand socialistic project, invented its own "currency" (which is backed by nothing!), and started to accumulate ever more members by signing up the ex-eastern bloc countries, all of whom were broke.....

                    The Germans and the French have just realised that they're the only ones putting money into the EU project, and most of it is going to prop up the failed economies of the Mediterranean countries. Those economies probably wouldn't have failed if they hadn't been forced in the Euro, but that's another issue...

                    The bookmakers are taking bets on the next country to leave. The "smart money" seems to be split roughly evenly between Ireland and the Netherlands. Ireland have realised that they're no longer getting the "development grants" (aka "bribes") and are now expected to pay into the limitless European Pit. The Netherlands just want out - they're fed up with being dictated to by Brussels (they fought wars to avoid that a few hundred years ago!).

                    My banker friends in the City of London tell me that the EU will be lucky to survive as it is into 2023. Many of the smaller countries will leave, and there will be the usual emnity between France and Germany, with each blaming the other for it all going wrong!

                2. James Anderson Silver badge

                  Re: FFS. You cannot blame everything on brexit.

                  Currently EU fiscal policy and the EURO is governed by the German race memory of the 1920s hyper-inflation, they are applying remedies to fix a problems that occurred 100 years ago.

                  EU social policy has been high-jacked by the right wing zealots of Poland and Hungary -- and under the current rules there is nothing the other 15 members can do about it.

                  Interestingly both Spain and Italy have rejected the EUs Covid relief package after they saw what happened to Greece when they accepted a rescue loan from the EU. EU economists are still advocating "a course of leeches" as the solution to all problems.

                  Many good things abut the EU (its where I live) but it is very far from perfect.

                  1. Loyal Commenter Silver badge

                    Re: FFS. You cannot blame everything on brexit.

                    The fiscal policy of the ECB had no bearing on us whilst we were members; we weren't members of the ECB or Euro. Tey may be valid criticisms of those institutions, and I'll not claim they are perfect. However, these were used as arguments for the UK leaving the EU, and they just weren't valid because they were totally inapplicable.

                    It's a bit rich to accuse the EU of having right-wing social policy when our own country has the most right-wing government in living memory. A government who are currently talking about removing regulations that protect workers from exploitation, and most recently decided that it is fine to do trade deals with countries that commit genocide. The EU members, on the other hand, are making quite loud disapproving noises towards Hungary and Poland exactly because their social policies do not align.

                    I'm not going to claim the EU is perfect; no system is. However, it is founded on cooperation (and compromise) which is better than the alternative which is competition and conflict. I don't think it was ever well explained to the people of this country why compromise is a price worth paying for peace and prosperity.

                  2. Loyal Commenter Silver badge

                    Re: FFS. You cannot blame everything on brexit.

                    Germany wasn't the only country to experience hyper-inflation in the 20th century either, so calling this "German race memory" isn't exactly accurate. Austria, Greece, Hungary and Poland all had hyperinflation around the same time. It's largely Greece's fiscal irresponsibility before they joined the Euro, and dishonesty around how much debt the country had that led to the Greek financial crisis of a few years ago. Whilst I don't particularly agree with the response from the ECB of enforced austerity, it's not like the UK didn't have the exact same neoliberal economic policies over the last decade. This isn't a problem that is unique to the ECB, but it is one that comes around when political ideology takes over from economics, which itself isn't exactly a discipline that is free from murkiness and false assumptions.

              2. Anonymous Coward
                Anonymous Coward

                Re: Put some nuance into your arguments

                No. I'm sick of the left trying to show balance while the right moves further away from the truth.. You come up with the good things if you think there are some.

                Ask foxnews and the daily mail to show a bit of nuance. If they do it, I'll start.

          4. Peter C

            Re: The fickle finger of blame...

            Assuming the PNC actually IS compliant it would be required to remain so with existing data protection & GDPR regulations.

        4. Blazde Silver badge

          Re: The fickle finger of blame...

          "The UK requests and uses more data about foreign offenders than almost any other country. We are one of the biggest users of the European criminal records system and are leading the way in Europe to encourage the proactive sharing of information about individuals who could pose a risk to the public." - Home Office spokesperson, 2014

          "Hi guys, one last thing before we go...uh this is embarrassing... do you still have a copy of our police datas? WTT three day old dogfish" - HO 2021

      2. Woodnag Silver badge

        Records, permanent removal thereunto

        "The police WILL have records that they are not allowed to keep indefinitely and that will need to be permanently removed when certain criteria are met."

        Nothing is ever permanently removed. Beat plods won't be allowed any visibility, sure. But senior police will probably be allowed to see that there was a record of something, and can get an ministerial exception to see the data. Cheltenham will keep everything, for ever. That's their job.

        1. Big Softie

          Re: Records, permanent removal thereunto

          I believe you could argue long and hard about whether it's their job or not. There is, however, no debate that it is what they do....and lie about

      3. Doctor Syntax Silver badge

        Re: The fickle finger of blame...

