1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Ex fleet car sold with active tracker..

Discussion in 'Motors' started by iamdjdz, Jan 12, 2020.

  1. iamdjdz

    Mobster

    Joined: Nov 24, 2006

    Posts: 4,288

    So, hypothetically of course:

    A fleet car had a tracker installed that was never used but the employee had access to it (and their two colleagues' car locations) at all times. This employee left the business and their car was put up for public sale, then sold. Then the employee logged into the tracker phone app, which auto logged in, without remembering what it was and saw that the tracker was never removed and the new owner has not had the tracker removed so their locations is visible..

    Only the ex employee and potentially their two colleagues who also had trackers and their manager would be aware of this. What way should the ex employee proceed in letting anyone know, and is this a GDPR breach?

    Asking for a friend of course.
     
  2. Malt_Vinegar

    Underboss

    Joined: Oct 20, 2002

    Posts: 15,067

    Location: In a house

  3. peterwalkley

    Mobster

    Joined: Feb 23, 2009

    Posts: 3,321

    Location: South Wirral

    Does your "friend" have a copy of the car keys ;)
     
  4. iamdjdz

    Mobster

    Joined: Nov 24, 2006

    Posts: 4,288

    No, no. In this purely hypothetical situation the friend has recently discovered they still have access to the tracking application, has no other access to anything to do with the car. I think calling the ICO will be a good option.
     
  5. r22snapper

    Hitman

    Joined: Feb 15, 2014

    Posts: 553

    Location: Peterboghorror

    In this purely hypothetical situation, the ex-employee should delete the tracking app that he has no reason for having any more and continue with his life. Maybe asking himself why he is interested in things that no longer concern him.
     
  6. MrPotato

    Wise Guy

    Joined: Mar 5, 2017

    Posts: 1,001

    Location: Cambridge

    This.
    Just wondering what will happen at the end of my lease, as I can remotely lock/unlock the car from my phone, using the Mercedes app.
    Will simply delete it, I guess.
     
  7. paradigm

    Caporegime

    Joined: Aug 26, 2003

    Posts: 35,017

    Location: Staffordshire

    Whilst that is a brilliantly flippant "behind a keyboard" comment, deleting the app from one device isn't going to magically stop this now privately owned car being tracked by other people who shouldn't have access to this data either.

    Would you want your whereabouts, journeys, times travelled and speeds attained being gathered by some random business?
     
  8. r22snapper

    Hitman

    Joined: Feb 15, 2014

    Posts: 553

    Location: Peterboghorror

    It isn't flippant. He should have removed the app as soon as he left the employ of the company concerned. Their data protection issues are their concern, if you wanted to be helpful then let the company know as it seems that they probably aren't even aware. Calling the ICO is a ridiculous over-reaction.
     
  9. Spunkey

    Capodecina

    Joined: Oct 18, 2002

    Posts: 13,967

    Location: The land of milk & beans

    Just gone through this process; when the finance period ends your access to the vehicle via Mercedes Me is removed. If you end the agreement early it takes a day or two for them to manually do it. After it's done you can still access the app, although unless you buy another Merc it'll be empty.
     
  10. MrPotato

    Wise Guy

    Joined: Mar 5, 2017

    Posts: 1,001

    Location: Cambridge

    Good to know, thanks for the info.
     
  11. iamdjdz

    Mobster

    Joined: Nov 24, 2006

    Posts: 4,288

    In this again hypothesis, the ex employee removed the app after having rediscovered it and let his ex employers know. However said ex employee could have been pretty shocked that the main tracking application for his fleet of colleagues had not been switched off when a car was put up for sale, and that they still had access, albeit without basis. Ex employee was more shocked in principle that this was allowed and could have contacted the ICO out of genuine concern.