Enterprises rolling out AI tools are destroying large numbers of still-functional devices as they juggle data security, regulatory pressure and sustainability commitments, according to new research from Blancco.
The company’s 2026 State of Data Sanitization Report published today draws on responses from 1,460 IT, cybersecurity, compliance and sustainability leaders at large, regulated organizations across North America, Europe and Asia-Pacific. It examines how respondents handle end-of-life data-bearing assets and identifies gaps between stated confidence in data sanitization and what happens when devices leave service.
Survey highlights link between AI rollout and device destruction. The report found that 90% of surveyed organizations deployed AI tools or software in the past year. Of those AI adopters, 99% say they destroyed at least some drives or devices as a result.
The report describes an environment in which AI adoption increases data generation, storage needs, compute demands and regulatory exposure. The findings indicate that this combination contributes to shorter refresh cycles and more cautious handling of end-of-life devices, especially where large data sets or sensitive workloads are involved.
The report also notes that demand for memory and storage is contributing to rising device and drive prices. The findings indicate that enterprises are under pressure to modernize infrastructure and manage growing data sets while also facing higher capital costs when replacing equipment that might otherwise have been reused.
Security concerns around data leaks remain a major driver of conservative behavior. Some 38% of organizations experienced a data leak in the past twelve months. Respondents most often point to improper network configurations, but a significant share of incidents involve data-bearing hardware changing hands. Among organizations that reported a leak, 32% say it stemmed from redeployed drives or devices that still held sensitive data, while 42% cite lost devices and 25% cite stolen devices.
Reported confidence in sanitization remains high despite those incidents. Indeed, 73% of respondents describe themselves as “very” or “extremely” confident that data is fully removed before devices are disposed of, and another 21% say they are “moderately” confident. The findings associate this confidence gap with the specific methods organizations use and how consistently those methods are applied.
What is characterized as best-practice sanitization, certifiable erasure performed while devices remain connected to the network, is used by 32% of organizations for mobile devices, 18% for laptops and desktops, and 23% for data center assets. Other approaches that can leave data recoverable continue to see wide use. For laptops and desktops, 33% of organizations report relying on simple reformatting, and 22% use paid software-based overwriting tools that are not certified or aligned with a recognized standard. For data center assets, 19% say they use uncertified overwriting tools. The report also notes that 89% of organizations report having asset sanitization policies, but only 61% say those policies are implemented and communicated across the business.
These gaps appear to be feeding a destruction-first mindset, as 43% of mobile devices destroyed were still functional at the time of destruction, along with 35% of laptops and desktop PCs and 44% of data center assets. The report also provides average ages at destruction: around 2 years and 4 months for corporate mobile devices, about 3 years for laptops and desktops, and approximately 3 years and 8 months for data center assets. The figures suggest many devices are being shredded well before the end of their expected technical lifespans.
Sustainability goals sit alongside these security concerns. The report found that 77% of respondents say they prefer reusing devices rather than destroying them. About one-third of organizations overall describe sustainability as a major influence on how they manage end-of-life devices, with higher figures in some regions. Yet 56% identify data security as a major barrier to advancing sustainability goals, and 53% say they lack technology they regard as adequate for safely sanitizing devices without destruction.
Regulation is another central factor. According to the survey, 41% of respondents say new or evolving data privacy and protection rules were the main driver behind recent changes in end-of-life data management. Nearly 60% report increasing spending on data privacy and protection compliance compared with the previous year, and on average they say that spending rose 40% over 2024 levels. The findings indicate that many organizations now operate under multiple overlapping privacy and data protection frameworks, raising the stakes for consistent, auditable execution throughout the data lifecycle.
For IT asset disposition firms and electronics recyclers, the report points to a market where both supply and demand for reuse exist but risk perceptions heavily shape outcomes. On the supply side, large volumes of still-working enterprise hardware are being destroyed. On the demand side, the report notes that among organizations that purchase refurbished devices, a majority cite sustainability or ESG goals as a primary reason, and nearly as many point to cost savings.
The report concludes that trust in sanitization processes sits at the center of these trends. Blancco argues that organizations are more likely to choose reuse when they can apply verifiable data erasure methods aligned with recognized standards and show that data has been irreversibly removed.
