Resource Recycling
  • The Latest
  • Analysis
    • All
    • Certification Scorecard
    • Industry Announcements
    • Opinion
    From claims to custody: PCR procurement grows up

    From claims to custody: PCR procurement grows up

    What the NAND flash crunch means for remarketing, refurbishment and residual values

    Telamon acquires ITAD consultancy Retire-IT

    Certification Scorecard — Week of July 6, 2026

    Tech giant pens detailed ‘plastic-free packaging’ guide

    What Google’s latest report means for ITAD

    Unpacking the Starbucks cup data

    Unpacking the Starbucks cup data

    Amazon cutting out more flexible packaging

    Amazon’s AWS hardware reuse is measured

  • Conferences
    • Resource Recycling Conference
    • Plastics Recycling Conference
    • E-Scrap: The Longevity Conference
    • Textiles Recovery Summit
  • Publications
    • E-Scrap News
    • Plastics Recycling Update
    • Policy Now
    • Resource Recycling
    • Other Topics
      • All Topics
      • Brand Owners
      • Critical Minerals
      • Glass
      • Grant Watch / RFPs
      • Markets
      • Organics
      • Packaging
      • Research
      • Technology
      • Textiles
Subscribe
No Result
View All Result
Resource Recycling
  • The Latest
  • Analysis
    • All
    • Certification Scorecard
    • Industry Announcements
    • Opinion
    From claims to custody: PCR procurement grows up

    From claims to custody: PCR procurement grows up

    What the NAND flash crunch means for remarketing, refurbishment and residual values

    Telamon acquires ITAD consultancy Retire-IT

    Certification Scorecard — Week of July 6, 2026

    Tech giant pens detailed ‘plastic-free packaging’ guide

    What Google’s latest report means for ITAD

    Unpacking the Starbucks cup data

    Unpacking the Starbucks cup data

    Amazon cutting out more flexible packaging

    Amazon’s AWS hardware reuse is measured

  • Conferences
    • Resource Recycling Conference
    • Plastics Recycling Conference
    • E-Scrap: The Longevity Conference
    • Textiles Recovery Summit
  • Publications
    • E-Scrap News
    • Plastics Recycling Update
    • Policy Now
    • Resource Recycling
    • Other Topics
      • All Topics
      • Brand Owners
      • Critical Minerals
      • Glass
      • Grant Watch / RFPs
      • Markets
      • Organics
      • Packaging
      • Research
      • Technology
      • Textiles
Subscribe
No Result
View All Result
Resource Recycling
No Result
View All Result
Home E-Scrap

NAID: personal data abounds on ‘wiped’ devices

Colin StaubbyColin Staub
March 30, 2017
in E-Scrap
Hard drive data

The largest probe to date of used devices supposedly scrubbed of their data found that 40 percent still retained some amount of personal information.

Conducted by the National Association of Information Destruction (NAID), the study examined a random sample of 258 smartphones, tablets and hard drives. NAID hired data security provider CPR Tools to analyze the devices. First announced in January, the study’s findings were released concurrent with the annual NAID conference last week.

The results showed 50 percent of the tablets, 44 percent of the hard drives and 13 percent of the mobile phones retained personally identifiable information after being wiped.

Despite the varying percentages, Bob Johnson, CEO of NAID, pointed to the relatively small sample size of each device type and explained the big takeaway is the overall trend that a substantial portion of disposed and wiped storage devices continue to contain personal information.

“The average person out there doesn’t think about these things, so it is a way to remind them that … this stuff is on this equipment,” he said in an interview. “It isn’t like the bad guys don’t know it’s there.”

Test tactics

All 258 devices used in the study were purchased by Johnson over the internet. He bought storage devices from eBay, Amazon, Newegg and other online marketplaces, buying just one or two from any single vendor in order to draw from a range of sources. The criteria included staying within a particular price range, and the hard drive had to be advertised as used and wiped of data.

Roughly two-thirds of the sources NAID purchased used devices from were commercial ventures, as opposed to an individual selling their own personal device.

CPR Tools went to work on the devices but did not analyze them as thoroughly as the testers could have. That was by design, Johnson said.

Some previous studies employed elaborate tactics to obtain data from supposedly wiped devices. The fact that some were completed in an academic research lab might give the impression one has to be a top tech expert to be able to access personally identifiable information on devices. That’s not the case, Johnson said.

“We specifically went to (CPR Tools) and we said, ‘Plug ’em in. We want you to find what an unsophisticated teenager could find using downloaded shareware,'” Johnson said. The goal was to communicate how easy it is even for fairly amateur data thieves.

A continuing trend

The concept of testing wiped devices goes back about 15 years, when a research team purchased 158 used hard drives and probed them for any remaining personal information. Since that research – which found a significant number of devices contained personally identifiable information even after being wiped – several studies have consistently elicited the same results.

