A recent survey of its members by the Vehicle Remarketing Association (VRA), specifically about personal data security on vehicles entering the remarketing process, has highlighted a widespread concern that this is still an issue for the sector.
The survey reported that 90% of respondents felt there wasn’t enough clarity and understanding around personal data security protocols and the associated procedures for its removal prior to the vehicle resale.
Additionally, 75% believed that a robust practice for personal data removal was not being applied consistently, with 56% of respondents concluding that the current protocols did not ensure adequate protection for the end-user of the vehicle.
At the heart of the issue is the fundamental question of who is ultimately responsible for the removal of personal data in vehicles. The survey shows that 59% of respondents believe it is the responsibility of the driver to do so prior to handing over their vehicles, with the balance saying that it should either be the inventory owner (OEM or leasing company) or the dealer where there the vehicle is subject to a part-exchange transaction.
John Davies, Chairman of the VRA, said “It is quite clear that the remarketing sector as a whole, covering inventory owners and service providers, needs to agree a set of standard protocols for the removal of personal data from returning vehicles. Until this is achieved, we will continue to see uncertainty and more importantly an inconsistent approach to this very important issue. Perhaps as a good first step, the corporate inventory owners should highlight the risks to their customers/drivers and issue a clear set of guidelines on why and how to remove personal data stored in vehicles before they are handed over or exchanged for another one.”