POL00006470
POL00006470
CONFIDENTIAL AND LEGALLY PRIVILEGED
POST OFFICE GROUP LITIGATION
Steering Group Meeting: 11 September 2017
DECISION: Should Post Office preserve the data on Horizon terminals in Claimant
branches?
1. BACKGROUND
1.1 The question of whether Horizon terminals should be preserved is being discussed through a
number of different avenues in the Group Action.
1.2 First, Freeths have informed the Claimants that when their equipment is being switched out under
the Branch Technology Programme they should ask the engineer to image the hard-drives of the
removed Horizon terminals.
1.3 The field teams have been informed that if a postmaster requests an image of their terminal that
they should contact their contract advisor with this request. The contract advisors have also
been made aware that these requests will be directed to them and that they should be escalated
to Bond Dickinson.
1.4 Secondly, there is an ongoing line of correspondence with Freeths regarding the preservation of
the physical Horizon equipment in relation to those Claimants whose contracts have been
terminated and whose terminals are being re-distributed. Freeths requests have been highly
generalised and difficult to follow. We have however explained to Freeths that:
1.4.1 the Claimants’ claims do not appear to relate to Horizon hardware; and
1.4.2 transaction data is not stored on the branch terminals but in the data centres so we
cannot see the need to image the terminals.
1.5 Fujitsu have told us that there are a number of log files kept on the Horizon terminal itself. For
example, there is a counter log file which contains a very detailed log of interactions at the device
— every access to the PIN pad and other peripherals is logged. This information is not provided
to Post Office and is stored on the terminal for a 30-day rolling period before being over-written.
Freeths have not yet been informed of the counter log files.
1.6 Post Office needs to consider whether the Horizon terminals should be preserved and how to
handle the data which is stored on those terminals. This decision should be made in light of:
1.6.1 Post Office's general duty to preserve relevant information, whilst noting that failing to
do so can lead to inferences being draw against Post Office;
1.6.2 the fact that the Managing Judge overseeing the GLO has recently given a judgment
criticising a party for failing to preserve relevant evidence and is therefore a Judge who
will focus on this issue; and
1.6.3 there is a power under the Court rules for Freeths to obtain a Court Order forcing Post
Office to preserve terminals.
1.7 Counsel has advised that adopting a hard-line and refusing to preserve any terminals is a risk.
The Court is likely to adopt a precautionary outlook, favouring preservation over the possible loss
of evidence. Counsel has advised that it would be better to offer some form of compromise to
Freeths as this (i) reduces the risk of an application being issued by Freeths with the Court; and
(ii) if an application is made, it reduces the risk of an onerous preservation Order being made.
2. PRESERVATION OF TERMINALS
2.1 Freeths are yet to confirm the aspects of the Claimants' claim which relates to Horizon hardware,
but the Generic Particulars of Claim does raise issues of data error and error repellency which
4A_36837907_1 1
POL00006470
POL00006470
CONFIDENTIAL AND LEGALLY PRIVILEGED
may be sufficiently broad to mean that the Horizons terminals may be relevant to the matters in
dispute.
2.2 141 of the Claimants are believed to be current postmasters (operating a total of 153 branches).
To consider whether it is reasonable and proportionate to place the terminals which are removed
from these branches into storage, Computer Centre will, in due course, be providing indicative
figures for:
2.2.1 retaining recovered units in secure storage on a monthly basis per a branch; and.
2.2.2 retaining recovered units in non-secured storage and providing managed/supervised
access to Freeths to inspect for a set period before disposal, again on a monthly basis
per a branch.
2.3 We anticipate that the above figures will show that the storage costs are disproportionately high.
Fujitsu has also said that taking a significant number of terminals out of circulation will put strain
on the availability of terminals in general across the network.
2.4 At this stage, we do not believe that the mass storage of terminals is necessary. There may
however be specific circumstances where a particular terminal should be preserved and a
process is already in place to securely store a small number of terminals if needed.
3. COUNTER LOGS
3.1 The transaction counter logs are normally used by the Horizon Service Desk, ATOS, and Fujitsu
to understand the cause of technical issues in a branch. When a postmaster contacts HSD with
a technical issue, it may be that diagnostics would be run to understand the problem and, if
necessary, FJ will access the transaction counter logs to assist with this process. Post Office
does not have access to these logs.
3.2 We therefore believe that Freeths would have a fair argument to ask for the logs to be preserved,
given that Fujitsu are using these logs for the very same purpose as Freeths want them — error
investigation.
3.3 The difficulty is that this could lead to Freeths asking for the logs to be preserved in 153 branches
(where a Claimant is still in post as a postmaster) every 30 days. Copying the logs is not an
automated process but requires manual action by a Fujitsu engineer. Fujitsu estimate that it
would take an engineer about 2 hours to download one set of logs from one terminal. This route
would be massively arduous and costly (as we expect Fujitsu would charge Post Office for this
work).
3.4 It is therefore proposed that a process is put in place with NBSC / HSD / Fujitsu to manage
access to the logs. In summary, a Claimant will need to show that he / she has followed the
normal procedure of reporting technical issues to HSD. Only once HSD has closed its
investigations will the logs be provided to Freeths. We envisage the process will work as follows:
3.4.1 Claimant raises with NBSC that they have suffered a loss that they believe is due to
Horizon.
3.4.2 NBSC investigates the possibility of an operational error and, if none found, passes the
issue to HSD.
3.4.3 HSD try to resolve the issue.
3.4.4 If there is no resolution, Freeths may make a request to BD for preservation of the logs
covering the period where the loss occurred.
3.4.5 BD instruct Fujitsu to extract the logs. The logs are sent to Freeths for preservation.
4A_36837907_1 2
POL00006470
POL00006470
CONFIDENTIAL AND LEGALLY PRIVILEGED
4. RECOMMENDATION
41 Subject to the costs of the above process being reasonable, we recommend that Freeths are
informed about the counter logs and the above preservation process is proposed as a reasonable
compromise.
4A_36837907_1