responsible recycling to reduce your risk of liability

Reducing your risk of liability from off network technology

© SERI – Home of the R2 Standard 12/2/2015

© SERI – Home of the R2 Standard

Benefits of the Global Technology Boom

• Smart phones & tablets sales: 1.2 billion in 2013 2.1 billion by 2017

(Source: CCS Insight and ITU)

• As of 2014:44% of world’s households with internet access.

• 7 billion mobile subscriptions for world population of 7.2 billion (78% in Africa, Asia, and Pacific markets)

• Improved access to information, education, healthcare, financial services & economic opportunities.


The Challenge of Unintended Consequences

Illegal Dumping

Illegal Exporting

Data Security Breaches

Significant harm to people and the environment

Estimated 50 million tons of e-scrap generated each year.


The Challenge of Unintended ConsequencesThe U.S. is not immune to the challenges.

Abandoned Warehouses

Roadside dumping

In Response to Growing Concerns

• Multi-stakeholder group, convened in 2008 by the U.S. EPA, tasked with identifying best practices for recycling growing volume of used electronics.

• Result of this work:The R2 Standard for Responsible Recycling


Non-profit organization

that governs the R2 Standard

A Safe & Sustainable Solution

• Protects data• Protects people • Protects the environment• Preserves resources• Requires legal compliance


• Requires industry best practices for data destruction and sanitization.

• Requires tight security and chain of custody controls to protect equipment and data.


Protects Data

• Safe management & tracking of potentially harmful materials throughout the entire the recycling chain.

• Due diligence on all downstream vendors.• Legal compliance with all applicable laws pertaining

to management/import/export of used electronics.• Certification to ISO 14001 or RIOS


Protects People & Environment


How broken smart phones are being reused:• Screens reused in new electronic toys• CPUs reused in new remote controls

and e-readers• GPUs reused in new digital picture frames• Rare/precious metals recovered and reused

Preserves Resources by Emphasizing Reuse

R2 Standard permits partnerships that safely & responsible maximize reuse opportunities

• R2 certified company, along with partners in Romania & Thailand, kept more than 5 million toner cartridges out of land-fills last year.

• NEW manufacturing of cartridges requires 400% more energy & resources than RE-manufacturing cartridges to original OEM specs.

• 3.5 quarts of oil is used to produce the plastic in each new cartridge.

© SERI – Home of the R2 Standard 2015

• Emphasis on RESOURCE management rather than “WASTE” management

• No landfilling or incineration permitted.

• Emphasis on reuse as most environmentally beneficial option for used electronics.


Preserves Resources

• Requires compliance with all applicable regulations, including Federal, state and local

• Requires compliance with all international regulations including the Basel Convention where it has been ratified.


Legal Compliance


Do you know what happens to your electronic equipment after it leaves your possession?

You should. The consequences of data breaches, environmental liability, and civil and criminal penalties resulting from lack of due diligence can do significant harm to your brand, reputation and bottom line.

Your Broker/Recycler is NOT the final destination for your used electronics

Used Electronics

ITAD

Reuse

Developing Countries

Low income families Schools

Recycle

CRT Glass Processor

CRT Processor

CRT Glass Processor

Copper Smelter

Low Value Shredder

Secondary Smelter

Primary Smelter

Battery Aggregator

Lithium Processor

Lead Acid Batteries

Nickel Batteries© SERI – Home of the R2 Standard 2015


Understanding your risks• 2015 study by IBM & the Ponemon Institute

found average total cost of a single data breach is $3.79 million ($154 per data record).

• 2015 study by Blancco Technology Group & Kroll Ontrackfound an alarming 48% of the hard disk drives & solid state drives they tested contained residual data. ‒ Study found ineffective deletion attempts had been

made on 75% of the devices containing information.‒ In some cases, 100% of the data was able to be

recovered.


Understanding your legal responsibility

The Gramm-Leach-Bliley Act

Requires companies that offer consumersfinancial products or services like loans, financial or

investment advice, or insurance to safeguard sensitive data – including devices. Additionally, prior to allowing a service provider access to customer personal information, the organization must take reasonable steps to ensure that the service provider is capable of maintaining appropriate safeguards.



The Fair and Accurate Credit Transactions Act (FACTA)

Requires organizations to dispose of data contained in consumer reports and records in a way that is reasonable and appropriate to prevent unauthorized access to or use of the information. The FTC also encourages those who dispose ofany records containing a consumer’s personal or

financial information to take similar protective measures.


Understanding your legal responsibility The Health Insurance Portability and

Accountability Act (HIPAA

Requires that covered entities must have in place policies and procedures regarding the transfer, removal, disposal, and re-use of electronic media, to ensure appropriate protection of electronic protected health information.

Lack of sufficient controls for devices and media is one of the top 5 most common sources of breaches, according to Marylou King (former official with the U.S. Department of Health and Human Services Office of General Counsel).



HIPAA continued -

The new Omnibus Rule could increase the likelihood that university hospitals and other health care providers will face liability for conduct by business partners and sub-contractors.

This is significant since it is estimated that these business partners, rather than the health care providers themselves, are responsible for more than 60 % of HIPAA violations.



FTC’s Children’s Online Privacy Protection Act (COPPA)Applies to companies that collect personal information from children under 13 (such as social media sites or other websites/apps that are used by children.

Requires businesses take “reasonable steps” to keep children’s information private and secure, and that “reasonable care” be taken before releasing private data to service providers or other third parties to ensure that they are capable of maintaining the privacy and security of the information.



COPPA continued –

COPPA also requires that Businesses disposing of personal data take “reasonable steps: to protect against unauthorized access.

