We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
IMPORTANT: Please make sure your posts do not contain any personally identifiable information (both your own and that of others). When uploading images, please take care that you have redacted all personal information including number plates, reference numbers and QR codes (which may reveal vehicle information when scanned).
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
CEL Whacked for £900 in DPA Breach Counterclaim
Options
Comments
-
Not sure if that is a honest or sarcastic post but i'll take it
Just my opinion however and I am sure others will have a differing one. Though my other question is, does the DVLA obtain any evidence from the parking company that it has a legitimate claim? If it doesn't then no doubt the indemnity provisions would kick in which they can recover from the parking company if they have to pay out for any breaches. 0 -
The PPCs have a KADOE contract with the DVLA. The PPC requests keeper details for an alleged parking event (allegedly) in accordance with that contract. The DVLA provide this in good faith.
The PPC sends a NTK to the keeper. The keeper appeals, succeeds, and makes a counter claim stating the PPC has misused personal data obtained from the DVLA. The PPC gets punished for this if a judge believes this to be the case.
The DVLA would be in breach of the DPA if they misused the data themselves, or gave it to the PPC knowing that a breach had been, or would be carried out.
It would be up to grown up court to decide that.
If it can be proven that the DVLA were negligent in releasing the keeper data, they would be liable. The question is, from the information provided by the PPC, how would, or could, or should the DVLA know a breach had, or would occur, and how were they negligent in providing this data?
I do not want the DVLA to give out keeper data to private parking companies, but acts of parliament allow it provided certain requirements have been met, such as timescales and membership of an ATA, and compliance with the POFA.
It is assumed that the PPCs will follow these acts and ATA CoPs and therefore at the point of the request, the DVLA "believe" the requirements have been met, and supply the data.
In the eyes of the UK Government, the DVLA have done nothing wrong. Any DPA breach is therefore the result of the PPC misusing the data supplied in good faith and therefore it is the PPC that rightly gets punished.
It is a moot point whether the DVLA is jointly and severally liable, even though most of us believe that this should be the case.
How do people like us get it changed?I married my cousin. I had to...I don't have a sister.
All my screwdrivers are cordless."You're Safety Is My Primary Concern Dear" - Laks0 -
... In a nutshell and without going into extensive detail, it is the DVLA who exercises the control and determines the use and purpose. Whereas CEL are simply following the instructions laid out by the DVLA and would not make them a data controller.
Well, it seems those beacons of legal expertise, Gladstones, don't agree with your argument.
in cases where we have assisted someone to make a claim, or counterclaim, under this heading, the pleadings will state that the motorist is a data subject, the data is personal data, and the PPC is a data controller.
In all defences I've seen from Gladstones, they acknowledge that those points are correct.
I also suspect that CEL would not be granted leave to appeal the decision in this thread, given that they failed to attend the hearing.
I have been providing assistance, including Lay Representation at Court hearings (current score: won 57, lost 14), to defendants in parking cases for over 5 years. I have an LLB (Hons) degree, and have a Graduate Diploma in Civil Litigation from CILEx. However, any advice given on these forums by me is NOT formal legal advice, and I accept no liability for its accuracy.0 -
Though my other question is, does the DVLA obtain any evidence from the parking company that it has a legitimate claim?
Yes and no. Some would say that the DVLA pay lip service to this requirement.
They ask the PPC to tick a few boxes and the DVLA also rely on membership of the non-regulating Trade Bodies (ATAs), to *show* that the PPC in question *must have* reasonable cause. Non ATA members are not allowed data.
I expect the question about 'data controllers' of this data might be covered in the Duff case where the DVLA told him where to go, but hey, it's sunny out, so the garden is calling to me, I've been at work from 7.30am till 5.30pm and given the choice, I think it's time for a glass of wine.
Interesting debate though, and a brilliant transcript once it is obtained. Well done to Barry Beavis, what he has done in this case is in true 'fightback style' v the PPCs. I still think right now, we are fighting a losing battle because not enough people care and too many people pay.PRIVATE 'PCN'? DON'T PAY BUT DON'T IGNORE IT (except N.Ireland).
CLICK at the top or bottom of any page where it says:
Home»Motoring»Parking Tickets Fines & Parking - read the NEWBIES THREAD0 -
If it can be proven that the DVLA were negligent in releasing the keeper data, they would be liable. The question is, from the information provided by the PPC, how would, or could, or should the DVLA know a breach had, or would occur, and how were they negligent in providing this data?
