Personal information 'left on car hard drives'

26 June 2012

Posted by Samuel Couratin

Fleet operators have been warned of potential data protection breaches caused by personal information being left on the internal hard drives of cars that are then put up for resale.

The Vehicle Remarketing Association (VRA) pointed out that an increasing amount of data is being retained by cars' internal memory, with everything from phone books to personal addresses held by these systems due to ongoing advances in satnavs, entertainment devices and phone kits.

It is up to the driver to delete any sensitive information before a vehicle is returned to the franchised dealer, leasing company or rental firm, but the VRA stressed that this does not always happen.

In a bid to protect its members from passing over personal details when a car is handed over for remarketing, the organization has issued a series of recommended measures that will help to avoid possible recriminations under the Data Protection Act.

Wording should be included in all master hire agreements and customer contracts informing drivers of their obligations, the VRA explained, while firms should seek signed confirmation at the end of the hire period declaring that all data has been removed.

John Davies, Chairman of the VRA, said the body is yet to come across any major instances in which data has been misused after being left on a car's hard drive.

However, he stressed: "This won't be the case forever. We have, for example, seen an instance where a car buyer traced the previous company car driver to his home address to ask more details about the used car he had just purchased at auction."

It would be particularly concerning if information relating to a figure in the public eye was left in a vehicle's memory, Mr Davies noted.

The warning could be particularly relevant given that VRA figures show used ex-fleet and light commercial vehicle sales saw a consistent boost in May.