        There's a long history of there being records they're not allowed to keep indefinitely, that have been kept indefinitely. The excuse being the difficulty of removing them because although they should have a process for removing them, they don't. It's been reported here a number of times. The admission that they have a weeding process blows that one out of the water.

        1. Loyal Commenter Silver badge

          Re: The fickle finger of blame...

          I suspect the rationale being given for not previously being able to remove data would be along the lines of not being able to identify the records to remove in historical data. The reasonable response would be, "well, start recording the information you need to be able to do this in future," so that any new data can be subject to such cleansing requirements.

          It's a bit like the argument for technical debt in legacy software - you might not have the resources to go back and completely re-write stuff that was written in the '80s in COBOL, that is working, but is unmaintainable. However, you sure as hell can follow best practices with anything new you write in a modern OO language that supports SOLID.

      4. juice Silver badge

        Re: The fickle finger of blame...

        > I am not sure if backups are really a problem here. This process might have actually require there to be no backups.

        A system with zero backups? Seems highly unlikely.

        I mean, I take the point that there is (probably) a hard limit on how long data can be retained for. But equally, that should be the point at which it's removed from backups, not production.

        E.g. if you have a 2 year limit on data retention, then the data should be removed from production after 18 months, and then fully nuked when the backups expire.

        Whatever happens, there should always be a way to restore your production system with recent data in the event of a catastrophic failure. And by the sound of it, that's what's missing here.

        Admittedly, this is the government, so I'm guessing the rules and policies involved are even more convoluted and unexplainable than Kafka on acid...

        1. Cynic_999 Silver badge

          Re: The fickle finger of blame...

          "

          A system with zero backups? Seems highly unlikely.

          "

          Yesterday's article mentioned that there used to be a backup in the form of a complete mirror-server at a different location, but that was lost in a fire several years ago and so far not replaced.

          In fact one or more mirror-servers would be by far the best choice of backup method in this application, because in many cases record need to be deleted in such a way that it is impossible to recover a copy of that record.

          Not that it would help in a situation where the records were erroneously but legitimately deleted - because they would be deleted from all the mirror-servers as well.

          1. ovation1357 Bronze badge

            Re: The fickle finger of blame...

            ... Which is exactly the argument we have to make to managers all the time when they try to insist that we surely don't need to pay for nightly backups because the database is replicated across multiple nodes.

            1. Loud Speaker

              Re: The fickle finger of blame...

              Point out that they will be personally for the ransom _when_ the system is breached.

          2. The Frog People Believe

            Re: The fickle finger of blame...

            Well I hope you never look after a system I rely on! Mirroring is absolutely NOT the same as a backup. Mirroring means that mistakes are replicated over; there is a distinct differences between disaster recovery and backups.

          3. Anonymous Coward
            Anonymous Coward

            Re: The fickle finger of blame...

            "Yesterday's article mentioned that there used to be a backup in the form of a complete mirror-server at a different location, but that was lost in a fire several years ago and so far not replaced."

            <needlescratch/>

            Wait, what?

            In a former life I did some work which involved the PNC. One day in mid 2005 we lost all our connections. Turns out that the backup system we were using was in a building that was unfortunately close to a certain oil depot that had just explosively disassembled itself...

            PLEASE tell me they haven't been running on a single system since then... !?

            Mind you, having experienced PITO as a customer I wouldn't be surprised...

        2. Loud Speaker

          Re: The fickle finger of blame...

          A system with zero backups? Seems . like criminal negligence<P>

          FTFY

    3. Cynic_999 Silver badge

      Re: The fickle finger of blame...

      I have little doubt that Priti Patel has been hard at work and is spending many hours every day trying to decide who is the most convenient (and expendable) person to blame. Just like many of those whose records have been deleted, the question of guilt or innocence is completely irrelevant when compared with what is the most expedient.

    4. Anonymous Coward
      Anonymous Coward

      Re: The fickle finger of blame...

      <fingers in ears>

      Na na, I can't hear you.

      The Management.

  3. illiad

    I did note to my network admin (a couple of years ago, using win 7) that it was a bit unnerving that the rightclick 'delete' was perilously close to the 'rename' and 'create shortcut' function... don't worry that what the bin is for... a big problem is, if it is on a network share, it **does not** go to the bin, but disappears..

    1. Anonymous Coward Silver badge
      Linux

      Samba can have a virtual recycle bin for just this situation.

  4. chivo243 Silver badge
    FAIL

    400,00 up from 150,000

    can I get 500,000? going once, going twice, sold to plods without a working backup?

    1. Loyal Commenter Silver badge

      Re: 400,00 up from 150,000

      If government IT overruns are anything to go by, you can probably whack another 0 on the end of that.

      1. A.P. Veening Silver badge
        Joke

        Re: 400,00 up from 150,000

        you can probably whack another 0 on the end of that.

        I would insert it somewhere in the middle, where it blends in ;)

      2. Kane Silver badge
        Joke

        Re: 400,00 up from 150,000

        "If government IT overruns are anything to go by, you can probably whack another 0 on the end of that."

