What is R2v3?

What is R2v3? 

The R2v3 standard is also known as the Responsible Recycling Standard (R2) certification. In the electronics industry, it is a globally recognized standard and is maintained by certification group Sustainable Electronics Recycling International (SERI). A voluntary standard that demonstrates sustainable practices along with data security, R2v3 verifies trustworthy electronics processors.  

The R2v3 standard was released in July 2020 and is the second revision of the R2 standard which is a collection of voluntarily adopted operational procedures based on third-party audits. 

Compared to the first revision of the R2 standard, R2v3 has built upon the initial foundations to put place a significantly increased focus on data protection, which entails adhering to the requirements of numerous interconnected laws on information security and environmental health and safety. 


R2v3 Certification 

The secure asset disposition of data-bearing items such as laptops, desktops, tablets, cellphones, servers and data center equipment, must be carried out in a way that minimizes risk in all of its various forms. R2v3 focuses especially on reducing the two key risks of data protection and environmental risks.  

It’s important to understand industry perspectives when it comes to detecting, mitigating and minimizing risks associated with third parties. 

The latest research on data risk in the third-party ecosystem was carried out last year by the Ponemon Institute. The study surveyed over 1,000 IT and IT security professionals familiar with their organizations’ approach to managing third-party data risk. 

The study revealed that 60% of respondents think that the number of cybersecurity incidents involving third parties is increasing and just 34% of respondents have confidence that a primary third party would notify their partners of a data breach.  

As a recent example of a data breach within the industry, Morgan Stanley Wealth Management agreed to pay a $35 million fine imposed by the SEC after it found that they failed to properly dispose of thousands of hard drives and backup tapes containing sensitive information of up to 15 million individuals. It’s clear that Morgan Stanley failed to properly vet and manage their vendor, who then sold approximately 4,900 IT assets (including unwiped hard drives that contained a multitude of sensitive information).

The R2v3 certification standard means that IT asset managers can rest assured that their assets will be securely handled. R2v3-certified facilities go through rigorous annual audits by a recognized third-party certification authority, which lowers the risk, and consequently the risk of any brand damage associated. An annual audit is carried out which confirms that the IT Asset Disposition (ITAD) organization is following the R2v3 standard's guidelines for data security, sanitization, and electronics sustainability. 


R2v3 Certified Companies 

R2v3 certified IT Asset Disposition (ITAD) organizations are better able to reassure clients of the effectiveness of their data destruction and waste management procedures. 

If you’re an IT asset manager, working with an R2v3 certified company will give you assurance that all sensitive data will be permanently deleted or destroyed, that electronics with residual value will be repurposed, and that assets won't end up in a landfill or in a disposal site halfway across the world. 

Waste from electronic equipment is a worldwide problem - in 2019, the world generated a record 53.6 million tons of electronic waste. 

Using R2v3 certified facilities helps businesses achieve their sustainability objectives because the R2 standard is by design geared towards a sustainable circular economy. R2v3 certified establishments are expected to recover recyclable materials and repurpose electronics whenever possible - even when it costs more to recycle equipment than it does to dispose of it.  

Furthermore, partnering with an R2v3 certified ITAD company will instill confidence within your supply chain and customer base and ensure your IT disposal activity is aligned with local and international regulations. 


R2v3 Checklist 

The R2v3 standard is more than just a management system. With a focus on outcomes, R2v3 certification creates the governance to verify that used electronics are handled responsibly and sustainably. 

R2v3 requires rigorous data sanitization requirements. Data erasure guidelines are provided below as an example: 

  • Enhanced security controls and monitoring systems 

  • Traceability from receipt to sanitization 

  • Video recordings of physical destruction 

  • When logically erased, software-generated records are created for each serial number 

  • Equipment is cleared of any locks, logins, or passwords to cloud services 

  • Verified sanitization by the Data Protection Representative 


Techbuyer R2v3 Certified Facility 

The R2v3 Standard is a great roadmap for evaluating your vendors. Techbuyer’s facility in West Deptford, NJ was one of the first in the US to achieve the R2v3 certification. We are proud to be able to demonstrate that all end-of-life equipment is recycled in safe conditions and to the highest security standards. 

US Managing Director, Chris Towers commented that: 

“By being one of the first IT Asset Recovery organizations to obtain R2v3 certification, Techbuyer has shown that we are a cut above the rest in this highly competitive industry. It demonstrates to both our current and potential clients that they’re picking a capable, responsible service provider who will work with them as a true partner to safeguard their interests.” 

Our R2v3 certified ITAD solution can help you to dispose of your redundant IT in the most ethical, environmentally friendly, stress-free, and cost-effective way. Recover the best value from your IT hardware with our industry leading IT asset recovery service - Find out more here.

Get in touch with us directly below: