By Corey Dehmey, R2 Director
Periodically questions and misconceptions arise about whether certain requirements of the R2 Standard are applicable to a recycler’s business model. Page one of the R2:2013 Standard states,
“All the provisions of this R2:2013 Standard shall be conformed to by R2:2013 electronics recyclers. Whether conformed to directly, or through a contracted third party, the burden of proof resides with the R2:2013 electronics recycler to demonstrate conformity to each requirement.”
R2 Certified recyclers are required to meet each of the 13 Provisions of the R2 Standard. Unlike other standards, such as ISO 9001, neither the recycler nor the auditor is permitted to “exclude” a provision as being non-applicable to the scope of the recycler’s business.
Common misconceptions about “exclusions and exemptions”
“I just recycle, so I’m exempted from Provision 2 and Provision 6 reuse requirements.” FALSE. In accordance to the hierarchy in Provision 2, all R2 certified companies are required to evaluate equipment for reuse potential and at a minimum, direct such electronics to qualified refurbishers if refurbishment is not done internally (in accordance to Provision 6.c.3).
“My customers do not allow for reuse so I’m excluded from Provision 6.”
FALSE. Recyclers are required to direct equipment to reuse (in accordance to Provision 2.a.1) when equipment is reusable -- unless a customer specifically requests in writing that the equipment must be recycled and not reused. This type of contractual customer agreement is permissible and would meet the requirement of Provision 6.a. It is not permissible, however, for a recycler to establish a general policy of no reuse that customers must agree to.
“My customer doesn’t require me to do any data destruction.”
While limited exemptions are allowed under Provision 8.a if requested in writing by the customer, this is the exception and cannot be made the rule for a recycler’s benefit. The introductory paragraph of R2:2013 states that R2 Certified recyclers must ensure “all data on all media devices is secure until destroyed.” Provision 8.h does allow for an R2 recycler to outsource data destruction one level to a qualified downstream vendor who will sanitize the data in accordance with other Provision 8 requirements. Ultimately though, it is the R2 Certified recycler who is responsible for data sanitization, so due diligence and quality assurance are necessary. Additionally, the R2 Certified recycler must also maintain records of data destruction performed by the downstream vendor.
According to the R2 Code of Practices, the Certification Body is required to verify the scope of the recycler’s business prior to accepting a new candidate. If a company cannot meet all Provisions of the R2 Standard, and does not qualify for one of the Allowances defined in Section VII of the Code of Practices (Broker, Campus, Co-Location, FM Processor), then the company is not eligible for R2 Certification and should not be audited. Defined Allowances must be stated on the R2 Certificate -- this is the only way that provisions that may not apply to a particular company can be excluded from the audit.