[UglyToad]

The other complication was that a change in the law was made to assume computer systems were correct by default due to the problems with the existing law around breathalysers and speed cameras:

"In 1997 the Law Commission published a paper which went into some detail about the use of mechanical and computer evidence in court. It seemed a little too fixated with the effective workings of speedometers, traffic lights and breathalysing devices called ‘Intoximeters.’ It concluded that the present law is ‘unsatisfactory’ because of the necessity for prosecutors to ‘prove that the computer is reliable.’"[0]

The amended law changed the burden of proof from the prosecution proving the system functioned correctly to the defence proving it didn't, without access to the systems being used to prosecute them.

[0]: The Great Post Office Scandal, Nick Wallis

[ExoticPearTree]

> The amended law changed the burden of proof from the prosecution proving the system functioned correctly to the defence proving it didn't, without access to the systems being used to prosecute them.

It is mind boggling that someone thought it is OK to put this into law. What happened to the idea of innocent until proven guilty?

[paulmd]

Seems obvious what happened in context: the government got tired of people “weaseling out” of speeding tickets and breathalyzers (think of the kids!!!) and wrote a law saying the machine right by default unless you had a reason to think otherwise. And of course prosecutors never rest at constructing a novel theory to win cases, so soon enough it was being used in serious cases and not speeding tickets…

(not that it’s fundamentally just with speeding tickets either really! but it's also kind of understandable, you're the 27th person the judge has heard today trying to weasel out of a speeding ticket with the same set of "but the machine could have been wrong!" excuses. And frankly the brits seem to be a lot more "pragmatic" about individual right vs societal ones... the political class there seems to respect the people there exceptionally little even by political-class standards lol)

[HPsquared]

The old "this time it's different" trope strikes again.

[belter]

This is the UK legal system...They have been torturing Julian Assange in front of everybody for years...

[blibble]

the UK legal system has many flaws but the handling of Assange was not one of them

he breached his bail conditions and was rightly jailed for it

[belter]

Julian Assange has been imprisoned for seven years in the UK, for what were charges in the UK of a maximum, and that is a maximum of five years. The UK Legal system regularly releases on bail people accused of murder...yes murder. Assange, was setup in court sitting away from his lawyers, inside the glass-panelled dock of the court, like if he was some modern, Hannibal Lecter, ready to jump and eat the brains of the judge. Using nothing more than the similar psychological tactics, copied from Putin in Russian. Don't even pretend the court is impartial, just make the accused show up in court, with no communication with the lawyers, and inside a cage...

Judges in the UK have been so impartial they publicly made statements of him being a narcissist, not even pretending to even appear impartial. Nils Melzer, the United Nations special rapporteur on Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment, concluded after visiting Assange in prison is treatment was nothing more than torture...

Yeah totally normal...for the UK legal system...

[blibble]

> the UK Legal system regularly releases on bail people accused of murder...yes murder.

it turns out there's consequences for jumping bail

[ndsipa_pomu]

That's a tricky law to have on the books. In general, I would agree that computer testimony (e.g. log records) is usually trustworthy, but that's with relatively simple processes such as writing information into a log or recording times and events. However, it shouldn't be applied to larger systems with more complicated functioning such as accounting software unless the results can also be backed up with detailed logs that can be verified to produce the stated result.

The fact that the Fujitsu employees had complete and un-audited access to all the remote terminals should have made the computer testimony unreliable, but of course the post office lied about that and denied that anyone had remote access.

[timthorn]

Nick (and two former subpostmasters) gave a talk to the University of Manchester a couple of years ago: https://www.youtube.com/watch?v=jpkSIGd7Z68

[amiga386]

More history and legal opinion on this: https://www.benthamsgaze.org/2022/06/30/the-legal-rule-that-...

[robertlagrant]

This is a tricky one, because you could just claim that the system wrote audit trails that show you did something due to a bug. How do you prove it either way?

[UglyToad]

I think any (financial crime) case built solely on computer evidence is too weak to be prosecuted, even if that means you end up accepting some non-zero amount of financial crime. "it is better a hundred guilty persons should escape than one innocent person should suffer" as someone once said.

In the case of the sub-postmasters the Post Office, as far as I'm aware, never proved where these stolen sums supposedly went. The computer evidence was thought terminating and was the only thing (except false confessions under duress) used to secure these convictions, rather than proper investigative work.

[VBprogrammer]

Yeah, it seems crazy to me that they didn't have to prove where this money went. I suspect the majority of people caught stealing money in any other capacity are probably caught by the changes to their lifestyle being noticed before the financial irregularities are ever spotted.

[notahacker]

The amounts people were prosecuted over supposedly stealing were in the tens of thousands of pounds (some made up the alleged discrepancy by paying back some of their own salary). Not something likely to radically alter the lifestyle of a small business owner (if they had been stealing they'd probably have spent it on cash payments to staff and family, gambling habits and boring stuff like mortgage repayments and savings)

It's crazy auditors didn't spot discrepancies especially with the high base rate of reported frauds and errors, but if finding the receipts for stolen money was the threshold for prosecution any remotely competent thief would be in the clear

[VBprogrammer]

It's hard to say exactly how much a sub-postmaster makes but from a brief search it seems to be in the range of £30k-£35k. It's not like the kind of money these people had down the back of their couch.

If there is absolutely nothing to corroborate the money going missing, no evidence presented for where or how the money was stolen then there shouldn't be enough to send someone to prison.

[UglyToad]

As the sibling comment says (max reply depth reached) the sub-postmasters in general were just about getting by. Part of why this scandal is so egregious is that these people were often just-about-managing under terms of an incredibly unfair contract with the PO.

The amounts of money involved may be small to business owners in other domains but for SPMs many were almost bankrupted by trying to replace the sums out of their own earnings as you say. This wouldn't have been a rounding error to their lifestyle, it should have been provable to any halfway decent investigator. And if not? Then they get away with it and it's the price we pay not to live in tyranny.

[singleshot_]

Blackstone’s ratio is ten to one, not a hundred to one.

[jmull]

> This is a tricky one, because you could just claim that the system wrote audit trails that show you did something due to a bug.

Well, yeah. A defendant should be able to argue that because that can (and did) happen and it's bad to routinely wrongly convict people.

[robertlagrant]

That's not the point I'm making. Obviously it's bad to wrongly convict people.

[jmull]

I guess I don't know what your point is.

I thought when you called it a "tricky one" you were expressing that it might be a bad thing if it were difficult to convict someone based primarily on audit logs.

But if you don't want people to be wrongly convicted, then surely that's a good thing, right? As we know, there's no guarantee a particular audit log is correct.

[robertlagrant]

> But if you don't want people to be wrongly convicted, then surely that's a good thing, right?

Think of it like a diagnostic test, like covid tests. That sort of test has 2 measures, not one (anyone who just says "Test X is 95% accurate!" is selling you something) - specificity and sensitivity. Sensitivity is the percentage of true positives it generates out of all positives, and specificity is the percentage of true negatives it generates out of all negatives.

I don't want people to be wrongly convicted, no, so I want legal tests to have a very high specificity. But I could do that easily, by just throwing every case out as not guilty. The hard bit is raising sensitivity at the same time. You can't just say "if you don't want people to be wrongly convicted", because that justifies far too many things.

> As we know, there's no guarantee a particular audit log is correct.

There's no guarantee anything is correct. Three witnesses could have colluded and someone might go to jail for it, but unless there's a reason to think they colluded, we don't assume that. That's the problem I'm talking about: how do we get a feel for software systems without assuming like the Post Office that they work, or like you that they don't work?