Jan 11 2016

Harrow Council Eyes Up PayPal Data; Starts Slurping

harrow_council_brokenAccording to the latest Paypal privacy policy, it seems Harrow Council is looking at paying benefit payments into residents’ Paypal accounts. On the face of it, this seems an excellent idea, and a way that the Council could streamline it’s payments to make life easier for residents.

But, it’s more worrying that that.

Paypal, in the policy, say that they will share “all account information” with the Council. Looking elsewhere in the policy, virtually no other organisation has such wide-ranging access to Paypal’s data.

Paypal users get little say in this: by continuing to use Paypal, users are deemed to accept this policy, when it comes into affect in late February.

The scope of the information handed over to the council doesn’t appear to be limited in any way, shape or form: other agreements, with other organisations, seem to limit the extent of the information handed over. For example, the agreement with Vodafone, which is clearly stated as being for the “management of the Vodafone wallet”, limits the data to just customer name, address, payment method and email address (plus a few others). Harrow, it seems, will take everything it gets.

paypal_policyThe data available would be a superb insight into a resident’s habits, and may even help to reduce fraudulent claims. A resident may, of course, be running an online sales operation, and keeping cash flowing through their Paypal account away from prying eyes – and that’s the sort of data that the Council would give it’s right arm for. But isn’t there a more ominous reason behind this? Isn’t it snooping on the presumed innocent resident, who perhaps doesn’t want their transactions spread far and wide by the council? The council, of course, doesn’t have a stellar record of keeping private stuff private, having happily once published a letter from an elderly Harrow resident (including her name and address) who complained about the shenanigans at a local drinking establishment. Harrow are on record with 44 data breaches or losses, according to a Big Brother Watch report in August 2015. Would YOU trust the council with YOUR data?


No other council has obtained such unfettered access to Paypal data, according to the privacy policy. The council has refused to comment.

Hat tip to DD for the heads up on this one.

(Visited 43 times, 1 visits today)