I've been reading a lot about the scandal of the UK Post Office Horizon IT system and what seems a knowingly deliberate attempt by executives at both Fujitsu UK and the Post Office to cover up what was a known set of issues.
I've been involved in technology development at all levels for over 33 years (more if you include the time when I worked whilst at University and writing code as a kid growing up) and it is fair to see I've seen my fair share of bugs in both hardware and software, some of those have been very expensive (both commercially and technically, in terms of engineering time and materials to fix). The specific details of which I will never ever discuss with anyone.
I've also on a few occasions actually had to appear in court as a witness on IT related matters, the details of which I'm not permitted to discuss here. The consequences of shall we say mis-representing the facts in this later scenario carry far broader personal and commercial consequences from perjury, perverting the cause of justice, fraud, the list goes on and as in the case of the Horizon scandal the ruining of peoples lives, including people taking there own lives.
However what is now coming to light during the statutory enquiry both in evidence being given and the inevitable leaking of documents calls into question just how ethical the people involved were. As both an employee and employer you have a duty of care, confidentiality and the like, but just how far do you take that, what do you do if you are knowingly being asked to commit perjury or pursue someone based on evidence that you know is at best tainted but more probably materially flawed? I find some of the evidence being given where people keep saying "I had no knowledge as an investigator of others experiencing the same issue" just not credible or believable. It is hard (impossible) to keep this kind of information secret within a large organisation.
I've always had a view that internally within a company full disclosure of the root cause of the issue no matter how ugly and painful that disclosure is is appropriate, as anyone that has ever worked with me will know. I'm not interested in public shaming and humiliation because people are human and whilst the likes of ChatGPT writes OK code, although I do have to say it needs serious code review and even after multiple ones of those it is not something that doesn't need further modifications by a human and rigorous testing, we are a long way from code generated this way being safe to deploy to production without serious oversight. What I am and always have been interested in in these scenarios is RCA - Root Cause Analysis with appropriate corrective action, that feedback loop where mistake are learnt from and change is made. Now to be clear that doesn't mean if a person consistently makes the same mistakes then appropriate action shouldn't been taken in line with a companies HR policy.
There comes a point where people involved have to question the ethics of a company that pursues people and covers up bugs such as those that existed in Horizon, to be clear there will still be bugs in Horizon, they just haven't found them yet, no IT system is bug free and when your delivering anything like Horizon you have three things to bear in mind, time, features and quality, you can have two from three and it is clear in this case they sacrificed the one that gets sacrificed the most, quality.
I really hope that if the same thing ever happened again (and it will) the IT industry has moved on enough such that someone would be a whistleblower and that people would actually listen to that whistleblower and they could do it in a way that doesn't ruin them personally.
On a personal note I worked with many people at Fujitsu in Japan for twenty years at all levels and I always found their ethics to be beyond reproach even with things that were difficult and I had a lot of respect for them and very much enjoyed working with them.
No comments:
Post a Comment