Thursday, 25 May 2017

Motorist awarded £900 for data protection breach by parking company

D6GM2199 CEL v Mr B, Bury County Court, before DJ Osborne

This thread on MSE details the story of a motorist awarded £900 because a parking company committed data protection breaches against him.

The parking company was Civil Enforcement Limited (CEL), who have a long history of making bogus inflated court claims and then discontinuing if a robust defence is filed.

Mr B. was the vehicle keeper but was not the driver on the day. As CEL do not use keeper liability, they had not valid claim against the keeper. In addition, and aided bylaw firm Wright Hassall, they artificially inflated the claim from £100 to £300 by adding spurious amounts. Mr B filed a counterclaim for breaches of the data protection act. True to form, CEL discontinued the claim, which left only the counterclaim to be decided.

Barry Beavis assisted Mr B in preparing the paperwork and acting as his lay representative.

The case was heard by DJ Osborne at Bury. The DJ was initially critical of the defendant for failing to file papers and obey court directions.

However, he then interviewed Mr B as witness, establishing the validity of the counterclaim and the distress caused.

In his judgment DJ Osborne ruled a data breach had occurred, the tort of damages was applicable and that £500 was not an unreasonable amount in the circumstances.

He added an additional £405 in costs, part of which were awarded under rule 27.14.2(g) for the unreasonable behaviour of CEL.

He also stated he was disappointed in the claimant bringing an unfounded case, and in the behaviour of Wright Hassall who were otherwise a respectable law firm.

Prankster Notes

It is important to obey all court instructions. Witness statements and evidence need to be filed on time, otherwise a winning case can be lost by procedural errors.

A number of cases have now established that a data protection breach can occur when a parking company pursues a charge which is not valid, or an over-inflated charge, or both.

The size of damages will depend on the facts of each individual case .This case establishes that a claim of £500 is not unreasonable for the particular circumstances of today's case.

Happy Parking

The Parking Prankster


  1. Nice bit of weight added to what must surely be an eventual surge of (counter)claims against the huge number of spurious cases roboclaimed by the likes of Gallstones, SCS (don't they sell furniture and beds?), BWL and that ever so 'highly respectable' Wright Hassall.

    PPCs are not going to be happy with the legals who have prostituted themselves to them. But where will they then turn?

  2. "and in the behaviour of Wright Hassall who were otherwise a respectable law firm."

    Stop laughing at the back.... :)

    1. One word too many,the word Otherwise no longer applies to WH.They were a respectable law firm.Until now.
      I'm just waiting for VCS to pursue me.They know I will counterclaim for £750:00.They have it in writing.

  3. Actually they are, they are a very large firm who have been going for years doing reputable work, so that statement is correct in that other than their wholly unprofessional PPC work they are a reputable firm.

    So the whole debacle will have cost CEL circa £1200!

    1. They just need 12 people to pay CEL parking charges then they break even.Until next time.

  4. Is that the sound of floodgates opening? I do hope so.

    1. It's ábout time thew tables were turned......Maybe this case is the start of it.

  5. This comment has been removed by the author.

  6. Interesting further discussion taking place on the MSE thread:
    This is about whether the PPC or the DVLA is the Data Controller for the purposes of the DPA, as a claim for a breach of the DPA should be against the Data Controller rather than the Data Processor.
    The DVLA appear to have anticipated the possibility of such claims by including a clause in the KADOE contract stating that once the PPC has obtained data from the DVLA, they will then become the Data Controller.
    A very interesting read!

    1. Cunningly the ICO also made this clear.
      "“data controller” means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be processed"