I’ve really messed up and am worried sick

[AlterEgo]

Hi, yes the ticket I had is an E-ticket and this was scanned. Purchased in my Trainline account with a card in my name

If it’s an e-ticket bought on your account and shown on your phone you are best waiting until you are contacted by the train company. Do not contact them in the meantime.

However, you should be honest with us - how many times have you bought the ticket with that discount?

Forum - when was the last time someone was actually taken to court in this forum, by Northern, after having engaged with paperwork when it arrived?

 

[Jammeeget]

What am I best doing?

1) Contact your friend, tell them what has happened and that they should expect a letter in the postbox from the rail company.

2) Contact the rail company, explaining what you have done, tell them the truth.

3) Cross your fingers and hope they don’t go too hard on you.

 

[Trainman66]

If it’s an e-ticket bought on your account and shown on your phone you are best waiting until you are contacted by the train company. Do not contact them in the meantime.

However, you should be honest with us - how many times have you bought the ticket with that discount?

Forum - when was the last time someone was actually taken to court in this forum, by Northern, after having engaged with paperwork when it arrived?

I’ve brought it a handful of times. No more than 6

 

[Haywain]

I’ve brought it a handful of times. No more than 6

That's quite a few, and suggests that your claim that you added the discount accidentally isn't entirely true.

 

[6Gman]

Why is the advice bad? It's the most practical advice. I'm not saying that what the OP did was right, but what's done is done, and does he really need to incriminate himself? The reality is that the railway company will just give up on this over £1.50. Tracing the OP is too difficult. Who goes to the Police Station and says - The road was empty, there was no police and I know that the speed camera is broken, so I was speeding last night, I wish to hand myself in.

== Doublepost prevention - post automatically merged: 10 Mar 2022 ==

The friend cannot incriminate the OP, unless the friend was there and witnessed it himself. The railway company are not even going to ask him who he thinks it might have been.

We often have posts on here from people who have to spend time and effort (and incur worry) trying to clear their names after somebody has given their name and address.

The decision lies with the OP but what sort of "friend" puts someone through that?

 

[Islineclear3_1]

If this goes to court, you "may" be able to plead for an out of court settlement prior to your case being heard. So I would start saving as it will cost you

 

[Wethebest838]

We often have posts on here from people who have to spend time and effort (and incur worry) trying to clear their names after somebody has given their name and address.

The decision lies with the OP but what sort of "friend" puts someone through that?

That’s so true. It’s really tragic.

 

[Feuillesmortes]

details of the transaction, and even if they are prepared to release them without a court order

Further reading about data sharing here:

Data sharing - which rail ticket suppliers release previous journey history to investigators?

It is known that investigators submit data access requests "under Schedule 2 Part 1 Paragraph of the DPA 2018 and GDPR Article 6 (1)(d) to various rail ticket suppliers". Some of us might be unhappy to be investigated for any esoteric tickets/routes after the event. Which of the suppliers...

www.railforums.co.uk

 

[jon0844]

What am I best doing?

Not taking the advice of LucyP, because Trainline WILL cooperate with a request for details (and indeed, they are actively notifying TOCs of suspicious behaviour, such as people buying short tickets and getting refunds on e-tickets not scanned), so if you believe that you can just stay quiet and hope the problem goes away because of some ignorant understanding of GDPR, you'll end up in a far worse situation.

An awful lot of people are going to be finding out the hard way that buying tickets online leaves a huge data trail. If you've done anything dodgy before, or perhaps regularly, once you're caught once - you'll be done for the lot - just as skyhigh has already said.

If you've done it six times already, they'll soon know this - and who you really are.

 

[Trainman66]

Not taking the advice of LucyP, because Trainline WILL cooperate with a request for details (and indeed, they are actively notifying TOCs of suspicious behaviour, such as people buying short tickets and getting refunds on e-tickets not scanned), so if you believe that you can just stay quiet and hope the problem goes away because of some ignorant understanding of GDPR, you'll end up in a far worse situation.

An awful lot of people are going to be finding out the hard way that buying tickets online leaves a huge data trail. If you've done anything dodgy before, or perhaps regularly, once you're caught once - you'll be done for the lot - just as skyhigh has already said.

If you've done it six times already, they'll soon know this - and who you really are.

Thanks Jon I know I’ve done wrong. I’m phoning the rail company today and seeing if I can update the travel report with my details

 

[flythetube]

I travelled with Northern the other day and I got a travel report.
This was because I stupidly purchased a ticket and accidentally added a job centre plus travel card to my booking. Genuinely didn’t even know it was added until I got stopped at the gate by a ticket inspector.

It only saved me £1.50 too!

I panicked in the heat of the moment and told the guard that I didn’t have the job centre pass on my phone when he asked and i said it was on my friends phone who had already gone through which was a lie.

The truth is I don’t have a job centre pass at all.

I feel so bad and I deserve to probably go to court over this but is there anyway I am going to be able to settle this out of court?


I was drunk and also stupidly gave my friends name and address. Can I get this updated to mine somehow without being prosecuted. I’ve got myself into a right mess here!

Worried sick and not been able to sleep.

I panicked in the heat of the moment and told the guard that I didn’t have the job centre pass on my phone when he asked and i said it was on my friends phone who had already gone through which was a lie.

As far as I am aware, the Job Centre Passes are physical cards issued within the Job Centre face to face where you need to bring 2 x Passport Photo’s with you.

I don’t think they are available as digital cards viewable on a phone, so claiming you didn’t have it on your phone raised flags, double confounded by then claiming it was on your friends phone, which it never could have been!!!

 

[island]

Keeping card details is a breach of GDPR so they won't have them

Wrong. Card payment details can be kept (securely) for the purpose of storing them for future payments (if the cardholder agrees), for the purpose of giving refunds, and for audit logs.

So the rail company don't have your details, and Trainline would be breaching GDPR to give your details to them.

Wrong. Trainline can share the OP's details with the train company in conjunction with the investigation of a crime.

I don’t think they are available as digital cards viewable on a phone, so claiming you didn’t have it on your phone raised flags, double confounded by then claiming it was on your friends phone, which it never could have been!!!

Correct.

== Doublepost prevention - post automatically merged: 11 Mar 2022 ==

I’ve brought it a handful of times. No more than 6

That stretches your initial claim that this was an "accident" to the very bounds of credibility.

 

[AlterEgo]

Thanks Jon I know I’ve done wrong. I’m phoning the rail company today and seeing if I can update the travel report with my details

That’s up to you, but how will they know you are who you say you are and were the person stopped?

If I get stopped and give my correct details to RPI, what’s to stop me ringing up a week later and saying I’m someone else?

If the train company didn’t take any steps to positively identify you that’s on them.

If the company kept the details of your e-ticket scan they’ll come for you eventually anyway, although I am skeptical they did. They didn’t even bother reconciling your details with those recorded on the ticket at the time.

I’d be inclined to wait for correspondence rather than effectively walking yourself into a prosecution situation.

 

[jon0844]

Assuming staff didn't make a note of what the person looked like, was wearing, the time (so to possibly get a still from CCTV) then you may be right that they'll write to the wrong address and then give up.

Or they'll get the details from Trainline and write to that person, and you can then deny being that person or that someone else must have produced the ticket. And then you have to hope they can't still access the CCTV or won't have already marked it for possible use later.

At the end of the day, the OP can do what they want and take the risk if they so wish. It doesn't affect me or you.

I suppose if the OP can and does get away with it, they will have to be careful not to be spotted by staff again in the future.

