The Post Office Horizon scandal has long been a frustrating one to follow as a technology reporter, because – for all that it stems from the botched rollout of a massive government IT project – it isn’t a technology story at all.
There is a desire, with stories like this, to uncover the one specific fault from which the disaster unfolded. Take Grenfell Tower: there were flaws throughout the system, uncovered in harrowing detail by the inquiry into the fire, but it’s also clear that the deadly error was cladding the building with flammable panels. Identifying that fulcrum point leads to further questions in both directions (how were the panels deemed safe and could the building have been safely evacuated even given that flaw), but it is clear where the catastrophe lies.
With the Horizon system, it feels as if there should be an equivalent focus point. “What was it about Horizon that led to so many false accounts” is a question I have asked, and been asked, so many times over the decade since I first became aware of of the scandal thanks to the reporting from Computer Weekly. I’ve looked into the architecture of the system, hoping to find the telling nugget, the terrible decision from which all the ensuing problems spiralled, that I could sagely explain to provide the technical underpinning to a very human story of malice and greed.
And yet the conclusion I’ve been forced to draw is that Horizon was just really, really broken. Toe to tip, the system sucked. The sheer plethora of technical errors, worst-practice decisions, and lazy corners cut is likely one reason why the Post Office continued fighting for so long, since different subpostmasters experienced radically different flaws.
Where one had a screen that froze but continued to accept inputs, invisibly writing transactions to the database, another simply had an edge-case bug in the underlying system that failed to lock transactions when they should have been inalterable. Others had problems with the networking with the central database, leading to transactions being silently dropped whenever there was a hiccup with the data connection.
If you still want to track down the point where bad IT became a crisis, then you have to look past the tech altogether. The Post Office declared, as fiat, that Horizon worked. From there, everything that happened after was the logical conclusion. If Horizon works, then the errors must be because of what the subpostmasters did. If they say they made no errors, then they must have committed fraud. If they committed fraud, then a conviction is morally just.
But Horizon didn’t work.
Today’s big tech companies would never be so gauche as to insist that their software is flawless. If anything, the opposite has become the accepted reality: “all software has bugs” is blithely repeated so often as to imply that users are asking too much for critical technology to work reliably.
Yet they often still act as though they believe the opposite. My inbox is filled with a constant, unmanageable, stream of people who have been wrongly flagged as spammers or fraudsters or robots by the automated systems of Facebook, Google, Amazon or Apple. These people have lost years of purchases, access to their friends and family, or pages and profiles that they had built a career on. I can’t help them all and still do my day job, and yet, curiously, the cases I find capacity to query with the big companies almost always turn out to be easily fixable.
No one would claim that even the worst piece of software put out by Google is a fraction as broken as Horizon was. (The Post Office says the current version of the software, dating from 2017, was found to be “robust, relative to comparable systems”.) But if the actual sin is acting like your broken software couldn’t possibly have flaws, then big tech might have more lessons to learn from the scandal than they care to admit.
Substack exodus
If you go to the App Store page for Substack, the newsletter platform that has spent the last year expanding into a subscription-focused social network, you will see (at time of writing) a lovely screenshot declaring it “A home for readers”, and showing the homepage for a user subscribed to two newsletters, Platformer and Garbage Day.
On Wednesday, Garbage Day published its last Substack newsletter:
I really liked using Substack and have had great interactions with their team over the years and don’t actually want to move tbh. But it’s clear that it’s time. So, over the next month, I’ll be migrating off the site.
On Friday, Platformer published its last Substack newsletter:
After much consideration, we have decided to move Platformer off of Substack. Over the next few days, the publication will migrate to a new website powered by the nonprofit, open-source publishing platform Ghost.
To lose one flagship newsletter may be regarded as a misfortune; to lose both looks like carelessness.
These newsletters, and many others across the platform, are leaving because of Substack’s insistence on providing censorship-free service even to Nazis so long as they don’t break its permissive code of conduct. Substack’s Hamish McKenzie posted a widely-shared note in late December, which said: “We don’t think that censorship (including through demonetizing publications) makes the problem go away – in fact, it makes it worse. We believe that supporting individual rights and civil liberties while subjecting ideas to open discourse is the best way to strip bad ideas of their power.”
But what began as a dispute over moderation could metastasise into something far more painful for the platform. Since its inception, the site has been proudly “writer-led”, reminding authors that “we only get paid when you do”, and promising that switching to another platform is just a button press away. The service monetises by taking 10% of all paid subscriptions, and cross-subsidises free ones accordingly.
While everything is going well, the deal works for everyone. Writers earn money, Substack earns money, the wheels turn and everyone’s happy. But Substack’s competitors – platforms including Ghost and Beehiiv – offer a different deal: pay a flat fee depending on how many emails you want to send, and keep all the money you raise. It’s particularly appealing to those writers who have built a substantial paid userbase, but it’s a deal that few have taken up until now.
That’s partially because of the wider “recommendation engine” that Substack has built: newsletters can recommend other newsletters, users of the service’s Twitter-style feed, called Notes, can follow and retweet writers, and the platform itself will merrily suggest you new things to read. The implied deal is that Substack will continue to grow your readership by enough to justify its larger cut of your earnings.
In practice, based on conversations with writers across Substack, in the UK and US, the deal doesn’t aways work. Substack’s platform generates free subscribers, but few paid ones. And, as the site’s leadership has doubled down on its policy to serve anyone, including Nazis, having a newsletter on Substack has started to hit writers’ ability to keep paid subscribers as well.
For Casey Newton, the founder of Platformer, the subject of the conflict may be different, but the pattern is all too familiar:
Substack’s tools are designed to help publications grow quickly and make lots of money – money that is shared with Substack. That design demands responsible thinking about who will be promoted, and how.
The company’s defense boils down to the fact that nothing that bad has happened yet. But we have seen this movie before, from Alex Jones to anti-vaxxers to QAnon, and will not remain to watch it play out again.