UKPC reported for data protection breach

Tech site The Register report that private parking company UKPC have been reported to the Information Commissioner’s Office (ICO) for a potential breach of the Data Protection Act (DPA).

The allegations seem to revolve around the images provided as evidence of a contravention.  As users of this site will know, usually a site requires some basic information as a form of security. In most cases this is the vehicle registration, and the penalty reference. In fact if you visit our UKPC page here you can see from the link that they currently do request this.

On the printed tickets however, it appears that a unique URL is given and this provides direct access to the images without having to enter any other details.  Someone discovered that by changing some of the properties of the URL, other people’s images could be accessed, some of them containing images of personal possessions and ID cards and blue badges etc…

The issue also seems to have been taken up by the website Nutsville, who have since been threatened with legal action by UKPC.



Posted in News

Leave a Reply

Your email address will not be published. Required fields are marked *




Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1 other subscriber