Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
United Kingdom Privacy IT

Scotland's Police Lose Data Because of Programmer's Error 108

Anne Thwacks writes Assistant Chief Constable Wayne Mawson told the [Scottish Police Authority] committee that a total of 20,086 records had been lost because a computer programmer pressed the wrong button between May and July last year. He added: "....they had been properly put on the system by the officers as a result of stopping and searching people, but we lost the outcome of it as a computer programming error. We have been working really hard to recover that data. I have personally overseen the sending out of several thousand emails to officers and follow-up audits. We have been working hard with HMICS to oversee everything that we do, to make sure it is done properly and I am pleased to say that the vast majority of that data, those results, are now back on the system."
This discussion has been archived. No new comments can be posted.

Scotland's Police Lose Data Because of Programmer's Error

Comments Filter:
  • What if? (Score:2, Insightful)

    by Anonymous Coward

    What if there was people powerful enough (politicians, ...) to clean their record? No, no, cannot be, complot theory. They surely don't have any functional backup. I am a believer my overlord.

    • Re:What if? (Score:5, Insightful)

      by u38cg ( 607297 ) <calum@callingthetune.co.uk> on Friday February 20, 2015 @05:30AM (#49093461) Homepage
      Stop and search just doesn't happen to rich people. Stop, maybe, but certainly not search.
      • by plopez ( 54068 )

        Because they can afford *good* lawyers.

        • by u38cg ( 607297 )
          Not so much. One, they 'obviously' don't need to be searched and two, mostly aren't in an area where stop and search is proceeding.
    • by Anonymous Coward

      This has very little to do with people's police records becoming clean - it's about the police misleading the public (and our politicans) about the number of stop-and-searches being carried out ("they had been properly put on the system by the officers as a result of stopping and searching people, but we lost the outcome of it as a computer programming error"). Scotland - uniquely in the UK - continues to carry out "consensual searches" (searches with the "consent" of the victim) even when the person being

    • Re:What if? (Score:5, Funny)

      by freak0fnature ( 1838248 ) on Friday February 20, 2015 @08:43AM (#49093983)
      Reminds me of lost IRS emails...
  • Bureaucracy in action: " I have personally overseen the sending out of several thousand emails". If there were less people at overseeing emails and more in IT the whole mess would not have happened. Perhaps they should even try reading about backups next time.

  • by Anonymous Coward

    Shouldn't that be typist or data clerk?

  • by Simon Brooke ( 45012 ) <stillyet@googlemail.com> on Friday February 20, 2015 @03:09AM (#49093153) Homepage Journal

    Speaking as someone who's been following this story as it developed, it seems to me that the data that has been 'lost' is data the high heid yins of Scotland's police were very eager to lose. They'd been acting beyond their remit - and probably beyond the law - and they knew it.

    So I suspect someone with scrambled egg on their hat took that programmer into a quiet room and said 'you will make an unfortunate error this afternoon, or we'll be sending the boys round'. I'm pretty sure the government suspect the same.

    Heads will, I suspect, roll - and I don't think they will be the heads of programmers.

    • Heads will roll? (Score:4, Insightful)

      by Bruce66423 ( 1678196 ) on Friday February 20, 2015 @03:42AM (#49093215)
      In your dreams. They've got plausible deniability. It would be good to come back in five years and watch the career paths of those involved, especially this 'programmer'.
      • by JaredOfEuropa ( 526365 ) on Friday February 20, 2015 @05:11AM (#49093417) Journal
        You would expect organisations like these to be held to a higher level accountability than us mere mortals, but sadly that is often not the case. Try tell an Internal Revenue inspector: "I am sorry but I have lost those records of my offshore savings account due to pressing a wrong button" and see what answer you get. Hell, as a kid I never got away with "the dog ate my homework". Yet what consequences will follow from losing hundreds of important police records during an investigation into police conduct?

        If any one person, under orders, acting on their own initiative or simply making a mistake, is capable of irrevocably wiping important records like these, then there is something seriously wrong with your organisation. Someone is responsible for managing IT and keeping information/records at the police, start with them.
        • I knew a guy who was believed when he said the dog ate his homework, because he went into details as to how hard it was to get the dog to eat it.

    • by AK Marc ( 707885 )

      So I suspect someone with scrambled egg on their hat took that programmer into a quiet room and said 'you will make an unfortunate error this afternoon, or we'll be sending the boys round'. I'm pretty sure the government suspect the same.

      Heads will, I suspect, roll - and I don't think they will be the heads of programmers.

      They will be of programmers. It'll be a programmer that logged in, and a programmer that hit the keys.

