StevenWhiting.com

A place for info I've learnt in IT & stuff. (I get a little kick back from affiliate ads & links, just so you are aware)

It appears Parking Enforcement Agency and Parkshield Collection LTD have never heard of the “Streisand effect” this is a social phenomenon that came about many years ago (2003) when Barbra Streisand attempted to sue Kenneth Adelman and pictopia.com for violation of privacy. The lawsuit meant that an image of Barbra’s house that had only been viewed a few thousand times, suddenly was viewed over 400,000 thousand times. Barbra lawsuit was dismissed.

The term was apparently coined by Mike Masnick in 2005

“How long is it going to take before lawyers realize that the simple act of trying to repress something they don’t like online is likely to make it so that something that most people would never, ever see (like a photo of a urinal in some random beach resort) is now seen by many more people? Let’s call it the Streisand Effect.”

More info of the origin of the term can be found on Wikipedia

https://en.wikipedia.org/wiki/Streisand_effect#Origin_of_the_term

Anyway, back to Parking Enforcement Agency. A company I’d long forgotten about but due to their antics on 11th September 2020 I stood up and took notice again. This lead me to contact several media outlets to air my issues.

It started back in August 2019. For some reason and I can’t remember why, I came across Parking Enforcement Agency. It’s possible I’d visited one of their “managed” car parks but have never been given a ticket because I pay for my parking when required. But being in IT I’m always curious to know what the IT security is like with these companies, considering how shady their charges normally are and their IT always appears bad.

I proceeded to their website and shocked to see no SSL cert at all (since corrected). All forms they were requesting people to fill in to contest their ticket were insecure. All data was being passed over the Internet in plain text. This means anyone could intercept the form, grab your details or even pause the form from being set, change the details before sending it on.

I recorded this issue along with fiddler open next to the browser. It shows the security issue in all its glory.

https://open.lbry.com/@Stevenwhiting:e/parking-enforcement-agency-parkshield:3

This footage was up on YouTube and has been for over a year. It wasn’t until the 11th September that a person known as Andrew Palmer filed a false copyright strike on the video. This appears to be an attempt to censor the video knowing full well the YouTube strike system is open to abuse. This meant the video was instantly removed and I now have to prove I own the copyright and have a valid reason to use said footage.

There is nothing in law, not that I can find, that states you can’t record footage of yourself browsing a website. A websites layout, structure etc, can’t be copyrighted. Logos can. There is only one logo of theirs on the site (a VERY basic one, none of the other images are theirs). But again their claim is invalid. Under Fair Dealing laws in the UK any use of copyrighted works is allowable if:

For Review or Criticism: quoting work for use in criticism or review is allowed. The amount of content quoted must be appropriate to the length and purpose of the review and the source of the original material must be acknowledged.

I do both. I’m criticising the security of the website and I’ve even included links to the originals at the time of the video.

We can now see that www.parkingenforcementagency.org as of at least the 23/7/2020 have finally purchased an SSL cert for the site. This is when the certificate starts so we can only assume they still hadn’t purchased a certificate before that date, so the site was still insecure.

What is still troubling is  http://www.parkshieldgroup.com still doesn’t default to their own certificate, which was only purchased on the 15/08/2020.

The first DuckDuckGo link (which was some weeks ago) points to the insecure version (appears to have finally been updated on DuckDuckGo but not on Google) and so does the first Google link

All they had to do in cPanel (as we can see their certificates are cPanel ones) is put auto redirect on to only point to the SSL version.

What is more amusing is their lack of understanding how the Internet works. There is an old saying “The Internet never forgets”. In the IT industry we are interested in the history of computing and the history of the Internet. Interested in long past sites, how they used to look extra. Geocities was a massive site in the 90s for hosting homemade websites from the early days of the Internet. When that was being shut down, thankfully people clubbed together to grab copies of most of the old content for history.

Anyway, what Parking Enforcement don’t realise is their sites have also be “archived”. Why is this of interest? Because of their bullshit move with their “Policy update”.