With the new study, NAID aimed to raise further awareness. Although more and more companies are realizing the importance of proper IT asset disposition (ITAD) procedures, there is still a communication gap that leaves many consumers vulnerable.

John Shegerian, CEO of ERI, responded to the “eye-opening” findings this week, stating they serve as an “urgent warning of an ongoing threat to our national security and individual privacy as Americans.”

Not an indictment

Johnson made clear NAID does not view the results as reflecting poorly on the industry as a whole.

“It’s really not an indictment of the process, nor an indictment of reputable service providers. It’s more that people are not paying attention to the qualifications of service providers they’re putting (devices) through,” Johnson said.

Shegerian agreed, noting “the problem lies with service providers who are not qualified and, too often, with businesses and individuals who feel they can do it themselves.”

In the initial announcement that NAID would conduct the study, the organization said it would aggregate the data to avoid publicly shaming any ITAD firms. But if regulators took interest, NAID said it would offer the full findings to the government. So far, it hasn’t heard from any enforcement authorities, Johnson said.

“If health information turns up on a hard drive, some covered entity violated the security rule in HIPAA, and it’s not like you don’t know who they are – you’ve got their hard drive,” Johnson said. “Every instance where personally identifiable information was found, there is a violation of law.”

While it will ultimately be up to NAID’s board of directors, Johnson said he hopes the study becomes a continuing project to chart trends over the years.

 

Tags: ITADMobile Devices
TweetShare
Colin Staub

Colin Staub

Colin Staub was a reporter and associate editor at Resource Recycling until August 2025.

Related Posts

What the NAND flash crunch means for remarketing, refurbishment and residual values

Telamon acquires ITAD consultancy Retire-IT

byDavid Daoud
July 9, 2026

Telamon will be retaining Retire-IT founder Kyle Marks, who built that business over 21 years.

Auto Draft

Digital product passports offer gateway into secondary market

byPaul Lane
July 7, 2026

Industry leaders say buyers and sellers of used mobile devices would benefit from standardized rules for how to treat second-hand...

ITAD firm wins spot for NASA purchasing

ITAD firm wins spot for NASA purchasing

byDavid Daoud
July 6, 2026

New Jersey's AnythingIT is among the small businesses awarded a place in the agency's 10-year enterprise procurement vehicle.

MP Materials breaks ground on rare earth magnet campus in North Texas

ERI confirms ITAD shift toward minerals

byDavid Daoud
July 3, 2026

Electronic Recyclers International's new Impact Report offers a window into how one of North America's largest ITAD and electronics recycling...

Rod McDaniel

Westward expansion continues for S3 Recycling

byPaul Lane
July 2, 2026

The company is tripling its California ITAD footprint after its latest acquisition.

Metallium makes progress in advanced metal recovery tech

byPaul Lane
June 24, 2026

The company is working to make its electrical pulse-based technology commercially viable.

Load More
Next Post
Washington legislation

How GPS tracking shook up Washington's e-scrap system

More Posts

Oregon’s Recycling Modernization Act faces injunction

Oregon’s EPR program posts first-year results

July 6, 2026
Two recycled-content bills gain approval in California

California agriculture seeks SB 54 repeal

July 7, 2026
Unpacking the Starbucks cup data

Unpacking the Starbucks cup data

July 8, 2026
In Our Opinion: Coalitions: The EPR Differentiator

Inside NAW’s constitutional case against packaging EPR

July 6, 2026
Tech giant pens detailed ‘plastic-free packaging’ guide

What Google’s latest report means for ITAD

July 8, 2026
EPR fees are a market signal. Here’s what they’re telling you.

Building the infrastructure behind EPR

July 6, 2026
SB 54 draft rules generate debate on rates, review

California increases PET market payments

July 7, 2026
MP Materials breaks ground on rare earth magnet campus in North Texas

ERI confirms ITAD shift toward minerals

July 3, 2026
ITAD firm wins spot for NASA purchasing

ITAD firm wins spot for NASA purchasing

July 6, 2026
Auto Draft

Digital product passports offer gateway into secondary market

July 7, 2026
Load More

About & Publications

About Us

Staff

Archive

Magazine

Work With Us

Advertise
Jobs
Contact
Terms and Privacy

Newsletter

Get the latest recycling news and analysis delivered to your inbox every week. Stay ahead on industry trends, policy updates, and insights from programs, processors, and innovators.

Subscribe

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • The Latest
  • Analysis
  • Recycling
  • E-Scrap
  • Plastics
  • Policy Now
  • Conferences
    • E-Scrap Conference
    • Plastics Recycling Conference
    • Resource Recycling Conference
    • Textiles Recovery Summit
  • Magazine
  • About Us
  • Advertise
  • Archive
  • Jobs
  • Staff
Subscribe
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.