PODCAST TRANSCRIPT:

If you’re a regular listener to the podcast, you know that it’s rare that we go behind the scenes at SERI, the Administrative Body for the R2 Standard. But at SERI, we have a new R2 Director, and we thought it would be appropriate have him on the podcast so that he could share some of his experience as a compliance manager, certification consultant and R2 auditor. There’s some helpful information over the next 10 or 12 minutes on this episode of Ask the R2 Guru. I’m Roger Greive from SERI, Champions of Electronics Sustainability.

Mike Easterbrook has had a lot of different connections to the R2 standard over the course of many years. This varied background and experience made him our first choice to take on the role of R2 Director, in charge of day-to-day administration of the R2 standard and supervisory oversight of the R2 Technical Advisory Committee. I began the conversation with Mike by asking him for details of his background.

RG: Welcome to the podcast… let’s begin by you telling us a little bit about your background and what brought you to SERI.

ME: Sure …so first a little bit about my family. I’ve been married to my wife now for about 11 years we have two kids together — Laila’s three years old and Eva is 9 months. I was born in Southern California, lived here my whole life. In terms of my career, I got started working in the environmental world by starting in stormwater consulting which I did for a little while. I was introduced into the electronics reuse and recycling industry in 2007 as a compliance coordinator at a facility here in Southern California. Due to the 2008 crash, they went out of business, and I was left fending for myself at a time when no one was hiring. So, I started doing consulting — little piecemeal work for various companies that I knew — either compliance consulting or helping them get certified to ISO 14001. I later worked for a couple of companies that I consulted for up until 2012, when I decided to go to law school. Although I spent a lot of my time in law school from working as a consultant with Glenview group, I also did a little bit of auditing with Perry Johnson, starting in 2018. I also joined the R2 Technical Advisory Committee in January 2021, and this last year, started doing executive committee review for Perry Johnson.

RG: So, you’ve had experience with various versions of the R2 standard. What’s the first version of the R2 standard that you worked with?

ME: I worked with companies getting certified to the first version of the standard R2:2008 pretty early on – helped some of the first facilities here in the LA area get certified to the standard and continued to work with the next version 2013 and R2v3 as well, so I’ve worked with all versions of the standard so far.

RG: That’s why you’re the perfect person to be the R2 director for R2V3. So, given all this experience as an auditor and consultant, and then member of the Technical Advisory Committee for SERI, what do you think would help facilities in the homes stretch of the of the transition to R2V3?

ME: Some of the mishaps that I’ve seen with companies transitioning to R2v3 are coming from different areas of the standard. First there’s a requirement in Core Requirement 3 to do a periodic evaluation of hazardous substances so that’s something that could be put into the risk assessment/hazard assessment that the company maintains and sometimes that’s overlooked and not done. And since it’s a core requirement, it applies to all facilities — even the cell phone refurbisher. Their risk may be very low, but nevertheless, that is something that is required and needs to be done.

Another thing is that I see is that not all data devices are included in the Data Sanitization Plans. Although hard drives, solid-state drives, and phones may be listed, sometimes devices that the facility is processing are missed, such as smartwatches or tablets or fitness trackers. That’s the common mishap that I see in the Data Sanitization Plan.

Another requirement that is sometimes missed is from Core Requirement 7 –communicating the method of the data sanitization to the supplier. A big one is from Appendix C if you want to stop tracking controlled streams at the 1st R2 facility — I believe it’s under Appendix A(4)(a) — you have to register your downstream chain with SERI. If you don’t register your downstream chain with SERI ,then you have to continue to track the R2 controlled stream to end of life.

A final thing I’d mention comes from Appendix B. There’s a requirement to do data recovery on the devices that are logically sanitized and the number in there is 5%. I don’t always see that evidence that 5% was done… and how long does 5% need to be sampled before you drop it down to at least a minimum of 1%? So sometimes there’s not evidence that 5% was done to establish that the data recovery attempts are not successful and indeed the data has been sanitized.

RG: How long would you think that should be that 5%?

ME: It depends on the quantity of devices processed. If somebody’s doing a thousand a day then maybe a month or so might be sufficient — or even less than a month if they’ve done 5% and had no data recoverable. I think it really depends upon the organization to vet and determine what’s appropriate given the amount of data devices that they process before dropping it down so that they can have certainty that that they’re doing the data sanitization process properly.

RG: These three or four items you mentioned are a very helpful little list for companies to make sure that they have that taken care of before proceeding out of their internal audits and into the main audit. With all this, what are some common things you see in facilities that have successful transitions to R2v3?

ME: I think one thing that’s really important in standards is leadership commitment to that standard and providing the necessary resources, whether that’s personnel, time to be able to properly implement and train those in the organization on the requirements of the standard. Whenever leadership is committed, I’ve always seen there be success in audit.

RG: Well, the other side of that same question — what about facilities that are having a little bit more of a struggle achieving R2v3 certification — what do you see with them?

ME: I don’t want to say that leadership’s not committed, but they might not have done a very thorough internal audit. I think it’s really important to dig in through your Internal Audit, through your Compliance Audit, through your Data Sanitization and Security Audit, and really find all the issues that are occurring within your system so that they can be fixed by the time that the auditor comes. That way, it’ll really help you to determine what you need to do to fully show that you’re conforming to all the requirements during this transition time.

RG: Mike, that is nothing but great information and thank you so much for taking the time to do this, and it’s nice to introduce you to the podcast audience and if anybody has other further questions, you’re always available by e-mail correct?

ME: I certainly am. Thank you Roger my e-mail address is mike@sustainableelectronics.org.

RG: That’s great — thanks once again and I’m sure the people who listen to this podcast we’ll be hearing from you soon.

ME: Thanks Roger.

*********
RG: That’s it for this episode of Ask the R2 Guru. Thanks for listening, and thanks again to Mike Easterbrook and as always to the SERI team for their assistance in producing this podcast. You can find a complete transcript of my conversation with Mike in the Podcast section of the R2 Knowledge Base on the SERI website. You’ll find that at sustainable electronics.org.