Under the current legislation, data processors are only liable for failing to comply with their obligations through a contract between themselves and their controller (KADOE here). So to show that the parking company is liable personally and not the DVLA, you would need to evidence they are a data controller and had some kind of discretion to determine how they used the personal data (at this point they become both a processor and controller).
Knowledge of the breach or whether one would occur is irrelevant, the DVLA is automatically in breach as the data controller where the parking company acts outside of the purpose that the information would be released to them (principle 2). Because the processor is not liable under the current DPA, the controller will have sufficient contractual provisions in place which will cover any loss or damage to the DVLA in the event that the parking company has breached the DPA or not used the personal data in accordance with what was agreed. In this case, there are indemnity provisions in the contract which will protect the DVLA from any damage or losses due to the breach.
When the GDPR comes into force next year, it will hold data processors liable as well as controllers though I believe there may be an apportionment level of damages between the controller and processor.
Either way, even if I am wrong, a binding ruling would be beneficial for the individual since you will know whether the parking company is a controller or simply processing the information.
@bargepole, maybe your right because CEL did not turn up but on the flipside, it is a novel argument which I imagine hasn't been fully explored at a higher level so for that reason alone an appeal may be granted.0 -
I'm sure over the coming months this is going to be tested quite vigorously. Motorists are fed up with the misuse of their data in the pursuit of greed. The worm is turning!@bargepole, maybe your right because CEL did not turn up but on the flipside, it is a novel argument which I imagine hasn't been fully explored at a higher level so for that reason alone an appeal may be granted.Please note, we are not a legal advice forum. I personally don't get involved in critiquing court case Defences/Witness Statements, so unable to help on that front. Please don't ask. .
I provide only my personal opinion, it is not a legal opinion, it is simply a personal one. I am not a lawyer.
Give a man a fish, and you feed him for a day; show him how to catch fish, and you feed him for a lifetime.Private Parking Firms - Killing the High Street0 -
This is they key point. If PPCs are data processors rather than data controllers then DVLA is liable for any DPA breach by a PPC regardless of whether the data were provided in good faith. The data controller's obligation is to ensure that its data processors comply with the DPA, not merely to tell them what to do.Knowledge of the breach or whether one would occur is irrelevant, the DVLA is automatically in breach as the data controller where the parking company acts outside of the purpose that the information would be released to them (principle 2). Because the processor is not liable under the current DPA, the controller will have sufficient contractual provisions in place which will cover any loss or damage to the DVLA in the event that the parking company has breached the DPA or not used the personal data in accordance with what was agreed. In this case, there are indemnity provisions in the contract which will protect the DVLA from any damage or losses due to the breach.
This means that DVLA would have to enforce its KADOE contract much more rigorously than it currently does, or face a barrage of DPA claims. The fact that DVLA may be able to recover any damages or compensation from the PPC is unimportant. The political damage of a finding that DVLA is in breach of the DPA by not enforcing its own rules would be huge. It would only take one successful case to force them to act.
In future DPA claims (but probably not counterclaims) it may be a good idea to include DVLA as a party to the claim, as well as the PPC. If the judge finds that a DPA breach has been proven, the judge would then have to determine who the data controller was.0 -
I'm guessing a separate claim is probably not what some defendants want on top of an already ongoing claim, as stressful as it might already be.
I've Never had a private parking charge before so I've personally never been through these types of claims but i'd be interested in trying out this theory if there's any dodgy parking areas around birmingham!0 -
Don't forget, your Vehicle Registration Number is personal data, (paragraph 6):-
https://ico.org.uk/media/about-the-ico/consultation-responses/2015/1431796/ico-response-to-dclg-parking-reform-consultation.pdf0 -
I'm guessing a separate claim is probably not what some defendants want on top of an already ongoing claim, as stressful as it might already be.
I've Never had a private parking charge before so I've personally never been through these types of claims but i'd be interested in trying out this theory if there's any dodgy parking areas around birmingham!
Stop for just 5 seconds at BHX - and you could be on your way to at least £750. APCOA, by-laws, not relevant land, non-PoFA and, if you ignore it long enough, get DRP dragged in too.
Nice couple of flights to the sun for you.Please note, we are not a legal advice forum. I personally don't get involved in critiquing court case Defences/Witness Statements, so unable to help on that front. Please don't ask. .
I provide only my personal opinion, it is not a legal opinion, it is simply a personal one. I am not a lawyer.
Give a man a fish, and you feed him for a day; show him how to catch fish, and you feed him for a lifetime.Private Parking Firms - Killing the High Street0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.1K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599.1K Mortgages, Homes & Bills
- 177K Life & Family
- 257.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards