The call comes from the Vehicle Remarketing Association (VRA) after a survey on personal data security on vehicles entering the remarketing process highlighted widespread industry concerns amongst its members.

The survey found that 90% of respondents felt there wasn’t enough clarity and understanding around personal data security protocols and the associated procedures for its removal prior to the vehicle resale.

Additionally, 75% believed that a robust practice for personal data removal was not being applied consistently, with 56% of respondents concluding that the current protocols did not ensure adequate protection for the end-user of the vehicle.

Asked the fundamental question of who is ultimately responsible for the removal of personal data in vehicles, 59% of respondents said they believe it is the responsibility of the driver to do so prior to handing over their vehicles, with the balance saying that it should either be the inventory owner (OEM or leasing company) or the dealer where the vehicle is subject to a part-exchange transaction.

John Davies, chairman of the VRA, said: “It is quite clear that the remarketing sector as a whole, covering inventory owners and service providers, needs to agree a set of standard protocols for the removal of personal data from returning vehicles. Until this is achieved, we will continue to see uncertainty and more importantly an inconsistent approach to this very important issue.

“Perhaps as a good first step, the corporate inventory owners should highlight the risks to their customers/drivers and issue a clear set of guidelines on why and how to remove personal data stored in vehicles before they are handed over or exchanged for another one.”