I’m not sure we can blame London here. A driver breaks a rule, TFL sends to Euro parking, Euro parking request the drivers details from the appropriate agency in their country, the country sends the details, they issue a fine.
That seems pretty standard to me? I think the only argument is against the organisations in the countries possibly if they’re not supposed to share.
This is the best summary I could come up with:
The Guardian can reveal Transport for London (TfL) has been accused by five EU countries of illegally obtaining the names and addresses of their citizens in order to issue the fines, with more than 320,000 penalties, some totalling thousands of euros, sent out since 2021.
Transport authorities in Belgium, Spain, Germany and the Netherlands have confirmed to the Guardian that driver data cannot be shared with the UK for enforcement of London’s ultra-low emission zone (Ulez), and claim registered keeper details were obtained illegally by agents acting for TfL’s contractor Euro Parking Collection.
TfL said that despite an absence of individual data-sharing agreements with EU countries, “local laws” allowed authorities to share vehicle owner information with the UK for the enforcement of traffic regulations.
The firm is owned by the US transport technology group Verra Mobility, which is listed on the Nasdaq stock exchange and headed by the former Bank of America Merrill Lynch executive David Roberts.
In October, the Belgian government ordered a criminal investigation after a court bailiff was accused of illegally passing the details of 20,000 drivers to Euro Parking for Ulez enforcement.
“Euro Parking obtained the data through unlawful use of an EU directive to facilitate the cross-border exchange of information about traffic offences that endanger road safety,” a KBA spokesperson said.
The original article contains 1,267 words, the summary contains 216 words. Saved 83%. I’m a bot and I’m open source!
OK, we have all the details, wrong doers, and corrupts. When can we expect them to be held legally accountable?
When a company based out of the US mishandles data from EU citizens in the UK, that tends to take a while.
Sorry, you might have misunderstood my point. The long processing time is “fine” if it happens at all. The issue I’m trying to bring up is that in most cases these acts end without real consequences or punishment, so any greedy newcomer repeats it.
Example of what I’d like to happen: Euro Parking contract will not be renewed, and the company will be banned for 10 years to have any contracts with TfL or any other agency.
Set precedent by law, not just a slap in the wrist, so they think twice instead of writing it off as a business expense.
Personally I am a big proponent of introducing a corporate death penalty for particularly severe crimes of corporations, as in, the corporation gets dissolved, every employee gets fired and every asset gets auctioned off. That might convince some more employees not to silently watch when they see illegal things happen internally.
… or it might incentivize more employees to cover up those illegal things happening because they don’t want to get fired.
Most whistleblowers today already don’t really assume they will be able to continue working for the company.
Fuuuucking hell what a terrible article. Here’s the pertinent paragraph:
Campaigners accuse Euro Parking of circumventing data protection rules by using EU-based agents to request driver data without disclosing that it is for UK enforcement.
TFL contracts Euro Parking to send fines to people. Euro Parking is based in the EU, and uses that fact to obtain information about European drivers, which TFL ultimately should not have access to.
Here’s the thing, it is the data CONTROLLER’S job to control data. You can make all the requests you want and it’s up to the party that holds the data to make sure that request is legitimate. The breach is on their side.
I guess there is an argument that this information has been obtained under false pretenses. If that’s true, it’s still got nothing to do with TFL. I guarantee there’s a contract term about complying with all relevant laws.
I can feel the Facebook emojis piling up by the second 😡 🤬 😡
British authorities really don’t seem to be giving EU citizens a break
I mean, it’s worth being clear: these are EU citizens who did break the rules, in terms of not registering their (supposedly ULEZ-compliant) cars before driving into the ULEZ zone in London as they are required to. For UK-registered cars, TFL can determine ULEZ compliance directly from the domestic car registry database, which they can’t for foreign cars.
The complaint against TFL is much narrower: the company they used to chase down these rule breakers then itself seems to have broken data protection rules, since ULEZ breaches are civil not criminal matters and so the relevant EU rules didn’t allow for their information to be shared.
But at its core - if these people had just registered their cars as required before they drove into London, none of this would be an issue. It’s not about UK authorities unfairly targeting EU citizens (not least as it’s London we’re talking about - Remainer central!)