      The programmer should have demanded a signed sheet of paper ordering the "error". If they threaten to fire him for that, he points out that if he's fired, then he'll talk. They'll either kill the programmer (pretty rare, despite what the movies indicate) or work out some paperwork in a mutually-destructive-pact. Not the police, but when I've ever been asked to do something questionable, I've always man

    • heid yins

      Is that like a muckety muck?

      Slightly more seriously, how is "heid" pronounced (besides with a Scottish accent)? Like "hide"? "Heed"? I'm assuming "yin" is pronounced the same as it would be in "yin-yang"?

      In any case, my thanks for the new bit of slang....

      • by ColdGrits ( 204506 ) on Friday February 20, 2015 @06:47AM (#49093669)

        heid yins

        Is that like a muckety muck?

        Slightly more seriously, how is "heid" pronounced (besides with a Scottish accent)? Like "hide"? "Heed"? I'm assuming "yin" is pronounced the same as it would be in "yin-yang"?

        In any case, my thanks for the new bit of slang....

        Heid is pronounced "heed"
        Yin, well, "Yin"

        Head yin - Big Boss, The Head of the Outfit. The Head One.

    • Heads will, I suspect, roll - and I don't think they will be the heads of programmers.

      And if they do, it will be the new guy in the mailroom, or the third shift janitor.

      • And if they do, it will be the new guy in the mailroom, or the third shift janitor.

        Depending on which is not a fluent English speaker.

  • by Bomarc ( 306716 ) on Friday February 20, 2015 @03:12AM (#49093159) Homepage
    At least this article admits to a level of "programmer error". However --- like most "computer error" news articles, this one misses a key point: This (like many others) is actually management error. Management failed to oversee programmers. Management failed implement test. Management failed.
    I just wonder how much longer before software testing will get the respect it deserves.
    • Software testing doesn't protect against a user pressing the wrong button, which then works as expected. I agree it's a management error, but the failure in such cases is a lack of user testing.

      Systems should be designed to follow the interactions that are more likely to be made by users, not the other way around - forcing users to follow the path that a developer thought would make sense. Unfortunately, user-centered design is still a foreign concept to a good chunk of developer houses.

      • Comment removed based on user account deletion
        • by Anonymous Coward

          I go toe to toe with my boss on a weekly basis about how hard it should be to delete records from the medical record system we developed. Our support lines get swamped with lowly receptionists who need to remove notes they've made on a patient's phone log (an important part of the chart) and they just don't want to bother the manager or the doctor who are actually authorized to remove notes from the chart, they're just so, so very busy, you know.

          • There is never a need to remove anything at all from such records. Set the "status" to "deleted" is appropriate. This means that whatever the SQL user the programmer can log into the database with is not granted "DELETE" permission on anything at all.
      • The error here is that the programmer was given a login to a database and that login had been granted "DELETE" permissions. On vital systems, the standard software should basically never be granted "DELETE" permissions, only CREATE, SELECT and UPDATE. Deleting a record should involve setting its status to "deleted" nothing else. There is only one reason (except the obvious ability to use referential integrity when doing business operations) to delete something from a table, and that is to free up space. Sin

    • Management failed.

      Yep, if the coder followed procedures, not his fault, if there were no procedures also not his fault. Inadequate testing regime, again, not his fault. Anyone in the business of coding for more than an hour knows serious coding errors like this happen all the time in development. If these expected errors manage to navigate the layers of testers and admins between check-in and production then someone else screwed-up, either that or there's a hole in the test/delivery procedures.

      Don't have layers of testers

      • by Bomarc ( 306716 )
        Some highlights:
        o Worked for large co; found several "Sev 1" bugs on a product was was proposed to be released soon. I was put on inventorying computers; product became one of the larges failures in company's history due to -- bugs.
        o Same co, later: needed to make a code drop to another business. My job: To make sure that the code worked as expected, and could compile. (they got a "special" version of the code.) I told the PM that we shouldn't have the code on a given storage server -- it (the code) co
        • I had my contract with a bank end shortly after I was told to promote a certain program (in Perl) from QA to Production, and did so without checking whether the program in Production was at all similar to what was checked in. It turned out that it had been changed on the production machine without checking it in or putting it in Test or QA, and that my not checking for that was a Bad Thing according to the manager. I was relieved to have that contract end.

    • by Minwee ( 522556 )

      This (like many others) is actually management error. Management failed to oversee programmers. Management failed implement test. Management failed.

      And Management lost potentially incriminating records which contradicted what Management had stated publicly. Management destroyed evidence of unlawful behaviour carried out by Management, and it can no longer be used against Management. And the worst that will happen as a result of this is there will be a mildly embarrassing story in the BBC followed by an increase in the IT budget, ostensibly to prevent further "mistakes".

      Management succeeded . Brilliantly.

