Author Topic: Havering Council breaching Data Protection legistlation -  (Read 612 times)

0 Members and 1 Guest are viewing this topic.

Offline fraja

  • Civilian
  • *
  • Posts: 1
Havering Council breaching Data Protection legistlation -
« on: 08 December, 2019, 05:31:04 PM »
Hello,


An investigation by the ICO into a complaint regarding processing of personal information deemed that the processing that was outside the legislation used to issue fines was unlawful as it breached Data Protection legislation.

The LLA 2003 act under which PCNs are issued states a limitation of 28 days in which the Council has to issue PCNs. The act also has a clause which allows the Council to issue up to 6 months, but for this to apply the Council must've requested keeper details within 14 days of the incident date and that the DVLA did not reply to the request.

In the case that was presented to the ICO, the PCN was issued 47 days after the incident. Records from the DVLA showed that the initial request for keeper details was after 14 days. The DVLA have also confirmed response of the request, but Havering's systems failed to process the request. The Council then acted unlawfully breaching Data Protection laws by requesting details again outside of the 28 day limitation window and issuing a PCN 47 days after the incident.

The matter was presented to Havering's CEO Mr Blake-Herbert, his response stated that although the Council cancelled the PCN it had been issued lawfully inline with LLA2003 act and Local Councils code of conduct.

The investigation by the ICO disagreed with this and found that Havering Council had breached Data Protection laws by processing personal data without a lawful basis.

Havering Council have since accepted this finding, issued an apology and said that the 'error' was rare.

A Freedom of Information request had been made to Havering Council asking how many PCNs had been issued outside of the 28 day window. They refused to answer this question stating that they do not have this information as their database was not designed to record it.
https://www.whatdotheyknow.com/request/penalty_charge_notice_requests_f_2#incoming-1260333

However, the DVLA were able to assist through a FOI request. They provided details of every request for keeper details made by Havering Council from Jan 2016 to May 2019.
Analysis of this data showed that there were 288 identical requests for data that matched that date that the ICO deemed to be unlawful.
https://www.whatdotheyknow.com/request/london_borough_of_havering_reque_2#incoming-1387027

In total at least 4500 and upto 9000 anomalies have been found for the period Jan 2016 to May 2019.

Havering Council maintain that the DVLA did not respond via the to the automated overnight batch system KADOE. However, an investigation by the DVLA confirmed that a response was given, just not processed by Havering Council.

Havering Council had configured their systems to wait 21 days before requesting again. These may have the effect of potential repeat offences and further PCNs rather than aiming to alter driver behaviour as is the intended use as they claim. It also could have the effect that revenue that should've been collected in a certain financial quarter would be collected in the next quarter, which may also be a side-effect of such delays.

Analysis of the data showed two large spikes 6 months apart around March 2017 and November 2017. There is a constant number of requests being made each week until April 2019 when the number of requests is zero for the final 3 weeks of the data.

Havering Council have subsequently stated that they have issued over 13,000 PCNs after 28 days
The CEO Mr Blake-Herbert has refused to investigate the matter.


I suspect that this scam of trying to use the 6 month loophole is also being used by other Councils.

I notice that this forum had commented on a case for Newham Council
https://www.bbc.co.uk/news/uk-england-london-26757327

So I'm looking for supports here...attached is my analysis of the data obtained from the DVLA






 
« Last Edit: 08 December, 2019, 05:41:39 PM by fraja »

Offline 2b1ask1

  • Follower
  • **
  • Posts: 200
Re: Havering Council breaching Data Protection legistlation -
« Reply #1 on: 09 December, 2019, 11:37:43 AM »
Hi, a cracking bit of investigative work; how do we bring Havering to account?

I also find it very hard to believe this would be limited to LB Havering alone.
Willing to do my bit...

Offline scalyback

  • Follower
  • **
  • Posts: 317
Re: Havering Council breaching Data Protection legistlation -
« Reply #2 on: 20 December, 2019, 11:29:21 AM »
Havering are wavering.
Hopefully, they will fix their systems…

 


Supporters of the NoToMob

In order to view this object you need Flash Player 9+ support!

Get Adobe Flash player