Home Office IT defects may lead to another Windrush scandal, MPs warn

Ongoing demonstrations against the Windrush scandal

The Home Office has failed to address the systemic and cultural problems that led to the Windrush scandal, including major issues with a legacy IT system and the data it holds, according to a scathing new report.

The department has been making decisions on people's rights and livelihoods based on inaccurate data from systems unfit for purpose, according to a report published by the House of Commons' Public Accounts Committee (PAC).

The influential group of MPs said it was "extremely concerned" the Home Office is not taking these repeated concerns over data seriously. These are issues raised not just by the PAC, but from its predecessor, and a sea of independent commentators.

The report highlighted, for instance, that in 2016 the department rejected a recommendation by the independent chief inspector of borders and immigration to cleanse a database of 'disqualified persons'. This database included many that had been wrongly identified.

"The human consequences of this appalling scandal are tragic and well-documented. But there is a long way to go before the Home Office can credibly claim to have put things right," said PAC chair Meg Hillier MP.

"Its failure to monitor the impact on vulnerable people of its compliant environment policy was also a clear dereliction of duty - all while the Department continued to make life-changing decisions informed by bad data and inadequate systems.

"It is deeply regrettable that a scandal of this magnitude, on the back of repeated and unheeded warnings, does not appear to have fully shaken the Home Office out of its complacency about its systemic and cultural problems."

Particular concerns in the report, meanwhile, centred on the Home Office's Casework Information Database, which dates back to 1998. By the department's own admission, this legacy system has several defects and holds poor quality data.

Its replacement, dubbed Atlas, aims to provide a "customer focussed" view, with automated mechanisms to reduce the scale of manual entry by staff.

But the new system is not due to be completed until 2021, and the Home Office was unable to address how it would deal with the flow of cases being transferred to the new system. Neither did it provide a timetable for the full roll-out, according to the PAC.

The report also reiterated concerns about the quality and reliability of the data held by the Home Office, something which led to the government stopping its own data sharing practices after the Windrush scandal broke.

The department moved to manually check all data from this point onwards and said it had put in safeguards around the data it holds.

Moreover, it did not know whether issues with data and incorrect sanctions on the Windrush generations could apply to victims in other areas of the immigration system.

"The Home Secretary and Immigration Minister have been resolute in their determination to right the wrongs experienced by the Windrush generation," a Home Office spokesperson told IT Pro.

They added the department has commissioned a 'Lessons Learned' review with independent oversight and scrutiny to establish what went wrong, and prevent the scandal from happening again.

"The Taskforce has helped thousands of people of different nationalities prove their status in the UK. Through the Windrush Scheme, 3,400 people have obtained British Citizenship.

"In addition, the Taskforce has a dedicated Vulnerable Persons Team which has provided support to over 600 people including referrals to the Department for Work and Pensions for benefit claims and advice and support on housing."

The Windrush scandal is among the most damning examples of sub-standard data management. A combination of incompetence with record keeping and poor quality data saw dozens of people from the 'Windrush generation' wrongly deported from the UK.

Blockchain has been touted by many as a prospective solution to the problems the Home Office has suffered in maintaining immigration records. This would amount to an immutable record of citizen IDs, accessible by both individuals and public services.

"Public blockchains enable a self-sovereign identity, a digital identity owned by the individual it identifies," Eoin Connolly, a lecturer at the National College of Ireland and advocate for the use of distributed ledgers in the public sphere, told IT Pro.

"No corporation can deactivate it and no government can deny its existence, and because this self-sovereign identity is cryptographically secured by the individual's ownership of a private key, there isn't a single centralised honeypot where every private key is stored."

Among a flurry of recommendations, the committee said the Home Office should redesign and test its systems with both applicants and staff. The department should then report to the committee within a year on the progress it has made.

Keumars Afifi-Sabet

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.