    • by tnk1 ( 899206 )

      Management failed to prevent "programmers" from having access to production systems. Developers will break things all the time in the course of development, which is why you don't have them working on your actual production system.

      Unless they meant a system administrator or a data entry clerk with access to delete existing records was a "programmer", which is just as likely given the usual level of government understanding of IT.

    • At least this article admits to a level of "programmer error". However --- like most "computer error" news articles, this one misses a key point: This (like many others) is actually management error. Management failed to oversee programmers. Management failed implement test. Management failed.

      Assuming story on its face is true the blame for failure to recover goes to IT hierarchy responsible for managing the database. No data programming error should have the capability of causing unrecoverable data loss. It isn't so much you guard against someone or something typing DELETE FROM ... as much as retaining ability to restore database to a transitionally consistent state immediately prior to execution. There is no excuse for failure to retain a chain of log backups.

      • by Bomarc ( 306716 )
        ... and management failed to implement policies and practices in place to prevent development from having direct access to production DB's (without oversight). (It did appear that backups were maintained)

        Even some thing as simple as "database cleanup" can be a problem when not properly tested. In once instance I was testing a server/database migration/upgrade. In the Test Plan, I called out that permission issues could not be tested (security wouldn't allow it) and failure to test could result in data l
  • The good old "DELETE FROM records WHERE 1;.... FFFFFFFFFFFFFUUUUUU----" on the production system on a Friday afternoon...

    • The good old "DELETE FROM records WHERE 1;.... FFFFFFFFFFFFFUUUUUU----" on the production system on a Friday afternoon...

      Even then you would have to be a hack to not be able to recover a snapshot of database prior to the incident from redo log.

      Properly managed capability to see database as it existed at any point in time is maintained throughout the useful life of the database with no exceptions.

  • It is amazing that in this day and age, a system containing police records allow certain users to delete data in an irrevocable way whether it is a button press or anything else.
  • by hazeii ( 5702 ) on Friday February 20, 2015 @03:20AM (#49093175) Homepage
    Very convenient, and of course we all know programmers develop their code on the only copy of a live database (of which there are no backups)...
    • Yeah, someone working in the police force there is either very incompetent or very shady. I think the latter is more likely. It's not 1990, this sort of data will be backed up unless someone specifically decides not to.
      • Yeah, someone working in the police force there is either very incompetent or very shady.

        Actually, you are overlooking the most likely scenario: Someone (or more than someone) working for the Scottish Police Authority is both very incompetent AND very shady.

    • by Kjella ( 173770 ) on Friday February 20, 2015 @06:47AM (#49093673) Homepage

      Very convenient, and of course we all know programmers develop their code on the only copy of a live database (of which there are no backups)...

      I know of at least one project from my former life as a consultant where that happened, the production server was available and being set up to match development for the first release, then it kinda just rolled into production without anyone notifying IT so all the production monitoring, backups etc. was never turned on. They were not happy when they eventually found out many months and many, many manhours of production data later, but fortunately nothing bad happened in the mean time. Or another project I was on, where finance had kinda built their own system outside IT that they de facto used for reporting but wasn't supported in any way. If you haven't seen it happen, be grateful.

    • by DarkOx ( 621550 )

      Smaltalk...

  • Phrasing? (Score:5, Insightful)

    by GrandCow ( 229565 ) on Friday February 20, 2015 @03:24AM (#49093183)

    "Programmer error" != some idiot pressing the wrong button.

    If you want powerful software, you get powerful results. You also get powerful fuck-ups. Don't blame the person who coded it, blame the idiot who clicked through 4 different "are you REALLY SURE you want to do this" warnings.

    • Or you can blame the idiot designer who didn't properly explain the consequences of "doing this" in their black-box interface, so that the user could make an informed decision.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Or you can blame the designer that designed a system where it's possible for a normal user of the system to bulk delete an entire swath of the database while working on a single record, and without having an audit trail record that allows point-in-time recovery from backups without any data loss.

    • by Dr. Evil ( 3501 )

      The article's title is sensationalist and the caption feeds that sensationalism.

      The content itself is more nuianced.

      records were corrupted last year

      "computer programmer pressed the wrong button between May and July last year".

      we lost the outcome of it as a computer programming error.

      "made a mistake in the language that I used"

      He added: "That lost the results data from those records. So they had been properly put on the system by the officers as a result of stopping and searching people, but we los

  • Is it next to the "any" key?

  • by Anonymous Coward

    Seriously, what kind of system can't recover from a backup? Why can't this system? What idiot allowed the situation to arise where backups can't be restored?

  • by Anonymous Coward

    Didn't GCHQ have a backup? They have a Backup Of Everything, no?

    (captcha: archives)

  • ye olde 'programmer pressed the wrong button' again when the brass ignored their pleas for implementing backup systems.