 

[LucyP]

In spite of what others say on here, unless the OP saved his card on the site for future use, Trainline will not have retained his card details. Even if they have, they cannot release the data without a Court Order because it would be a breach of the GDPR to do so, because there is no law enforcement process instigated against the OP, because the railway company do not know who he is. It would be tantamount to assisting in a fishing expedition, which is not permitted. Furthermore, that data only proves whose card was used to purchase the ticket. It does not prove who purchased the ticket, and most importantly who was actually using the ticket to travel on the train. It would not therefore be justified to release the data, even it they have it. And even if it did and the data was released, the card holder is under no obligation to say who they bought the ticket for, even if they know. I might buy lots of tickets for lots of friends often. I might travel with one group on one weekend and another on another. I buy all the tickets and they refund me the money. I might not even remember who I travelled with on a particular date and who I bought the tickets for.

People on this site just believe that they know the law and the reality and too easily give up. That is why people without money just plead guilty to road traffic offences, whereas the footballers and celebrities hire the Nick (Mr Loophole) Freeman, and do not give up without a fight, because they can afford his fees and understand his track record.

It is for any prosecution to a prove a case beyond reasonable doubt, i.e. so that the court are sure. And in a case of a £1.50, where the railway company has no idea of who committed the offence, and have no reasonable prospect of finding out who it was and where the cost and difficulty exceeds the money at stake, this matter cannot be taken forward.

 

[skyhigh]

Even if they have, they cannot release the data without a Court Order because it would be a breach of the GDPR to do so, because there is no law enforcement process instigated against the OP, because the railway company do not know who he is.

Trainline frequently will provide account data to investigating TOCs. Not card number no, but email address, name and postal address absolutely yes they will share that with the TOC.

Furthermore, that data only proves whose card was used to purchase the ticket. It does not prove who purchased the ticket, and most importantly who was actually using the ticket to travel on the train. It would not therefore be justified to release the data, even it they have it. And even if it did and the data was released, the card holder is under no obligation to say who they bought the ticket for, even if they know. I might buy lots of tickets for lots of friends often. I might travel with one group on one weekend and another on another. I buy all the tickets and they refund me the money. I might not even remember who I travelled with on a particular date and who I bought the tickets for.

Have a look at Byelaw 22.

because there is no law enforcement process instigated against the OP,

Is a prosecution under railway byelaws criminal or civil?

It is for any prosecution to a prove a case beyond reasonable doubt

Strict liability?

in a case of a £1.50

£1.50x6 and the OP would likely have carried on if not stopped.

this matter cannot be taken forward

My previous experience suggests you are wrong.

 

[LucyP]

How can they share the information because of GDPR? What are they going to ask for? The details of Mr Bloggs, because the OP (Mr Smith) gave them the details of Bloggs, not Smith. And how does an e-mail address help to identify any one? There was no postal address in this case. The OP said that he downloaded the ticket.

It's a criminal process.

It isn't a strict liability offence. The prosecution have to prove their case.

How does Bylaw 22 assist in this case?

The case cannot be taken forward, because the train company don't know who committed the offence, and unless the OP admits it to them, then how are they going to find out?

 

[ashkeba]

That's quite a few, and suggests that your claim that you added the discount accidentally isn't entirely true.

I think that once a railcard discount is added, the Trainline app just keeps using it, so if it was added accidentally (so-called "wild clicking" or "fat finger" or simply someone taking your phone and playing an awful prank on you) then it could happen a number of times. I remember a past discussion where — on some phones with some settings — the Trainline app is not at all clear that it is claiming a railcard discount, showing only the credit card symbol and the number 1 by it. Would you realise what " 1" meant? (On more phones, it does say something like "16-25 Railcard" or similar, but not all.) So I think accidental discounting is plausible.

Trainline app storing a railcard without the user's knowledge

I was stopped by a Revenue Officer in February 2021 at Stansted Airport having travelled from Guilford. It appears that I have booked a ticket with an Annual Gold Card. I had no knowledge of how to add a rail card on the Trainline app and indeed don't need to because I have no use of a rail...

railforums.co.uk

But the further fraud attempt of giving someone else's name does make me think less likely that this was an accident and I suspect the investigators and courts will also doubt the buyer more.

How can they share the information because of GDPR? What are they going to ask for? The details of Mr Bloggs, because the OP (Mr Smith) gave them the details of Bloggs, not Smith. And how does an e-mail address help to identify any one? There was no postal address in this case. The OP said that he downloaded the ticket.

