NIP for different driver received Options

[Oh No!]

Hi

Ok I have an s172 addressed to me as RK of car the S172 it details. All correct. This was at the front of pack so my address through envelope window. Simple enough so far.

Second sheet has the NIP. Different car, different Name and an different address on NIP. Presumably these are all correct, but for somebody else! Absolutely no connection to me in any way. Random.

Both sheets have different NIP/Document numbers. Received pack around day 9 of alleged speeding offence. A further week has now passed. No other communications received or sent back.

How do I proceed folks?
Thanks

[Advertisement]

[Oh No!]

Hi thanks Andy. You have 'got it' exactly as you describe. Based on what my alleged offence would be should determine the appropriate response - they may well have offered a SAC for example but I can't of course know this with the documentation I have? Therefore to complete an s172 based on trying to join the dots *may* not be a smart move in this case? Anyway i'll sleep on it..

This post has been edited by Oh No!: Wed, 11 Dec 2019 - 02:23

[The Rookie]

. I would suggest a letter explaining that he has received somebody else's NIP with an s. 172 response form with his details on but no time, date or location, and no NIP of his own - with copies of the documents.

I concur exactly.

I'd suggest posting that about 12 days after the paperwork was received, well within the 28 days allowed but too late for them to correct it.

[Oh No!]

Hi again. Never sent my response off to them as they sent me a letter saying the comms they sent are cancelled. No further action. Happy Xmas to them I say 😀

This post has been edited by Oh No!: Sat, 14 Dec 2019 - 13:37

[Juan Carr]

Hi again. Never sent my response off to them as they sent me a letter saying the comms they sent are cancelled. No further action. Happy Xmas to them I say ������

As someone else has already pointed out, the envelope stuffing is all automated and if it's gone out of synch then there will be dozens, possibly hundreds, of people in the same boat.

A major DPA breach; someone else has your details together with the car you drive.

Imagine if you owned a £70k desirable car and now someone else, whose intentions may not be honourable, knows exactly where to get their hands on one.

I'd report the matter to the ICO.

[Fredd]

As someone else has already pointed out, the envelope stuffing is all automated and if it's gone out of synch then there will be dozens, possibly hundreds, of people in the same boat.

A major DPA breach; someone else has your details together with the car you drive.

Imagine if you owned a £70k desirable car and now someone else, whose intentions may not be honourable, knows exactly where to get their hands on one.

I'd report the matter to the ICO.

Pure speculation: you don't know how this has happened or how many people have been affected - for all you know it could just be two. While it may be a DPA breach it seems unlikely that the number would ever be large enough, or the sensitivity of the information high enough, for it to be considered a major breach. The OP could certainly complain to the ICO if they wanted to, although at the moment they don't actually know that their data has been disclosed.

As for the fanciful tracking down of the location of a hypothetical "desirable" car, it would be trivial to locate one just by driving around and looking for one on the street, in car parks, on driveways, driving down the road, ......... And that's ignoring the fact that it would be very unwise to nick a car using information that the police would know they'd provided to you.

[Juan Carr]

Pure speculation: you don't know how this has happened or how many people have been affected - for all you know it could just be two.

Ah, so that's ok then.

While it may be a DPA breach it seems unlikely that the number would ever be large enough, or the sensitivity of the information high enough, for it to be considered a major breach. The OP could certainly complain to the ICO if they wanted to, although at the moment they don't actually know that their data has been disclosed.

I can *guarantee* that if the OP has received someone else's personal information then someone else has received his/hers.

As for the fanciful tracking down of the location of a hypothetical "desirable" car, it would be trivial to locate one just by driving around and looking for one on the street, in car parks, on driveways, driving down the road, ......... And that's ignoring the fact that it would be very unwise to nick a car using information that the police would know they'd provided to you.

Yes but if I *choose* to park my £70k desirable car on my driveway then that's *my* choice as to whether the local scotes eyeball it.

I certainly don't expect the fact that I own said vehicle to be provided to a third party without my permission. That's why we have the DPA.

[Fredd]

Pure speculation: you don't know how this has happened or how many people have been affected - for all you know it could just be two.

Ah, so that's ok then.

I never said it was OK. But two would not be a "major" data breach, would it?

While it may be a DPA breach it seems unlikely that the number would ever be large enough, or the sensitivity of the information high enough, for it to be considered a major breach. The OP could certainly complain to the ICO if they wanted to, although at the moment they don't actually know that their data has been disclosed.

I can *guarantee* that if the OP has received someone else's personal information then someone else has received his/hers.

No you can't - you're assuming that if the OP got someone else's details, then someone else got the OP's. Maybe likely, but you can't guarantee it.

As for the fanciful tracking down of the location of a hypothetical "desirable" car, it would be trivial to locate one just by driving around and looking for one on the street, in car parks, on driveways, driving down the road, ......... And that's ignoring the fact that it would be very unwise to nick a car using information that the police would know they'd provided to you.

Yes but if I *choose* to park my £70k desirable car on my driveway then that's *my* choice as to whether the local scotes eyeball it.

Unless it's a museum piece it's going to be out in the wide world for anyone to see - including any local scrotes. You're exaggerating the impact.

[patdavies]

Pure speculation: you don't know how this has happened or how many people have been affected - for all you know it could just be two.

Ah, so that's ok then.

I never said it was OK. But two would not be a "major" data breach, would it?

While it may be a DPA breach it seems unlikely that the number would ever be large enough, or the sensitivity of the information high enough, for it to be considered a major breach. The OP could certainly complain to the ICO if they wanted to, although at the moment they don't actually know that their data has been disclosed.

I can *guarantee* that if the OP has received someone else's personal information then someone else has received his/hers.

No you can't - you're assuming that if the OP got someone else's details, then someone else got the OP's. Maybe likely, but you can't guarantee it.

As for the fanciful tracking down of the location of a hypothetical "desirable" car, it would be trivial to locate one just by driving around and looking for one on the street, in car parks, on driveways, driving down the road, ......... And that's ignoring the fact that it would be very unwise to nick a car using information that the police would know they'd provided to you.

Yes but if I *choose* to park my £70k desirable car on my driveway then that's *my* choice as to whether the local scotes eyeball it.

Unless it's a museum piece it's going to be out in the wide world for anyone to see - including any local scrotes. You're exaggerating the impact.

All irrelevant. It does not need to be a major breach to still be a breach of the legislation. A major breach simply has an additional requirement having to self-report by the data controller within a set time frame. It doesn't mean the offence is irrelevant or can simply be ignored.

The other driver's NIP has exposed the other driver's personal details; the offence is complete. The OP cannot know if this is a single occurrence or an major breach; he can ony report the breach for which he has the evidence and should promptly do so.

I respond with the training and experience of a data controller

This post has been edited by patdavies: Tue, 17 Dec 2019 - 18:49

[Fredd]

All irrelevant. It does not need to be a major breach to still be a breach of the legislation. A major breach simply has an additional requirement having to self-report by the data controller within a set time frame. It doesn't mean the offence is irrelevant or can simply be ignored.

The other driver's NIP has exposed the other driver's personal details; the offence is complete. The OP cannot know if this is a single occurrence or an major breach; he can ony report the breach for which he has the evidence and should promptly do so.

I respond with the training and experience of a data controller

Has the ability to read and comprehend the written word been lost? I didn't say it wasn't a breach, I said there wasn't any evidence that it was anything that could be considered to be a major breach, as the gung-ho post I was replying to had stated. And you're not the only data controller around here, you know.