The OSCE scandal and the need for better IT teams
One of the most significant IT failures in Peru over the last few years was the system-wide failure of the automated archives of the OSCE, which is the government agency in charge of supervising procurement processes and contracting between the public and private sectors, in August 2015. According to some reports, he failure, whose origin was never clarified, led to the loss of more than 800 thousand files, corresponding to contracts awarded between 2009 and 2012, including some high-profile ones involving recent corruption scandals.
Some people speculated at the time that this might have been a hack, although no evidence to support that claim was ever provided. Politically, the blame when to the very top, to the president of the OSCE, who was held responsible of not taking precautionary measures for an scenario in which files could be lost. Since some of these files were regarded as potential evidence of corruption in some major cases involving the government, there was also the suspicion that the government purposefully tried to sabotage the system. The fact that the OSCE was presided by a close president of the First Lady until a month before the failure only contributed to fuel the suspicions. Again, the incident was never clarified.
What was the initial response at the organization once the failure was identified? According to news reports, the IT department at the OSCE formed an emergency committee and contacted HP, the vendor providing the hardware for its servers, and GMD, which was in charge of maintenance. The official diagnostic was that the server ran out of memory, a lot of its files collapsed and only the most recent ones were recovered and put on a separate storage drive—which was lent to the OSCE by the vendors.
I would like to stop and think for a second about the ‘official’ explanation, leaving the speculation aside. How could a government agency, tasked with processing and analyzing valuable contractual information, have overlooked that its server was reaching its limit? Either there was gross negligence at the top, and people at the bottom, who are the ones most likely to first notice this problem, failed to speak up, or the IT department is seriously understaffed and/or underfunded.
Lots of government agencies in Peru are starting to move from traditional physical archives to digital files—the OSCE itself went through that transition over the seven years prior to the failure. My hypothesis is that this is being done without much care, with little assistance from actual experts in IT, and without clear line of accountability to that specific individuals take responsibility for this type of situations.
With that in mind, one of the things I would prioritize in order to avoid this from happening again is to strengthen the digital teams of government agencies. This is easier said than done in that there might be a shortage of talent in country like Peru. In that case, it might be useful to first pool together IT teams from different agencies, and gradually separate each of them as the talent pool grows. This will require more money, of course. But as the 800,000 files lost in 2015 show, ignoring the need for a good IT team might end up being far more costly.