The inspector probably also noted the ticket details, so they will simply ask Trainline for the buyer's details. Email addresses are regarded as personal data, but the app will know some more than this. They can share the information because GDPR allows sharing data where necessary for vital interests like fraud prevention, but also app users will have agreed that personal details may be shared for combatting crime, which GDPR calls consent.

 

[6Gman]

That’s up to you, but how will they know you are who you say you are and were the person stopped?

If I get stopped and give my correct details to RPI, what’s to stop me ringing up a week later and saying I’m someone else?

If the train company didn’t take any steps to positively identify you that’s on them.

If the company kept the details of your e-ticket scan they’ll come for you eventually anyway, although I am skeptical they did. They didn’t even bother reconciling your details with those recorded on the ticket at the time.

I’d be inclined to wait for correspondence rather than effectively walking yourself into a prosecution situation.

But isn't the correspondence going to go to his friend?

 

[AlterEgo]

But isn't the correspondence going to go to his friend?

The first lot might, yes.

Wait for correspondence. I’ll wager it doesn’t arrive. I’m not convinced the TOC reconciled the ticket data with the person’s details given (they obviously are two different people) at the time of the stop.

So, either the correspondence goes to his friend, or the TOC, while compiling the case, realise the obvious discrepancy and send the correspondence to the OP. This relies on a copy of the eticket being retained or noted at the time of the stop.

 

[LucyP]

"The inspector probably also noted the ticket details, so they will simply ask Trainline for the buyer's details. Email addresses are regarded as personal data, but the app will know some more than this. They can share the information because GDPR allows sharing data where necessary for vital interests like fraud prevention, but also app users will have agreed that personal details may be shared for combatting crime, which GDPR calls consent."

Sorry but you're just making that up. Please show me where there is a "vital interests" clause in the GDPR. Please also show me the app user agreement that says that a person's details can be "shared for combatting crime". So if I buy a train ticket for the 13:30 from Kings Cross and someone is assaulted around that time, then my details can be shared to "combat crime", because I must have been on the station at the time in question, and it could have been me?

That is absolute nonsense. I set out above the circumstances when GDPR allowed information to be shared, and as I said it cannot be shared for the purposes of a fishing expedition, which is exactly what it would be, because the railway company think that the alleged offender is Bloggs, because Smith gave them Bloggs' details, and when they are shown that it isn't Bloggs, then they have to go fishing around to try to find out who the offender might have been, and as I have said repeatedly now, where does that get them anyway? It simply shows on whose app the ticket was purchased. It doesn't show who purchased the ticket or more importantly who travelled on the train, and who used the ticket.

There might be a dead person on the ground and I might be holding a knife, but you still have to prove that it was me that killed the person on the ground, and that I intended to do it.

The railway company should have asked for proof of identity of the person in possession of the ticket at the time, and recorded that information. Since they didn't do that, there is a fatal flaw in their case.

They have to prove their case. They have to prove beyond reasonable doubt, i.e. so that the Court is sure that Smith was in possession of the ticket and using it illegally and they cannot do that, because short of an admission now from Smith, they cannot prove that.

 

[ashkeba]

Sorry but you're just making that up. Please show me where there is a "vital interests" clause in the GDPR. Please also show me the app user agreement that says that a person's details can be "shared for combatting crime".

GDPR Article 6 but on reading further, it seems that combating crime is usually thought to be permitted by the "public interests" part of the same article.

The Trainline app requires you to agree to https://www.thetrainline.com/terms/privacy which includes agreeing to "We may also share your personal data with travel operators to prevent and detect fraud against either you, Trainline or the travel operator."

So sharing their details is legal. Use of an eticket or any numbered ticket means it will not be what yoy call "a fishing expedition"

It is correct to say the railway must still make the case but the OP will probably be identified as prime suspect. There may be CCTV. I do not think they will escape.

 

[NorthWestRover]

Please show me where there is a "vital interests" clause in the GDPR

Article 6(i)(d), not that it's relevant to this case.

