According to Tim March's blog around a week ago, the good folks at City of Charles Sturt Council (located just north west of the centre of Adelaide) imposed a parking infringement notice upon an 'acquaintance' of his. It was for $320 for parking in a disabled space (silly lad!).
Out of the goodness of their hearts the council provided a link where this acquaintance could make payment with his credit card. All he need supply was the six-digit "Ticket Number" included on the "Expiation Notice."
All well and good.
What became immediately obvious, as he perused the "eight-by-ten colour glossies with a paragraph on the back of…" sorry, wrong song. What became immediately obvious as he checked the details, including a time-stamped photo of his offending vehicle was that the "Ticket Number" was clearly part of the URL; indeed he had supplied nothing else when requesting access to pay the fine.
The council never replied.
It would be a simple matter to write a script to trawl through the entire set of outstanding infringement notices (testing by iTWire showed that attempts to access non-current Ticket Numbers resulted in an error message) and using some form of OCR, digitise the clearly-photographed number plate. This will make details of the 'crime' readily available to all and sundry.
There is also an expectation that this information is private between the council and the infringing driver; but this too is subverted. In fact with this thought in mind, we should look at the Commonwealth Privacy Act; the council is in clear breach of National Privacy Principle 4.1. According to the summary, NPP 4.1 "provides that an organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure."
The City of Charles Sturt Council has been contacted and we await their response with interest.