Not sure what your point is there.
A further erosion of privacy, which was made without real debate about the privacy impact, has proved the authorities can’t be trusted with any more data than is absolutely essential.
The point being that whilst there will be those who object to vehicle tracking as a privacy issue that they have kind of missed the boat in that it's already happened.
That said if they engaged in the process of developing the system then they could ensure that the system had failsafes built in to anonymise the data.
For instance having a database of where vehicles travel which looks up a numberplate on a second database and stores the vehicles ID tag (which is different to the numberplate, but doesn't store the numberplate), which then integrates third database which identifies the payment class of the roads. This is then output to a fourth database which then calculates the value to charge the owner of a vehicle and outputs this value. Then and only then is this output then fed into the database as to who owes what.
In doing so, as long as each database is secured separately and with different access systems then if any one database is comprised then it's hard to identify who is where and when.
For instance you may get vehicle identifiers and location or location and value or value and vehicle identifiers or vehicle identifiers and person or person and value.
However to have anything of use you would likely need to have 2 or more databases. To make it harder to link up you could even add in another database which issues for storage 1 of 1,000 ID tags for each vehicle, therefore in doing so you've got to search for a lot of different tags within the database.
This would mean that you could over the course of a year the vehicle is only identified as one tag for up to 9 hours. In reality the tag time would be much smaller as few vehicles are used 24/7. Chances are that, for a car doing 20,000 miles a year averaging 30mph that there would be a tag time of 40 minutes each year.
To further break up the data you could have the storage for different areas being stored separately to each other. This would likely be geographic and by road type (i.e. storing the data for the West Country strategic road network separately from county roads, all of which is stored separately from that of another region. This would mean that whilst you might be able to see what any given vehicle is doing those 40 minutes of tag data could be split across 30 different databases. As such you may not ever have the same tag turn up more than twice in any 12 month period.
Therefore you would need to have access to the tag database as well as the location databases to be able to identify where any vehicle was.
Yes the state could still access all that data, however no one person would be able to use their privilege to their personal advantage.
There's likely to be additional steps which could be added to make things even harder.