== Doublepost prevention - post automatically merged: 11 Mar 2022 ==

Please also show me the app user agreement that says that a person's details can be "shared for combatting crime"

GDPR Article 6 but on reading further, it seems that combating crime is usually thought to be permitted by the "public interests" part of the same article.

No, it's the exemption available under Schedule 2, Part 1, Paragraph 2 of the Data Protection Act 2018 that enables Trainline to share the personal data with the TOCs. There is no need for an agreement between them and the data subject's consent is irrelevant.

 

[AlterEgo]

. There may be CCTV. I do not think they will escape.

what use is CCTV here? The train company doesn’t know what the OP looks like.

 

[furlong]

LucyP, this forum attempts to give advice based on what participants know happens in the real world. The fact is that data does get shared under agreed protocols and courts are unlikely to be concerned about this to the level you imagine, as even if there was a technical breach (which is unlikely in this type of case) the remedy would be unlikely to make a material difference. (The railway officer could still point and say "That is the person I stopped".) In a situation like this "wait to be contacted" (and take the chance they won't bother tracking you down) is one view expressed. The other is to assume you will be tracked down now or in the future and to try to mitigate it by dealing with it up-front now. Only the OP can decide which set of risks and outcomes and levels of worry they prefer.

 

[jon0844]

GDPR Article 6 but on reading further, it seems that combating crime is usually thought to be permitted by the "public interests" part of the same article.

The Trainline app requires you to agree to https://www.thetrainline.com/terms/privacy which includes agreeing to "We may also share your personal data with travel operators to prevent and detect fraud against either you, Trainline or the travel operator."

So sharing their details is legal. Use of an eticket or any numbered ticket means it will not be what yoy call "a fishing expedition"

It is correct to say the railway must still make the case but the OP will probably be identified as prime suspect. There may be CCTV. I do not think they will escape.

Also, when an e-ticket is scanned the details are captured and saved - and it isn't difficult to request information at a later date (and, of course, maybe they won't - if you fancy taking the risk). I think that you'll also find in due course (if not already happening) they'll be flagging e-tickets that are only used at one end (suggesting the possibility of someone short faring) and generating a hit list like TfL does (and as many will have seen on TV documentaries) on various criteria. CCTV can and will be monitored to identify the people they're looking for, before doing a sting.

As I've said many times, people doing things with digital tickets are going to get a nasty shock in the coming months/years. If they think they're being clever, they really do risk ALL their dirty laundry being exposed in one hit. I am not sure the Shaggy defence will quite cut it either.

 

[Andy Pacer]

what use is CCTV here? The train company doesn’t know what the OP looks like.

Unless the exchange at the station was captured by CCTV given that you'd assume a report would detail the date and time I guess.

 

[skyhigh]

How can they share the information because of GDPR? What are they going to ask for? The details of Mr Bloggs, because the OP (Mr Smith) gave them the details of Bloggs, not Smith. And how does an e-mail address help to identify any one? There was no postal address in this case. The OP said that he downloaded the ticket.

You clearly don't understand.

To use Trainline (even for e-tickets) a name, postal address and email address is attached to an account.

From an e-ticket reference a TOC can submit an online form to Trainline and they will provide all relevant information held on that account. This happens on a daily basis.

 

[Trainman66]

Clearly this is a mess and one I regret. Before I get gunned down any more just to update.
I phoned the debt agency as advised by northern as I also called them where I gave them my travel incident reference over the phone.

I told them what I had done (false details whilst I was drunk etc) and they said that I should send them an email with my account of events which I will be doing over the weekend and seeing if there’s any way this can be settled without court.

I was also told that usually it’s only a court matter if no one responds to the letters that are sent. But I obviously can’t guarantee this so I’m prepared for the worst outcome anyway.

 

[AlterEgo]

Unless the exchange at the station was captured by CCTV given that you'd assume a report would detail the date and time I guess.

Yeah it’ll show a person being stopped and spoken to. And how do they get his details from looking at his face on a screen?