Used cars – a treasure trove of personal data and a data breach in the making

legal updates

Modern cars pair with smart phones and other electronic devices via Bluetooth or USB and absorb huge amounts of our personal data.

Read our disclaimer keyboard_arrow_down

This website content is intended as a general guide to law as it applies to the motor trade. Lawgistics has taken every effort to ensure that the contents are as accurate and up to date as at the date of first publication.

The laws and opinions expressed within this website may be varied as the law develops. As such we cannot accept liability for or the consequence of, any change of law, or official guidelines since publication or any misuse of the information provided.

The opinions in this website are based upon the experience of the authors and it must be recognised that only the courts and recognised tribunals can interpret the law with authority.

Examples given within the website are based on the experience of the authors and centre upon issues that commonly give rise to disputes. Each situation in practice will be different and may comprise several points commented upon.

If you have any doubt about the correct legal position you should seek further legal advice from Lawgistics or a suitably qualified solicitor. We cannot accept liability for your failure to take professional advice where it should reasonably be sought by a prudent person.

All characters are fictitious and should not be taken as referring to any person living or dead.

Use of this website shall be considered acceptance of the terms of the disclaimer presented above.

Surveys reveal that four in five owners fail to adequately remove personal data stored by their car before selling it, placing them, their family, friends and other contacts at the mercy of criminals.

Modern cars pair with smart phones and other electronic devices via Bluetooth or USB and absorb huge amounts of our personal data. 
If this data is not erased properly and all electronic connections are unpaired then not only could such highly sensitive and valuable data be accessed by the new owner or others but the previous owner could even track the vehicle, open its doors and drive it away!

Responsible motor traders would not dream of handing over customers personal details to third parties without the customers consent but that is precisely what is happening if a car is sold without the previous owners and perhaps even their own personal data erased from the cars data base. 
Patently, this has major implications for all concerned and could represent a serious data breach if a motor trader allows any car to go out with any third-party data stored in its data base. 

This applies equally to hire and loan cars so all personal data must be removed after each user returns the car. 

So, motor traders are strongly advised to make it their practice to remove all personal data and unpair connected applications as part of its preparation before they sell/handover any used car. By providing evidence to both the seller and the buyer that all data has been removed and access rights revoked, dealers can not only stay on the right side of the Law and protect themselves from sanction but add extra value to the customer experience.

InvolutionSTAFF UNIFORM | PROMOTIONAL WEAR | MERCHANDISE | BUSINESS GIFTS

Leading experts in print, promotional clothing, staff uniforms, branded merchandise and PPE. Involution is your brand partner for promotional marketing and workwear, a one-stop-shop for your branded marketing needs for any business size and industry.

Howard TilneyLegal AdvisorRead More by this author

Related Legal Updates

Are you ready for the UK’s data landscape change?

The ramifications for not having the correct policy and procedures in place could be costly, not only by a fine from the ICO for not paying your fee, but also by being reported for data breach

Goodbye 2021, hello 2022!

Despite an excess of 100 different commission claims hitting the Lawgistics’ desks, not one single dealer has had to part with their money.

Police ordered to disclose information

Citing the provisions of the Data Protection Act 2018.

£820 out of pocket due to a data breach

Ex-employee admitted to three offences of unlawfully obtaining personal data.

Whistleblowing and data protection

Employee’s complaint had to be considered as a protected disclosure relevant to their dismissal.

GDPR – Showing potential customers the V5

There doesn’t appear to have been a ruling from the ICO on this but our view is that showing a V5 to a potential buyer is legitimate.

Data protection charge is in force

The charge varies between £40 to £2,900 per year depending on the size of your business and your turnover.

Get in touch

Complete the form to get in touch or via our details below:

Phone
01480 455500
Address

Vinpenta House
High Causeway
Whittlesey
Peterborough
PE7 1AE

By submitting this quote you agree to our Terms & Conditions and Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.