    Karma _is_ a bitch.

  • Those that can, do. Those that can't teach. Those that can't even teach end up working for the cops, either as 'forensics', trashing peoples computers, or clowns like this one.
  • A single key mistake from a programmer (not a user, be warned) that can delete a whole lot of data needs a specific function to be coded.
    Cannot be a mistake. It's intentional. Intentional stupidity at least.
    On the other side a single key error from a user is different. But still, a function that wipes data, all of them, with a single key(press) should require no less than a second key for confirmation.
    My personal diagnosis:
    - 95% The report is totaly nonsense trying to move responsibility on someone else.
    • Consider the difference between "DELETE FROM foo WHERE bar = 0;" and DELETE FROM foo WHERE bar > 0;". If bar is a numeric column that should always be positive, we've gone from deleting erroneous rows to all good rows. One character difference. Easy to do accidentally. Also easy to catch if the shop is properly run, and if top management doesn't want that error to happen.

      • This type of cases falls in the "stupidity" category. That also means that the case has never been reviewd and tested. Double stupidity.
    • One I saw.

      Business application. Sales bean counting.

      Pretty standard stuff. Start a new entry. First step. Enter old buisness#, leave blank for new. When enter is hit the computer creates parent row and returns new # to client.

      If you bailed out of the entry without hitting enter once, it would call cleanup with null. Which was fine, except the one cleanup function our 'genius architect' had written himself, to help make the deadline. For some reason he thought that a null meant no constraint, delete e

  • "Assistant Chief Constable Wayne Mawson told the [Scottish Police Authority] committee that a total of 20,086 records had been lost because a computer programmer pressed the wrong button"

    And they don't keep backups, like the most trivial ISP does, like I used to work for ...
  • by Trailer Trash ( 60756 ) on Friday February 20, 2015 @08:25AM (#49093913) Homepage

    Is Lois Lerner working in Scotland now?

  • by Anonymous Coward

    It is inexcusable to not have a backup of the database. Sure the programmer was stupid. Should take less than 5 minutes to restore that many records from the backup that should be in place.

    • by ihtoit ( 3393327 )

      the backups were apparently in police notebooks. Police notebooks are intended to be complete verbatim records of encounters with members of the public, but we all know that doesn't happen. We are talking about stop/search records here, and while City of London police did pilot body cams for a while (I submitted a story on this, it was rejected for strange unknown reason) in response to a public campaign for police to submit to constant public monitoring ("Leon's Law") hence complete oversight by the PUBLIC

  • ...mind, is: ...why was a lowly data monkey allowed the sort of access required to "accidentally" delete official records??

    It takes a special kind of negligent to permit such crass contempt for operational data. This should prompt a criminal prosecution of not only the operator but the idiot who accepted the specification as well. Hell, my personal wiki doesn't allow deletion (as is the default, it takes a deliberate effort to change this to allow even an administrator account to delete ANYTHING), because y

  • You cannot lose data because of one wrong keystroke. You can only lose data as part of a persistent culture of being careless about data. Anything put into this system should be logged, and that log is the backup. Data was lost due to inadequate, incompetent design. Or, it was designed to lose data, and it was very competent.

    • Well, there was a lot of wrong keystrokes in just the right order leading up to this, but it did end in the erroneous pressing of "enter" - without which the prior keystrokes of DELETE * FROM EVIDENCE wouldn't have mattered.

      But it was definitely the single, final, erroneous keystroke that is to blame and therefore definitely an accident.

  • TFA:

    The admission came as senior officers appeared before a Holyrood committee.

    Among them was Chief Constable Sir Stephen House, who said he had apologised for giving incorrect information to the police watchdog over stop and search statistics.

    This is something that can only happen in Holyrood.
    Sounds like they need to get their House in order

  • Whatever happened to off-line backups? One mistake can't wipe you out then.

    • Whatever happened to off-line backups? One mistake can't wipe you out then.

      What is worse all database systems worth using offer the ability to view the database as it was at any point in history. It is like a rolling historical backup guaranteeing data cannot be lost forever due to mistakes manipulating data.

  • a few neds prolly got ewey scot free like.
  • This news breaks the same DAY leaks of Police Scotland are discovered to have been (and continue to be) performing an undisclosed number of "consensual" stop-searches on *children* under 12?

    HINT: CHILDREN UNDER 12 CANNOT LAWFULLY GIVE CONSENT IN SCOTLAND.

    This while the Hollie Grieg thing is STILL ongoing despite the fact that Robert Green has been persecuted by the Scottish police and judiciary for exposing the former Lord Advocate's involvement in the cover-up of her friends' involvement, more to the point

  • An event driven and event sourced system would have prevented this.

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]

Working...