The Post Office: Disclosure Lessons from a National Scandal

11/03/2024

An estimated 736 people were prosecuted by the Post Office between 2000 and 2014, Horizon software having been first introduced in 1999, and responsibility for prosecutions, in all but exceptional cases, being handed over to the Crown Prosecution Service in 2014. Many of those prosecuted were imprisoned, 4 committed suicide and all faced the stigma and stress of criminal prosecution. The Court of Appeal in Hamilton v Post Office Limited [2021] EWCA Crim 577 quashed 39 convictions (of the 42 appellants) on the basis that there had been an abuse of process on two grounds: that a fair trial was impossible and that it was an affront to public conscience for the appellants to have faced prosecution. This judgment followed the Post Office Group Litigation in the High Court before Fraser J known as Bates and Others v The Post Office Limited [2019] EWHC 3408.

In broad terms Post Office Limited failed to disclose that there were any faults or bugs in the Horizon software leading to miscalculations, that others had faced similar issues with the Horizon system (at least 13 of the appellants in Hamilton had raised concerns about Horizon with the helpline, National Business Support Centre, their Contracts Manager or with Post Office auditors prior to being prosecuted), and that Fujitsu (the company that had created the software) could in fact access each branch’s records and amend them remotely.

Anyone familiar with the scandal will have questioned how these prosecutions could continue for so long before the issues with disclosure were brought to light. A brief consideration of the headlines will have most lawyers baffled by how a prosecuting authority  could have applied the statutory and common law disclosure regime so poorly.  This article sets out to examine how the failures arose and lessons to be learned. The shorthand “POL” is used hereafter for Post Office Limited and “SPM” for Sub-Postmaster/mistress.

Non-Disclosure

Most of the disclosure failures uncovered relate to the failure to disclose known bugs (software errors) in Horizon’s software. There were hundreds of bugs in the software, some of them led to the money receipted by the branch falling short of the money Horizon calculated the branch should have.

The question is, why were these bugs not disclosed?

The explanation advanced by those who represented POL in the Court of Appeal in Hamilton was that this was not a wilful effort to avoid disclosing material, at least in the early days.  It was said that in the early 2000s POL was not aware of the bugs, that they were reliant upon Fujitsu for providing reports of software errors, that software was being fixed throughout the period of prosecutions, and that because of its contractual arrangements POL incurred expense when it requested this material from Fujitsu. They characterised the disclosure failures in the early prosecutions as negligent and incompetent rather than wilfull avoidance.

However, the explanation preferred by the Court of Appeal and one that seems inevitable in light of the evidence, was that disclosure was ‘deliberately’ not complied with. Although the Court of Appeal declined to indicate if any particular individuals had lied or been economical with the truth in witness statements, the culture was clearly one which vilified defendants and refused to countenance the possibility that previously trusted employees had been the victims of a computing error. The Court noted that as time went on, the POL were motivated to rely on “its own past abusive conduct by asserting that no previous challenge to Horizon had succeeded”.

For example, POL and Fujitsu met just days prior to SPM Seema Misra’s Crown Court trial to discuss a bug named by Fraser J in the High Court litigation as the ‘Receipts and Payments Mismatch’ (RPM) which had effected 40 branches. Dr Jenkins, who was one of the main software developers of Horizon and POL’s go to expert witness in criminal prosecutions, wrote the proposal to fix that bug. Days later he attended Misra’s trial and gave allegedly independent expert evidence where he failed to disclose any bugs and asserted that though he could not exclude the possibility of errors in the system, they were incapable of causing the volume of loss recorded. The particular RPM bug only affected a version of Horizon deployed in 2010, after the indictment period for Misra’s trial ended. However, 11 years later in the Court of Appeal, all parties agreed that its existence should have been disclosed when POL repeatedly asserted there was no other explanation for the loss due to the robustness of their software.