        Unfortunately that would mean exceeding the Excel row limit.

  5. Anonymous Coward
    Anonymous Coward

    I heard...

    The statement I heard was that the deleted data was of people released without charge. In the event that this statement was actually true, isn't that what is supposed to happen?

    1. goodjudge

      Re: I heard...

      That was the original story I heard too, but both the volume and range have expanded since then.

      There's been years of campaigning against police retention of data from those who are interviewed then released (or to use a technical term, "innocent"), or from mass 'round up the usual suspects' attacks on demonstrations. (Anyone remember kettling?) The police / government response was not much more sophisticated than "No. Shan't. Remember Ian Huntley?", despite him and that case being a red herring in this context. A lot of people will not be unhappy that those records have now been lost due to an admin SNAFU. Losing actual criminal records and those for investigations in progress is a little more serious.

      1. Doctor Syntax Silver badge

        Re: I heard...

        "A lot of people will not be unhappy that those records have now been lost due to an admin SNAFU."

        And a lot of people will be very unhappy on account of being caught out after claiming it couldn't be done.

    2. Sykowasp

      Re: I heard...

      What if this wasn't an accident? As everyone points out, this should be nearly impossible on a mature system like this, which should have backups and lots of barriers in front of operations such as this.

      All you need to know is that an unnamed MP was recently released without charge for a (heinous) alleged crime. Perhaps there are other, unreported, cases as well relating to Tory MPs, or donors.

      So this was potentially a planned data loss to remove the records relating to this, covered up with other deleted records, in a needle in a haystack method. They'll gloriously say they recovered 90% of the records in due course from backup or paper trail, but the rest of the paper trail for the critical records will have been disappeared. Did

      Yeah, it seems far fetched and conspiracy theory like, and I'm not a fan of these in these times, and it most likely was poor backup practices and system access control. But still.

      1. Doctor Syntax Silver badge

        Re: I heard...

        If I hear that somebody has been released without charge I assume it was because there was no provable case against them and that they are, therefore innocent. That is a basic principle of the English justice system (no "not proven" stuff here), has been for centuries and hopefully, despite the longings of the HO and intelligence services, will continue to be. It applies to everyone. It applies to Tory MPs and donors. It even applies to YOU. And if you think about it a little you'll realise that the reason that it applies to Tory MPs, donors and everyone else is so that it can apply to you. And if you do a little more hard thinking you might realise that that is the most valuable protection you can have under the law.

        Meanwhile, those of us who've actually had the job of investigating allegations of criminal behaviour appreciate just how important it is that the subjects of those investigations do go unnamed.

        1. Primus Secundus Tertius

          Re: I heard...

          @Dr Syntax

          "...they are, therefore innocent."

          Not necessarily. Sometimes the Scottish position of 'not proven' is appropriate.

          1. Doctor Syntax Silver badge

            Re: I heard...

            Let me quote something with a little emphasis:

            That is a basic principle of the English justice system (no "not proven" stuff here)

          2. tiggity Silver badge

            Re: I heard...

            Not proven is only when people go to court though, as opposed to taken into custody but not charged

        2. This post has been deleted by its author

      2. Nifty Silver badge

        Re: I heard...

        Tending to agree here. Never let a good conspiracy theory go to waste.

      3. A.P. Veening Silver badge

        Re: I heard...

        As everyone points out, this should be nearly impossible on a mature system like this, which should have backups and lots of barriers in front of operations such as this.

        I think you are overlooking the minor detail of this being government IT, so hardly mature and apparently without backups. Besides that, those barriers also seem to have gone AWOL (assuming they ever existed).

    3. Anonymous Coward Silver badge
      Alien

      Re: I heard...

      That's what was supposed to happen; what the goal of the exercise was. It is not what actually happened.

  6. Pete B
    Joke

    I'd be checking the bank balance of the DBA involved.

    1. Anonymous Coward
      Anonymous Coward

      Some crime is cash only.

      * Even if a mistake it is a crime this happened.

  7. iron Silver badge

    Nice of the BCS to blame the developers. This was probably user error compounded by worse management error because there were no backups.

    I've always thought the BCS irrelevant to my profession. I'm glad I never joined despite getting the hard sell a few times.

    1. Down not across Silver badge

      Of course they do. They have an agenda. They've been for decades trying to make IT chartered profession where they can have out of date, expensive certifications.

      Must've been over 2 decades ago when I looked and was like how much? For what? Sod that...

      With hindsight, yes they are irrelevant.

      1. TimMaher Silver badge
        Facepalm

        Absolutely. I had completely forgotten about them until they surfaced in this article.

    2. 2+2=5 Silver badge
      IT Angle

      > Nice of the BCS to blame the developers. This was probably user error compounded by worse management error because there were no backups.

      Shirley, the BCS statement is making the point that it wasn't just the developer's fault because there were other people in the chain that should have checked as well but either didn't or also missed it?

      1. MrReynolds2U Bronze badge

        That is an interesting point. Maybe the BCS were alluding to the fact that PHBs are largely completely unqualified and that to rise to a position of authority in IT, you should be professionally qualified.

        1. Wibble

          AKA the Peter principle: people rise to the level of their own incompetence.

          There's too many managers around that can't do the job of the people they're managing. Whilst there's *some* skilled and talented managers who understand this and effectively delegate and manage, alas they're a rare commodity outnumbered many times over by clueless management numpties throwing their (light) weight around.

    3. Wibble

      "Quick, call the BCS" .. said nobody.

      They're fine for academia (one ass-u-me s), but not when working at the coal face with unqualified 'managers' and dubious processes. Much like attempting to read 3 volumes of The Art of Computer Programming (Knuth) - which would probably qualify as membership, but you wouldn't get a job.

  8. IGotOut Silver badge
    Coat

    Go on....

    ...see if the new guy will fall for the old DROP TABLE gag.

    1. Loyal Commenter Silver badge

      Re: Go on....

      My money's on forgetting the WHERE clause in a DELETE statement. I've seen a couple of people manage that one.

      1. MrReynolds2U Bronze badge

        Re: Go on....

        Yeah, a quick take-offline, restore and apply recent transactions from logs before re-onlining overnight and hoping nobody noticed the 2 hour outage. Been there. I deliberately mistype the initial parts of SQL statements now so they will fail in case I accidentally run them and then have an "Oh F**k" moment.

        1. Loyal Commenter Silver badge

          Re: Go on....

          As a matter of course, I would generally write any DELETE statement as SELECT * first and check it returns the results I want.

          Then, before running it, select the contents of the affected table(s) into backups, along the lines of SELECT INTO TABLENAME_20210119 * FROM TABLENAME.

          Then, where practical to do so, start a transaction before running the DELETE and only commit it if I get the expected number of records reported. I say "where practical" because you might not always have the tempdb space available.

          Of course, if you do actually want to zero out a table, you should be using TRUNCATE anyway, unless you have a particular need to be able to reverse the transaction log.

      2. Anonymous Coward
        Anonymous Coward

        Re: Go on....

        I have even done it myself.

        OTOH I have multiple tape drives and an auto-loader.

      3. anothercynic Silver badge
        Facepalm

        Re: Go on....

        Ohhhhh yes. Did that one (recently). Regretted it instantly. Had to reconstruct data (thankfully that was possible). Oy gevalt.

    2. James Anderson Silver badge

      Re: Go on....

      Apparently the data base is Adabas ... so “DROP TABLE” would be a syntax error.

      1. Loyal Commenter Silver badge

        Re: Go on....

        Unless they are using the Adabas SQL gateway apparently. Adabas is not a RDBMS I'm familiar with, but Google is your friend (in this context).

        1. 2+2=5 Silver badge
          Joke

          Re: Go on....

          > Unless they are using the Adabas SQL gateway apparently. Adabas is not a RDBMS I'm familiar with, but Google is your friend (in this context).

          When I were but a stripling starting out in the business there were job ads a plenty for Adabas and Natural. I nearly thought about re-training but never did. Eventually of course it was crushed by Oracle out-marketing everything even vaguely close as a competitor.

          However it has made me suddenly realise that the poor person responsible is more likely to have made the mistake through senility rather than youthful exuberance!

          1. Loyal Commenter Silver badge

            Re: Go on....

            When I were but a young'un, it was a case of get any job you can, and in my case, it turned out to be Equinox on Novell Netware (shudder). I was asked now to do anything with that now, I'm not sure that I could remember a single thing about it. And that's the way I want it to stay.

  9. Anonymous Coward
    Anonymous Coward

    UK Data Protection law and GDPR

    I had heard that the PNC has not been compliant with this legislation for years.

    Scuttlebutt has it that it was the implementation of rules to become compliant which went wrong, and that this problem goes back to sometime in last year so some data will have rolled off their DR backups. If that was the case, then the rules to make sure that data that should be completely purged, even from the backups may have been incorrect.

    Under UK and previously EU law, the police to not have catre blanche to keep information gathered from suspects forever. If someone is arrested for a crime, then the police can take and store information about the person. If they are subsequently released and the charges dropped, or go to trial and are cleared of the crime, then the police are bound by law to delete the fingerprints, DNA and other data that they've collected after a certain period of time.

    Anybody convicted of a crime will have their records stored forever (incidentally, this is sometimes quoted as being why police will take fingerprints from people who are stopped for minor motor offenses, even when the data has no bearing on the crime - "it's standard procedure, sir"). Once someone has been convicted, the police have the right to keep any data they've collected whether it was needed or not.

    This deletion policy does not please the police. They would really like to build up a complete database of all the people in the country whether they've been found guilty of a crime or not. If I were to put my conspiracy hat on (the one with the tin foil lining), this news story could be a deliberately created attempt to shock the people and government into a policy change to allow them to keep more information for longer.