A COMMON THEME FOR DATA SECURITY REGULATIONS :

Reasonable steps /due diligence/ precautions must be taken by those collecting confidential data.


R2 Certified companies reduce your risk of data liability • The R2 Standard requires rigorous quality

controls to ensure your data is sanitized in adherence to the most secure industry practices.

• Rigorous annual audits of R2 companies provide greater assurance that data is effectively protected & destroyed.

• Results of the BLANCCO / KROLL ONTRAK study reveal ITAD companies fell short 48% of the time in protecting data.

• “Certificates of destruction” are meaningless without proof of a 3rd party audit to back up the claim.


Understanding environmental liability

The Resource Conservation and Recovery Act (RCRA)calls for “cradle to grave” management of hazardous waste, and makes generators of hazardous waste liable for the proper management or disposal of the hazardous material.


Understanding environmental liabilitySuperfund – Comprehensive Environmental Response, Compensation and Liability Act (CERCLA) • Enacted to help clean up releases of hazardous

substances into the environment. It authorizes the federal government to demand and collect cleanup costs from all companies that are deemed to have contributed to the hazardous situation.

• If an initial polluter is unable to pay the clean-up costs of their pollution (for instance a recycler), the government can seek clean-up costs from firms deemed to have contributed to that pollution (businesses disposing of retired IT assets).


• The Superfund Recycling Equity Act (SREA)offers a measure of protection from environmental liability for companies that take “reasonable care”when conducting due diligence of the facility to which the recyclable material was sent.

• Selecting R2 certified brokers/recyclers who undergo rigorous annual audits provides greater assurance that electronic equipment will be managed responsibly.

R2 brokers/recyclers reduce your environmental risks


• The FBI has seen a 53% increase in its economic-espionage caseload in the past year.

• According to an FBI official quoted in the Wall Street Journal:“It’s actually shocking the lengths they will go to, including trespassing at manufacturing sites, hiring employees who will bring secrets with them, and using computers to steal data.”

Increase in corporate espionage


• What is the cost of negative press?Being associated with an environmental incident or data security breach can have far-reaching negative impacts on a company.

• The costs arising from such incidents can be: – direct (such as environmental cleanup costs)

– indirect (loss of business resulting from bad press or public concern over a data breach… Loss of shareholders)

Damage to Brand & Bottom Line


Most Globally Respected Standard for Electronics Recycling & Refurbishing


Comparing R2 & e-Stewards

The Similarities –

• R2 & e-Stewards have a great deal in common.

• Environmental, health, and safety provisions parallel one another.

• Both require compliance with all applicable laws and regulations.

• Both require tracking, transparency and downstream accountability.



Primary difference: R2’s emphasis on REUSE.• Reduces need to mine for new raw materials.• Reduces carbon footprint of manufacturing. • Access to affordable, refurbished electronics has positive

social and economic impacts for developing countries. Bridges the digital divide, improves education, & enables participation in global economy.

• BAN (controlling body for e-Stewards) has lobbied for extreme restrictions on resale of used electronics, which negatively impacts the ability to reuse electronics and the ability of brokers/recyclers to maximize reuse throughout the world.

Comparing R2 & e-StewardsPrimary difference: The organizations behind the standardsSERI (Sustainable Electronics Recycling International), owner of the R2 Standard, and BAN (Basel Action Network), owner of the e-Stewards Standard, have very different missions:

• SERI works to create a world where electronic products are repaired and recycled in a way that promotes resource preservation, and health & safety of the environment, communities, and workers. We do this through the development of best practices, consensus-based solutions, & the R2 Standard.

• BAN works to prevent the globalization of the toxic chemical crisis. We work in opposition to toxic trade in toxic wastes, toxic products & toxic technologies that are exported from rich to poorer countries. Alternatively, we work to ensure national self-sufficiency in waste management through clean production and toxics use reductions and in support of the principle of global environmental justice — where no peoples or environments are disproportionately poisoned and polluted due to the dictates of unbridled market forces and trade




Primary difference: R2 allow more opportunity for innovation and technological advances.• SERI understands that the business world is dynamic and

purposely designed R2 with this in mind. The R2 Standard has performance-based requirements. The method of implementation, however, may vary among different businesses and models. R2 allows companies to innovate and change as the business and technologies evolve.

• Conversely, BAN has developed e-Stewards to be more prescriptive, which inhibits a company’s ability to adapt to changing circumstances.



Primary difference: Transparent development process• R2 is a consensus-based standard.

‒ Organized and developed by a US EPA-convened group of all key stakeholders.

‒ Issues and decisions about the technical requirements and application of the R2 Standard are addressed by a multi-stakeholder technical advisory committee (R2 TAC).

• Conversely, e-Stewards standard is developed & controlled by a single organization (BAN) with limited input from e-Stewards certified organizations and other stakeholders.


Former Exec. Secretary of the Basel Convention for the UN Environmental Program weighs in…

“ The R2 Standard provides the most comprehensive solution for safe and sustainable electronics recycling and repair. Its emphasis on reuse, and on resource management over “waste” management, has become increasingly important as electronic use around the world – particularly in Asia and Africa – continues to rapidly increase and deplete limited supplies of natural resources…


Former Exec. Secretary of the Basel Convention for the UN Environmental Program weighs in…

“ …Clearly, efforts of the past decade to ban exports of used electronic devices and components have not been sufficient to respond to these developments. It is essential to prevent illegal transactions, while improving recycling practices around the world with training, technology sharing and accountability. In this area, the R2 program is leading the way.”

--Dr. Katharina Kummer Peiry

responsible recycling to reduce your risk of liability

Documents