The attendance notes from another SPM, Rubina Shaheen’s trial speaks volumes of the attitude of those prosecuting. One stated: “it would appear that she is using solicitors who have jumped on the Horizon bandwagon … However, it is absolutely vital that we win as a failure could bring the whole of the Royal Mail system down. Counsel’s concerns is that juries will still believe in conspiracies and there don’t need to be many people on the jury who do believe in conspiracy for us to have a problem.”

Another question many criminal justice professionals may be asking themselves, is why did not one defence team in hundreds of criminal prosecutions obtain the disclosure of this material? In part this seems to be because many of the criminal proceedings never reached the trial stage. POL purposefully charged theft in addition to false accounting in order to elicit a plea to the lesser charge. Faced with the very real prospect of prison time, as SPM’s held a position a trust, many, understandably, took the path of least resistance. Legal teams never reached the secondary disclosure stage where they could make detailed requests of the prosecution. However, it should also be noted that defence teams who did make such requests were rebuffed. One cannot obtain what has been resolutely hidden or easily rebut assurances from those running the system that all was well.

In one of the cases that did go to trial, the case of Seema Misra, the defence made numerous disclosure requests which demanded Horizon’s code and error reports (known as PEAK and Known Error Logs or ‘KEL’) that led to the first trial listing being vacated. The defence made further disclosure requests, served six expert reports which proffered different theories as to how the software could have made an error, and also made three abuse of process applications during the course of proceedings: one was made 6 months prior to trial, one was made on the day of trial and the application was renewed at the close of the prosecution case on the basis of non-disclosure. Despite the tenacity of Seema Misra’s lawyers, the fact that a discussion had taken place days before the trial concerning a proposed “fix” for a newer version of Horizon then in circulation was not disclosed.

A wider point emerges from this discussion: in everyday criminal cases, technological evidence is treated as effectively irrebuttable: many judges and lawyers, with varying degrees of technological ability, work on the basis that computing or telephony evidence cannot readily be fabricated or mistaken. For example, it is not uncommon for the police to receive screenshots of alleged telecommunications text messages or social media unaccompanied by any meta data to actually verify its origin, accuracy and veracity. There is often little understanding that screenshots can be fabricated by anyone who can use a search engine in a matter of moments.

It is with cautious optimism that we can welcome the introduction of the Forensic Science Regulator Act 2021 and Forensic Science Regulator’s Code of Practice 2023 which creates standards of technical evidence for many areas, but includes data capture, processing, and analysis from digital storage devices. Compliance with the Act and Code are intended to ensure the reliability of this type of evidence, and athough non-compliance will not necessarily lead to exclusion, it is hoped that the Act will indicate to the judiciary and legal teams that technological evidence cannot be waved through without scrutiny as to its reliability.

Culture of Non-Recording

Another cautionary tale that emerges from the Post Office scandal is the non-recording of material which leads to its non-disclosure.

The “Clarke  advice” was written in 2013 by an in house barrister at Cartwright King Solicitors contracted by POL to prosecute SPMs. Clarke’s first advice stated that Dr Jenkins’ reports were neither accurate or independent and advised that neither he nor his reports be used in future prosecutions and that these issues needed to be disclosed to those already convicted. Clarke’s second advice a few months later stated that since his first advice a number of conferences had been conducted in order to collate disclosable material which could then be provided to current defendants and those already convicted. He had since been informed orally that some personnel in POL were advocating not producing records of meetings in order to avoid having to disclose them. He gave robust advice that such a view was entirely wrong in law and “represents a failing to fully appreciate the duties of fairness and integrity placed upon a prosecutor’s shoulders”. The Court of Appeal commended Mr Clarke for his firmness and clarity but expressed the view that it was “extraordinary” that he had to give such basic, fundamental advice to a prosecuting authority.