    Within the last decade, I heard a broadcast interview about the police's DNA retention policy with who ever was the chief of ACPO at the time, where he repeatedly called people who had been arrested but not yet tried as "criminals" instead of "suspects" (not even "potential criminals"), even after being pulled up by the interviewer on more than one occasion. I'm sure that some members of the police regard all of the public as criminals who just have not yet been caught yet!

    1. alain williams Silver badge

      Re: UK Data Protection law and GDPR

      In theory backups should be cleaned as well, but in practice that is usually not practical.The important thing here is putting the deleted data "beyond use". So it might still be on a tape/... but it cannot be accessed through normal use/mechanisms.

      1. Val Halla

        Re: UK Data Protection law and GDPR

        Their recovery plan has definitely put the deleted data beyond use. It's not just the backup that failed, their DRP has clearly failed too.

    2. Doctor Syntax Silver badge

      Re: UK Data Protection law and GDPR

      repeatedly called people who had been arrested but not yet tried as "criminals" instead of "suspects"

      A crime is committed by one or more culprits and yet reports will almost inevitably say "suspect" instead. I suppose referring to suspects as "criminal" is the logical extension.

    3. Sandgrounder

      Re: UK Data Protection law and GDPR

      "Anybody convicted of a crime will have their records stored forever"

      That is not true. Only personal data from category 1 and 2 crimes are kept forever. Data from minor offences like traffic violations has to be deleted after a fixed period of time.

  10. Noonoot

    Did someone say Fujitsu?

    Is this the same Fujitsu that was the centre of attention in the post office post master scandal?

    1. Anonymous Coward
      Anonymous Coward

      Re: Did someone say Fujitsu?

      Fujitsu are the hardware supplier in this instance. The software is maintained by someone else.

      (anon because the "someone else" is another division of my employer)

    2. Mike Richards Silver badge

      Re: Did someone say Fujitsu?

      And the Libra magistrates court system that was memorably described as 'one of the worst IT projects ever seen' by the Commons Public Accounts Committee:

      https://www.computerweekly.com/news/2240049341/Courts-Libra-system-is-one-of-the-worst-IT-projects-ever-seen

  11. Peter Galbavy

    If they are able to recover records from backups then that sort of puts paid to the whole deleting-illegally-retained-personal-data stuff doesn't it? I mean, you sue the police to delete your records when you are cleared of a crime, order is granted but then even deleting the live record just removes the current version, no? Perhaps the background here is an effort to allow backups to be routinely restored in the future?

    1. Doctor Syntax Silver badge

      The RDMBS I used to work with included transaction log backups as part of the backup set. On a restore the transactions were restored as after the data. Consequently if the data backup were restored to the point in time of the last data backup, a point before a deletion took place, the subsequent restoration of the transaction log would roll forward the transactions so the deletion would be repeated.

      The full backup set may physically include the deleted data but the restored backup doesn't. I regard this as the normal and satisfactory way to handle backups in relation to deletions.

    2. meadowlark
      Happy

      Sam Goldwyn.

      This reminds me of a 'Goldwynism'. Legendary film producer Sam Goldwyn had the knack of saying or doing things in such a way, that they had people in fits e.g. "Include me out."..."A verbal agreement isn't worth the paper it's written on." etc etc.

      When he asked his secretary what was in the 12 filing cabinets cluttering up the office, she told him that they contained every single detail of films going back decades, even to the start of silent films.

      "Well get rid of them all," he said, "but keep a copy just in case."

  12. Anonymous Coward
    Anonymous Coward

    Fujitsu BS2000/OSD SE700-30 mainframe

    Loss of loads of data only some of which should have been marked for deletion?

    Can it run Crysis? Yes, it would seem so.

  13. Linker3000
    Alert

    The more the merrier

    The BCS said in a statement: "It is likely that a developer, test analyst and release manager would all have been part of the process leading up to the failure...."

    No room for a competent Change Manager in the mix?

  14. Anonymous Coward
    Anonymous Coward

    Silver lining

    Can't help but think what a gift this could be for all those pesky Freedom of Information requests....

    Sir Humphrey Appleby:

    Well, this is what we normally do in circumstnces like these.

    James Hacker:

    This file contains the complete set of papers, except for a number of secret documents, a few others which are part of still active files, some correspondence lost in the floods of 1967...

    James Hacker:

    Was 1967 a particularly bad winter?

    Sir Humphrey Appleby:

    No, a marvellous winter. We lost no end of embarrassing files.

  15. Anonymous Coward
    Anonymous Coward

    Always with the backups....

    Everyone mentions "failure in the backups" but doesn't cover other factors. This is a live system, presumably getting updates (new fingerprints, DNA results etc) on a minute by minute basis. Unless you've frozen update access, taken a backup, done your update and noticed any issues before unfreezing access, you CANNOT just go back to the backups without losing ALL changes made since the backup.

