parking enforcement agency

joeypesci

This is for a relative that was at a hospital recently. Got a ticket and displayed it but due to being in a panic it must of fallen on the floor in the car so ended up with a fine.


Still has the ticket and of course the fine. However it's with parkingenforcementagency.org where their "Appeals" process is.


I've run through it as a test and the whole site is insecure and a breach of GDPR. They have no mention of GDPR on their privacy page. I've used Fiddler to monitor the traffic while filling in the forms with bogus info. As the whole site is HTTP everything, including the persons name and address is being sent over the net in plain text, another breach of GDPR. Its so easy to intercept the data fields just before sent and send them edited ones.



So how do we appeal this? Don't want to do it via their site due to above, it being one massive GDPR breach. This also makes me wonder how they are storing everyones details. I bet in an unencrypted database.

waamo

Have you considered using a pen, paper, envelope and stamp?

The_Deep

It is not a fine, it is an invoice for the damage suffered by the PPC when the ticket fell.

Pay them not one penny unless a judge orders you to as nine times out of ten these tickets are scams so consider complaining to your MP.

Parliament is well aware of the MO of these private parking companies, and on 15th March 2019 a Bill was enacted to curb the excesses of these shysters. Codes of Practice are being drawn up, an independent appeals service will be set up, and access to the DVLA's date base more rigorously policed, persistent offenders denied access to the DVLA database and unable to operate.

Hopefully life will become impossible for the worst of these scammers, but until this is done you should still complain to your MP, citing the new legislation.

http://www.legislation.gov.uk/ukpga/2019/8/contents/enacted

Just as the clampers were finally closed down, so hopefully will many of these Private Parking Companies.

Also read this

https://www.gov.uk/government/publications/nhs-patient-visitor-and-staff-car-parking-principles/nhs-patient-visitor-and-staff-car-parking-principles

Have they fully complied with the principals?

Quentin

Everyone is asked to read up on this in the newbies faq thread near the top of the forum before starting a new thread

Go there now to get an understanding of the game you are now caught up in and how to deal with this

In particular at this stage you should be taking this up with the hospital/PALS etc

And see if the local paper is interested in this story

joeypesci

I'll speak to the local paper. The new thread was mainly created to point out how insecure their site is.


https://imgur.com/ZXXHevh


The issue here is you can intercept the form before its sent. So if someone is sniffing the traffic on the insecure network you're on "Free WIFI", they can manipulate your form before sending it to the parking company, you'd notice no difference.

waamo

joeypesci wrote: »

I'll speak to the local paper. The new thread was mainly created to point out how insecure their site is.


https://imgur.com/ZXXHevh


The issue here is you can intercept the form before its sent. So if someone is sniffing the traffic on the insecure network you're on "Free WIFI", they can manipulate your form before sending it to the parking company, you'd notice no difference.

Report them to the ICO