Surveys reveal that four in five owners fail to adequately remove personal data stored by their car before selling it, placing them, their family, friends and other contacts at the mercy of criminals.
Modern cars pair with smart phones and other electronic devices via Bluetooth or USB and absorb huge amounts of our personal data.
If this data is not erased properly and all electronic connections are unpaired then not only could such highly sensitive and valuable data be accessed by the new owner or others but the previous owner could even track the vehicle, open its doors and drive it away!
Responsible motor traders would not dream of handing over customers personal details to third parties without the customers consent but that is precisely what is happening if a car is sold without the previous owners and perhaps even their own personal data erased from the cars data base.
Patently, this has major implications for all concerned and could represent a serious data breach if a motor trader allows any car to go out with any third-party data stored in its data base.
This applies equally to hire and loan cars so all personal data must be removed after each user returns the car.
So, motor traders are strongly advised to make it their practice to remove all personal data and unpair connected applications as part of its preparation before they sell/handover any used car. By providing evidence to both the seller and the buyer that all data has been removed and access rights revoked, dealers can not only stay on the right side of the Law and protect themselves from sanction but add extra value to the customer experience.
On average 55 vulnerabilities are identified daily.
What can I do?
Review your organisations priorities and ask ‘can we afford a breach?’. What do I do during an incident? Who do I involve? When do I involve the ICO?
If you’re unable to answers these questions, you need help from the experts.
