Your browser is no longer supported

For the best possible experience using our website we recommend you upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of MRW, please enable cookies in your browser

We'll assume we have your consent to use cookies, so you won't need to log in each time you visit our site.
Learn more

Security risks at the heart of the WEEE Directive "deeply disturbing"

By Greg Pitcher

Millions of computers are being given away containing sensitive data as companies clamour to comply with the Waste Electrical Electronic Equipment (WEEE) Directive, a survey has revealed.

Remploy e-cycle found that more than three in four UK companies that have recently made computers available for reuse failed to wipe files fully.

The computer recycling firm, a member of WEEE consortium Revive, commissioned FT Research to examine the readiness for the law of 350 leading companies.

The WEEE Directive makes producers of electroscrap responsible for its recovery, and end-users responsible for recycling some existing goods, from August 2005.

FT found that 75% of companies had sold or given away computers recently, but only 23% of these had cleansed the data sufficiently to make it unrecoverable. The businesses questioned included organisations that almost certainly hold sensitive data, according to Remploy.

General manager of Remploy e-cycle Noel Harasyn said: Quite frankly, this is deeply disturbing. It is laudable that companies are already making redundant equipment available for reuse but in the overwhelming majority of cases, they are not rendering the data on hard drives unrecoverable.

The survey found that 91% of companies were aware of the WEEE Directive, although more than four in 10 of these could not say when it came into force.

More than half of respondents had measures in place to help with compliance, but 16% of large-scale companies had no procedures and were not developing any.

While 53% of firms said they made sure their non-IT electro-scrap was recycled, 29% admitted they sent such waste straight to landfill sites.

More than four in 10 of the UKs leading companies were unable to demonstrate that they had destroyed data held on the hard drives of computers they had given away.

Almost a quarter of firms questioned admitted they had no idea how they would ensure hard-drives reused in accordance with the WEEE Directive were secure.

The survey found that 60% of companies will pass their redundant electrical equipment on for recycling or reuse in accordance with the law. But only 13% were able to demonstrate that they would undertake data destruction to the required standard.

Less than three in 10 companies agreed with making producers responsible for disposing of WEEE. Almost half thought end-users should pay.

Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions. Links may be included in your comments but HTML is not permitted.