A few weeks ago, I watched a BBC report on illegal dumping of toxic waste in Abidjan in the Ivory Coast. My first reaction: it is sickening to see how the waste of the west is causing so much ill health – and death – in the developing world. It is a tragedy.
Many of the images carried by the BBC, however, were also of trucks unloading tonnes of waste in rubbish tips and landfill sites. It was clear that much of this waste had its origins in the west, as people scavenged for anything from pieces of plastic to old IT equipment. They can resell many of these items.
The problem is that much of this rubbish, especially IT equipment, can be hazardous. However, the reason we have the WEEE (Waste Electrical and Electronic Equipment) directive in Europe is to stop this kind of thing happening. Obviously, anecdotal evidence highlights that some waste is slipping through the gaps.
So do companies know what happens to their old equipment when they get rid of it? Do organisations consider their social responsibility when it comes to waste, and do they think about the damage to their reputation if it was found that they illegally dumped hazardous, but everyday items, such as computers? What should companies be doing with their old IT equipment?
The short answer is simple: dispose of it in an environmentally friendly way. But what options do businesses have?
One is to look to re-sell the equipment or give it to a reputable charity. Another is to trade it in to the vendor. Often old IT equipment still has a value and can be traded in to offset the cost of new equipment. Businesses should be asking their IT suppliers about such schemes, as not only can it help turn rubbish into revenue but it also encourages re-use, a key principle of the environmental movement.
Although old IT equipment might seem as if it has no value because of its age, it is always worth investigating. For example, an old laptop or server may not hold value as a whole item, but parts of it might.
Equipment that cannot be re-sold or traded in should be disposed of in line with WEEE regulations at an authorised disposal centre. The problem is there are lots of unscrupulous “one man in a white van” types who claim to offer environmentally friendly disposal but in reality do not. It is an organisation’s moral and legal responsibility to ensure they are not caught out by cowboys.
Authorised disposal centres provide certification so a business can prove it has adhered to environmental regulations. Should the business be audited or need to provide confirmation of what happened to its IT assets this certification is vital.
Once the equipment is at one of these centres, it will be stripped down into salvageable parts and the reminder broken down into components, such as different metals, which can be taken away and smelted.
Another issue to consider is security. Organisations must ensure any assets they resell, give away, trade in or recycle are wiped of data. No company wants to find one of its old computers for sale on eBay or on a tip in Abidjan with its old data on it.
To prevent this, all retired devices should be wiped of business data to HMG Infosec Standard 5 grade, which is certified by the US Defence Department, the UK’s GCHQ, and is endorsed by most financial organisations. It is a straightforward process and can be outsourced to a partner who will provide certification. This precaution will prevent sensitive data falling into the wrong hands and enable the business to meet data protection regulations.
Failing to dispose of old IT assets and other harmful waste properly is not only immoral, but could also open up organisations to an unacceptable level of risk.