    This was a "routine housekeeping data update" which could mean it wasn't done by the IT admins, but an end user data administrator. As such, there wouldn't be a change control round it to take backups and lock access etc, so there could be hours worth of data between backup and housekeeping.

    Or, simply they didn't realise they'd lost the data until after their change window (which would be a failure in checkout). In either case, restoring the last backup isn't an option.

    What's probably taking the time is restoring the data to a test system, unpicking the data they need to restore and figuring out how to add it back in while retaining data integrity in the production system. In most databases (particularly one which has "evolved" over many years with changing requirements), that's not going to be easy. Particularly when any subsequent failure will be on the front pages, adding to stress levels...

    1. Anonymous Coward Silver badge
      Windows

      Re: Always with the backups....

      I think they're still trying to find a license for Office XP so they can run up MS Access on the staging server.

    2. Doctor Syntax Silver badge

      Re: Always with the backups....

      "What's probably taking the time is restoring the data to a test system"

      And if they don't have a DR contract by which they've tested their restore finding that system and doing the restore are going to take quite a lot of time. That's before they manually start picking the records out. And that's before they graft the records back into the live data in a way that retains consistency.

    3. veti Silver badge

      Re: Always with the backups....

      Sure, this is a tricky process, but that's why there should be a prescribed procedure to follow. Nobody should be having to work out this shit in real time.

      1. A.P. Veening Silver badge

        Re: Always with the backups....

        Sure, this is a tricky process, but that's why there should be a prescribed procedure to follow. Nobody should be having to work out this shit in real time.

        Still, somebody has to do it sometimes, I still have nightmares about the time I had to do it after a senior manager managed to delete the wrong half of a set of records in some related tables in the annual purge necessary to keep the numbers within the standard ranges. It took some time to fix everything, but as a result, some numbers in those tables were increased from six to eight digits, resulting in another set of all-nighters when some problems showed up only in production. Those were interesting times.

        1. Doctor Syntax Silver badge

          Re: Always with the backups....

          Yup. What was anticipated can have a pre-planned and possibly tested process working. What wasn't anticipated is where you earn your money.

          Where what wasn't anticipate was the need to have somebody around to sort it out is where somebody gets to earn even more money.

    4. Anonymous Coward
      Anonymous Coward

      Re: Always with the backups....

      >Everyone mentions "failure in the backups" but doesn't cover other factors. This is a live system, presumably getting updates (new fingerprints, DNA results etc) on a minute by minute basis. Unless you've frozen update access, taken a backup, done your update and noticed any issues before unfreezing access, you CANNOT just go back to the backups without losing ALL changes made since the backup.

      That depends. If each record had a unique identifier/master key then restoring those records with unique identifiers that were missing wouldn't necessarily effect the addition of new records with new unique identifiers.

  16. Anonymous Coward
    Anonymous Coward

    It's not Priti

    That's for sure.

    Also citing "Human Error" is not root-causing the real problem.

  17. Warm Braw Silver badge

    Housekeeping error

    That makes is sound like the cleaner mistakenly polished the spinning rust.

  18. HkraM
    FAIL

    2021 rollover?

    The PNC doesn't store dates as 2-digit years and then assume it's +1900 for dates above 21 does it?

  19. herman Silver badge
    FAIL

    A housekeeping error

    A housekeeping error can only mean a cleaner wielded a vacuum in the server room.

  20. CAPS LOCK

    I've got a criminal record...

    ...wait...

    ...wait...

    ..Deck of Cards by Max Bygraves...

  21. Anonymous Coward
    Anonymous Coward

    Did Robert'); DROP TABLE criminals; get arrested?

  22. Eclectic Man Silver badge

    Difficulty of deletion

    I was under the impression that the original DPA (before being overtaken by the GDPR) required that data be deleted, provided it was not too onerous to do so. Thus a person's record could be deleted from a live database and the hot standby, but allowed to remain on the backup tapes, because deleting a record from the middle of a tape archive was considered to be too demanding. Were records to be restored from the backup tape, the subject's record should not be restored, or deleted again if restored.

    The same was true of Subject Access Requests and Freedom of Information Requests. The responder could claim the task of providing the information was too difficult/expensive to justify. For example, the Met Police in the UK are only now going to record the ethnicity of people they stop in cars, so previous requests to them to state the proportion of Black and People of Colour who were stopped compared to White people could be rejected on the grounds that 'we do not record that data':

    https://www.theguardian.com/uk-news/2021/jan/18/met-police-to-start-recording-ethnicity-of-people-stopped-in-cars

    This only after several cases of high profile Black people being stopped for apparently no good reason (MET discovers that 'Driving While Black' is shockingly NOT a crime).

    1. Cynical Pie
      Coat

      Re: Difficulty of deletion

      Not strictly true.

      For subject access requests is was the cost of providing a permanent copy. so for example if you SAR contained 20k pages of emails etc then you could argue it was too expensive to provide a copy BUT you would still be required to provide access. This could be done by providing access to thr information on the network using a dedicated dumb terminal. That's where Morgan Grenfell failed when attempting to refuse to respond to a SAR many years back.