Such deliberate attempts to subvert the disclosure process are thankfully rarely seen, however all lawyers within the criminal justice system should remain mindful of the need to record and review all material. Conversations with complainants and witnesses may not be properly recorded in some cases by the police or by Witness Services, and adequate records may not be made. Continuing lines of enquiry can sometimes fail to be recorded in the requisite records of police investigations, particularly when they are carried out after charge and submission of files to the CPS.

The Use of Sensitive Schedules

Another specific example of the failed disclosure process which was particularly striking when reading the Hamilton judgment is the misuse of sensitive schedules. Lawyers will know that all unused material should be scheduled (numbered with a brief description) on either the non-sensitive or sensitive schedule of unused material. The defence are provided with a copy of the non-sensitive schedule of disclosure to scrutinise what material the prosecution have. They can request the material, which must be provided to them if it is considered material capable of undermining the prosecution or assisting the defence.

The sensitive schedule is not provided to the defence because that material has been deemed material which, if revealed, would give rise to a real risk of serious prejudice to an important public interest. The problem with placing anything on the sensitive schedule is that it is no longer subject to an inspection by the defence to ensure all material that should be disclosed has been. Material should only be placed on the sensitive schedule when it has to be. To this end, the reason for its sensitivity should always be recorded on the sensitive schedule to allow the prosecutor to assess if the material is sensitive within the meaning of Criminal Procedures and Investigations Act 1996 (CPIA) Code, and not merely in the colloquial sense of awkward or embarrassing. The disclosure officer must then decide separately whether the material is disclosable. If the material is both sensitive and disclosable the prosecution must either abandon the prosecution of the case or make a public interest immunity application to the court to confirm that the material can nonetheless be safely withheld from the defence.

In the case of Seema Misra an item described as an “Article relating to integrity of Horizon system, supplied with accompanying letter by defendant” was placed on the sensitive schedule. The reason for sensitivity was said to be “Could be used as mitigation, i.e. to blame Horizon system for loss”. This misapplication of the rules of disclosure is startling and concerning: it demonstrates (at best) a total misunderstanding of the definition of sensitivity and the whole CPIA regime. The fact that an item could be used as mitigation plainly does not create a serious prejudice to an important public interest.  Arguably, such a comment made on an unused schedule suggests a culture of contempt for the process of fair disclosure and a lack of appropriate oversight.

Everyone involved in the disclosure process should be mindful of the risk of misusing the sensitive schedule. Transparency of the disclosure process, which a sensitive schedule inevitably obscures, is the safest way to ensure a fair prosecution because it allows the defence to check the reasoning of the prosecution. Items should only be placed on the sensitive schedule as a matter of last resort, when methods such as redaction are incapable of appropriately sanitising  the material.

Conclusion

It would be a grave mistake to dismiss this scandal as one that could only arise in private prosecutions where the victim is also the investigator and prosecutor. No doubt this played a significant role in creating the ‘culture’ of disclosure avoidance. However, the shortcomings seen in the disclosure process are ones that are capable of repetition in everyday criminal cases. This is not least because increasingly public prosecutions are being funded by private companies. For example, numerous high street firms such as John Lewis now fund regional police forces to investigate offences of shoplifting.[1] There is at least a risk, where forces are dependent upon funding from commercial partners, to deliver results, which could have the adverse effect of placing further pressure on the disclosure regime.

We should all acknowledge that beyond the statutory and common law obligations on prosecutorial bodies to comply with disclosure and, we hope, an innate sense of fairness, there is likely to be a feeling among some prosecutors that there is no “reward” for  doing disclosure well. You are ultimately asking police officers, prosecutors and counsel to assist with the undermining of the case they have invested time, energy and expertise into building. The POL litigation will hopefully be a salutary reminder to all that this is a wrongheaded view, and that prosecutors and defence lawyers alike are engaged in the administration of justice and not the hounding of individuals, the advancement of private interests or in securing convictions at all costs: the only conviction worth having is a safe one.

[1] https://www.independent.co.uk/news/uk/home-news/shoplifting-epidemic-john-lewis-uk-high-street-b2409788.html