An individual has the right to reasonable protection of their data, or data that relates to them, or through which they or their activities can be personally identified. In this context, ‘protection’ means both security against unauthorised access or accidental release, and deliberate publishing, release into the public domain, or passing on to a third party by sale or otherwise. If individual vehicles are being tracked with GPS/GPRS technology either with or without the driver’s express consent, that data still relates to a specific individual and its use and dissemination is covered by the Data Protection and Privacy Acts.
It is entirely legal for a company or a business owner to put vehicle tracking systems in place. They may or may not tell the drivers on staff about the vehicle tracking system or seek their opinions on it before installation. Either option is legal- it is not necessary to get written or even spoken consent before tracking a driver through a van tracking system. It is not legally necessary to let them know their company vehicle will be tracked, or to tell them that it has been tracked. The data relating to that track, however, must be kept safe and suitably private.
For most companies installing vehicle tracking devices and software, the letter of the law will never become an issue. This is especially true when they do choose to let their drivers know about the surveillance in advance- if drivers that are caught with evidence of misconduct they are far more likely to raise privacy and data protection issues.
Staying within the letter of the Privacy Act and the Data Protection Act is not difficult. As long as care is taken over who has access to the data collected in the context of vehicle tracking, few companies will encounter problems. As a simple guideline businesses should restrict access only to those within the company- and then only those individuals who need to see it for analytical or managerial reasons.