      In terms of cost FOI is quite simple its £450/£600 (18/24 hrs at £25ph) to identify, collate and prepare the data for the response. The fees are set by statute and you have to demonstrate your costs in order to apply S12.

      With regards to the example of stop and search, although you are not required to create new data in order to reply to an FOI you are also expected to provide advice and assistance and if you know a) the no of people stopped and b) their ethnicity you would be expected to do the sums.

      I know this is the case as FOI and DP is my day job and I have had to do the sums!!

      Mines the one with the FOI Act with tabs stuck all over it in the pocket

    2. Anonymous Coward
      Anonymous Coward

      Re: Difficulty of deletion

      I had thought that it was the Met who embarrassed themselves over stop-and-search, but Wikipedia claims it was City of London Police. In 2000 a middle-aged black man was stopped for "Driving While Black". Speaking afterwards, the gentleman concerned, Dr. John Sentamu (then Bishop of Stepney, and a member of the Stephen Lawrence Enquiry into Institutional Racism in the Police) claimed that it was the eighth time in eight years that he had been stopped in this way.

  23. Sparkus Bronze badge

    rm -r *

    was always thus........

    1. alain williams Silver badge

      Re: rm -r *

      Surely:

      # rm -rf /

      1. Fonant

        Re: rm -r *

        .... some time later:

        rm: command not found

        1. alain williams Silver badge

          Re: rm -r *

          No. The rm command is long running. Once it is started it will run until it has removed everything that was asked to remove. Neither does it invoke rmdir, it can do that itself. (All subject to permissions, etc.)

          1. Eclectic Man Silver badge

            Re: rm -r *

            I thought it was

            rm -r *.*

      2. adam 40 Bronze badge

        Re: rm -r *

        nohup rm -rf / &

        exit

        Just to make sure...

  24. amanfromMars 1 Silver badge

    A not so stealthy fcuk up hiding a cover-up ......

    Is anyone suggesting the loss of data is not accidental ?

    1. Cliff Thorburn

      Re: A not so stealthy fcuk up hiding a cover-up ......

      They’re definitely good at covering up.

      But not that good ;0)

      Perfect timing to break out the newly acquired laptop and plentiful backups to present a myriad of information to a new President with presentation of human rights abuses procured via psychological operations by his precarious predecessor and next chapter great gamesplaying for premium presentation :0) ....

  25. StephenTompsett

    Apollo computers used to have backup and restore commands called wbak and rbak... lots of opportunity for a slip of the finger...

    1. Eclectic Man Silver badge

      Apollo 8

      See: https://wehackthemoon.com/tech/space-sextant-navigates-moon-missions for use of a sextant to correct the navigation on Apollo missions, especially Apollo 8 when Jim Lovell accidentally corrupted the guidance computer ...

  26. Cynic_999 Silver badge
    Joke

    Housekeeping error???

    Probably means a cleaner plugged the vacuum cleaner into the wrong power socket.

  27. Anonymous Coward
    Anonymous Coward

    I'd be surprised

    if the security services don't have a spare copy they could borrow, I'm sure they've got everything else!

  28. Duffaboy
    Joke

    No Problem

    We always have a backup, don't we ?

    1. A.P. Veening Silver badge

      Re: No Problem

      Having a backup is one thing, what counts is having/getting a restore.

  29. Anonymous Coward
    Anonymous Coward

    Surely someone has an unencrypted copy on a laptop somewhere.

    1. Mr_Pitiful

      Just check at lost and found, British Rail Waterloo or Paddington

      They'll be a laptop in there with it on!

  30. Anonymous Coward
    Anonymous Coward

    ....then there's AGILE and its partner DEVOPS......

    .....not yet mentioned in dispatches. You know.....two week sprints, little testing, then the shiny new code gets deployed in production......

    *

    What could possibly go wrong??

    1. A.P. Veening Silver badge

      Re: ....then there's AGILE and its partner DEVOPS......

      What could possibly go wrong??

      I don't know, Murphy always goes right ;)

  31. Synonymous Howard

    HANSARD

    Much more detail was given in a Commons debate/statement on Monday....

    https://hansard.parliament.uk/Commons/2021-01-18/debates/BA42E21A-6FE3-42D2-9810-9C71321D05FA/PoliceNationalComputer

    Note that it was Kit Malthouse not Priti Patel that gave the statement.

  32. Anonymous Coward
    Anonymous Coward

    Backup Tapes? Backup Tapes?

    Do they really use tapes anymore?

    In a previous life [17 years ago] calls into the control room were recorded on tapes. This stuff needed replacing. We went out to the market stating that we wanted to use off the shelf hardware and record onto hard disks. The capacities of disks these days probably means that they can get a full years data on 1 hard disk [2 actually, one working disk and one backup]

    Using the company software gave timelogs for anything needed for investigations and for instantaneous search and the ability to run searches of e.g. nuisance callers.