If we look at their policy page it states “This policy was last updated on 1/04/19”. This happens to be 4 months BEFORE my video was up on YouTube. That’s funny because that WASN’T there when I created my video. Unfortunately I never filmed that page. So how do we prove this is bullshit? How do we prove this appears to be an attempt to avoid any future investigation from the ICO (which they’ve been reported too since this copyright strike issue, I’d never have bothered if they hadn’t falsely flagged the video). We use the amazing https://web.archive.org/

Their policy page now

The same page on The Way Back Machine. As we can see, this page was captured on the 29 May 2019, over a month after the date they claimed they’d updated their policy. This clearly shows they hadn’t actually updated the policy. They would have been e-mailed direct by me if they had an e-mail address on that page at the time but they never did. They now have due to realising its required for GDPR.

We also take a look at their images they used throughout the site, are they trying to claim copyright on them via the YouTube system? Surely not? If we download the images and do a reverse image search we find, that most if not all of them are stock images. This specific one is from Getty images, iStockphoto or one of the other manage stock photo repositories and used all over. I’d also be curious if they are correctly using the license for the photos if one is required.

Ironically at the bottom of that search we find their own page

Which links to, ironically, the unsecured page 🙂

We also have their Terms & Conditions page where they are clearly attempting to claim copyright on all the “photographs”

The only image on their site that actually appears to be theirs, is their logo. All others are stock images.

The list of issues goes on. It is now Jan 2021 and these issues still aren’t fixed. The copyright strike has expired but the video is still not on YouTube but is on other platforms and will stay. They’ve finally bought a cert for the main parking fines site but the park shield group site still points to insecure pages. And what appears to be an attempt to mislead with the policy change. We can see, the date they claimed the policy was in place, it wasn’t.

What annoys me more is the YouTube strike They clearly abused the system yet YouTube/Google don’t want to get involved. Yet they do, when they removed the video. They never replied to my contact (As YouTube don’t want to be involved they ask you to contact the company first). Trying to dispute it with YouTube is a pain and that is what they were betting on. Betting that I wouldn’t bother or YouTube would be difficult. There was no explanation of what they were claiming, this is the problem with YouTube, there should be a requirement to explain what they are disputing. Throughout the whole issue, I was never informed what was being claimed. There was nothing to claim. They had no rights over the video at all, the sole point appeared to be just to have the video removed. YouTube has become an monopoly and the abuse of the copyright system needs to end. For tiny seeds like my channel that are in a massive forest, we’ll never be heard. It won’t change until the big players start to fight the issue.

Luckily we have LBRY and Odysee (friendly frontend to LBRY).

https://odysee.com/@Stevenwhiting:e/parking-enforcement-agency-parkshield:3?r=AcyG2hp74Jwiq1dGxS1EZSLxBaYGN4Cj

OST viewer

Have used before. It’s very good and free.

https://www.nucleustechnologies.com/ost-viewer.html

Adverts

UPDATE – I’ve changed the Amazon links to point to the Smile charity Amazon links instead so I don’t get anything but a charity will. More info about Smile Amazon here https://www.amazon.co.uk/gp/help/customer/display.html?nodeId=202035970

Sorry about the adverts. I needed to put them on to try and fund the site. Feel free to put an adblock on if you wish. I’d rather you didn’t as would help with the hosting fees (which have gone up) but I understand if you wish to disable them.

If you’d like to donate, I’d be grateful 🙂

PayPal Donation. Fanks :o)

https://docs.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite

The nice people at my hosting helped me fixed this, Krystal. As I thought it might be an issue at their end but turns out it wasn’t. Most other providers wouldn’t of bothered fixing this as it was my issue, not theirs.

It was a rogue plugin. Rename the plugin folder on your WordPress via FTP or Cpanel. Then you should be able to get into admin. Rename plugin back to what it was which should bring back all plugins but they will be disabled. Then turn them on, one by one, till you find the one causing the issue.

Bad Behaviour was the one causing this. I note it hasn’t been update for months and not tested with the version of WordPress I’m on so I’ve left it disabled.

Run CMD as admin and just type as follows

REG ADD “HKLM\SOFTWARE\Policies\Google\Chrome” /v IncognitoModeAvailability /t REG_DWORD /d 00000002

Other interesting reg settings


https://www.chromium.org/administrators/policy-list-3

uninstall-adddomaincontroller -lastdomaincontrollerindomain -removeapplicationpartitions

This will still fail if you have the box ticked in AD that protects the object from deletion.