    Off the shelf hardware makes upgrades costs effective.

    What are the limits on RAID?

  33. Anonymous Coward
    Anonymous Coward

    400,000 records deleted?

    Indulgences have always been a good money spinner.

    Is Donald Trump Catholic?

  34. Flywheel Silver badge
    Facepalm

    .. where it hoped engineers could recover the lost records from

    The NSA. They're just waiting for the Orange Guy to go and Joe will be bringing a suitcase full of ZIP Disks when he comes over to see Boris.

  35. Anonymous Coward
    Anonymous Coward

    My guess as to what actually happened

    (Anon due to prior work in this area)

    As part of the EU Exit work, a lot of data had to be deleted that they were no longer allowed to keep. This was mostly relating to European Arrest Warrants and other Schengen information (https://www.schengenvisainfo.com/news/uk-to-lose-access-to-million-pieces-of-information-on-criminals-in-case-of-a-no-deal-brexit/)

    The timing of this 'loss' would seem to match up pretty closely with the timing of the 'hit go' instructions on that deletion.

    To all the people asking 'what about the backups' when you remove this data, you have to remove the data from all the live backups, the offline archives, and even references to case IDs or other protected information that might be in log files or referenced elsewhere.

    From the outside a guess might be that as part of this surgical removal of EU data, some UK data might have got mixed up, and the one-way delete-all-the-backups nature of the work has put us in this situation.

    Finally the article mentions testing, I would assume that an operation of this delicacy would have been well tested, but remember it was only to be actually done if there was 'no deal' (or variations there of that didn't include access to this data, like the deal we finally got) and the last minute negotiations meant that there was no clarity on this until very late in the year, at which time there is very little time left to do proper testing before the date.

    Clearly the obvious answer would have been to do a lot of testing for the different possible contingencies, starting a year or two ago, so that no matter the outcome we would have a production ready solution in place. Do you really think that is what was prioritised by management?

    1. Loyal Commenter Silver badge

      Re: My guess as to what actually happened

      This is pretty much exactly what I have been saying, to which the responses have been along the lines of, "you must be some sort of Guardian reading remoaning snowflake libtard" (I paraphrase, it doesn't look like CJ has got here yet). I strongly suspect this is yet another of the amazing benefits that brexit is giving us, but some seem to enjoy keeping that cosy wool pulled over their eyes for that little bit longer.

      Of course, we have no evidence that this has anything at all to do with the "b" word, but then again, reading between the lines, Priti Patel hasn't exactly been quick in coming forward with an adequate explanation, or indeed one that says, "this has nothing to do with brexit"...

      I wonder if we will ever get a proper technical explanation of what has happened here. In theory, the purpose and workings of such a system should be public knowledge, even if the data held in it is not. The absence, or vagueness, of such an explanation in itself suggests something is being covered up, and it's not a step too far to conjecture that this is because it may be embarrassing to the government.

    2. adam 40 Bronze badge

      Re: My guess as to what actually happened

      OK, but...

      1. We didn't bomb out without a deal (nevertheless, the delete script may have been prepared)

      2. What's in the 1200 page deal looks suspiciously like the EAW except it isn't called that.

      Also, now we are out, we are even less beholden to EU's GDPR, so why delete anything?

  36. Jonathon Green

    Would anybody be surprised if......

    ...the loss of data during a “routine housekeeping” operation was used to justify removing the requirement for DNA profiles, fingerprints, etc of innocent individuals not connected to ongoing inquiries to be removed from police records.

    No?

    Me neither...

  37. Efer Brick

    the 3 absolutes

    Death

    Taxes

    Data loss

    1. Val Halla
      Pint

      Re: the 3 absolutes

      Have a beer, I'm using that.

  38. Anonymous Coward
    Anonymous Coward

    You're nicked.

    Please accept my "Get Out of Jail" card.

  39. MikeLivingstone

    How do they verify the restore is correct and not tampered with?

    Given that the police and courts are held to standards of evidence, I'd suggest that all the records deleted are now invalid and should not be restored.

    1. adam 40 Bronze badge

      Re: How do they verify the restore is correct and not tampered with?

      Yes the chain of evidence would have been interrupted. You would have to go back to the actual physical evidence which they would have had to have kept.

      In fact, reintroducing 'dodgy' data brings into question the rest of the data on the system, how do you know what data was recovered and what was on there all along?

  40. John Riddoch
    FAIL

    More info

    From the Beeb (https://www.bbc.co.uk/news/uk-55734593):

    "The Home Office previously said that the faulty script was introduced in November 2020, but it did not run until earlier this month when the error within it immediately became apparent."

    So, presumably no support/monitoring/control on the first batch run, inadequate testing, inadequate backout available after first run. How Not To Introduce A New Housekeeping Script 101...

  41. Colin Bain

    I've heard that name before...somewhere

    Fujitsu, the name behind Horizon. They made pretty good 35mm film, but computer systems, not so much

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021