The Basel Action Network is pleased to announce the solution to one of the most serious toxic waste issues of our time:
The e-Stewards Standard for Responsible Recycling and Reuse of Electronic Equipment®
The Standard is the result of long collaboration between the environmental community and leaders in the recycling, auditing, occupational health, data security, and manufacturing industries as well as from the accredited third party certification industry. It is the standard that will be applied in the e-Stewards third party audited, accredited certification for electronics recyclers that will be begin in early 2010.
Two documents are now available:
The complete e-Stewards Standard for Responsible Recycling and Reuse of Electronic Equipment (which contains the entire ISO 14001 standard) that serves as the basis for official certifications. Our use of ISO proprietary language and our licensing of it from ANSI requires a purchase price. To purchase, click here to go to the purchase page, where you will see a "Buy Now" button. Or, send a check for $125 dollars payable to The Basel Action Network, 122 South Jackson Street, Suite 320, Seattle, WA, 98104, along with an email address and we will send you a PDF copy.
An excerpted version of the complete Standard, which contains all the industry-specific e-Stewards performance requirements, but only summarizes the ISO requirements. This version may not be used for the purposes of certification. The purpose of this excerpted document is to provide access to information about the specific e-Stewards requirements that are built into the ISO requirements for an environmental management system. This version is available at no cost and can be freely distributed. Click here to download.
See www.e-Stewards.org for more information.
Electronic Recycling processes all Waste Electrical and Electronic Equipment (WEEE) to the highest environmental standards using the best available technology
http://www.electronic-recycling.ie/
Welcome to the world of Electronic Recycling in Dublin, Ireland. Our News will mostly include articles and information on the world of recycling with a specific attention to recycling of Electronic Waste and Data Security.
Searching the blog under "Data Security, Exporting or Donating" will bring up a list of related articles
Wednesday, July 29, 2009
Thursday, July 23, 2009
Brazil Waste: Shipping company to bring it back
Original story from Tiffany Holland: MRW 22 July 2009
The shipping company, which originally took the illegally exported UK waste over to Brazil will pay the cost of returning it to the UK, the Environment Agency has said.
Environment Agency head of waste and resource management Liz Parkes told MRW: “At the moment the waste, is under the control of the Brazilian authorities and we need to bring it back legally, which takes time. When all the paperwork concerning the waste is filled in and the Brazilian authorities have agreed to it we can ship it back to the UK.
“The shipping company that took it out there will be paying for it to be shipped back in the repatriation of the waste.”
It is believed that once Brazil has released the waste, it will take around six weeks to reach the UK.
As the EA investigates the situation, the real number of containers of illegally exported waste found in Brazil is not yet known. Initially, the EA was notified of two containers, but it seems a series of illegally exported shipments were made under the guise of plastic for recycling and the number of containers could now reach up to100.
Media reports have suggested that two Swindon companies are responsible for the shipments to Brazil, Parks was unable to comment on this.
Parkes said: “The EA already does a lot of work in this area by checking where waste is going and the quality of the waste. We have been pleased with our progress as there seems to be a much higher awareness now over material quality, so it is very disappointing that we have this fairly serious issue occurring still. It is also disappointing if it were to undermine public confidence in recycling.”
According to Parkes, regulations regarding waste movement have only recently been reviewed with tighter and tougher controls. However, there are difficulties policing certain waste such as Waste Electronic and Electrical Equipment, as it is perfectly legal to export second-hand working electronics. However end-of-life broken electrical equipment is subject to export controls.
Parkes added: “I think the answer with waste in general is to ensure the markets are working properly and the right procedures are in place. It is up to all of us to sort waste properly.”
If those responsible for exporting waste to Brazil are taken to Crown Court they could be subject to unlimited fines and custodial sentences. If taken to a magistrates court, a £20,000 fine and two years in prison is the maximum punishment.
Sixty-four containers of hazardous waste were found on 17 July at three Brazilian ports (see MRW story). It was reported that this waste contained syringes, condoms, packs of blood and WEEE, although the EA could not comment on this
Electronic Recycling recyles all types of Waste Electrical and Electronic Equipment (WEEE) to the highest standards using the best available technology
www.electronic-recycling.ie
AGT Technology Ireland, converting waste plastics to energy
www.agt-technology.ie
The shipping company, which originally took the illegally exported UK waste over to Brazil will pay the cost of returning it to the UK, the Environment Agency has said.
Environment Agency head of waste and resource management Liz Parkes told MRW: “At the moment the waste, is under the control of the Brazilian authorities and we need to bring it back legally, which takes time. When all the paperwork concerning the waste is filled in and the Brazilian authorities have agreed to it we can ship it back to the UK.
“The shipping company that took it out there will be paying for it to be shipped back in the repatriation of the waste.”
It is believed that once Brazil has released the waste, it will take around six weeks to reach the UK.
As the EA investigates the situation, the real number of containers of illegally exported waste found in Brazil is not yet known. Initially, the EA was notified of two containers, but it seems a series of illegally exported shipments were made under the guise of plastic for recycling and the number of containers could now reach up to100.
Media reports have suggested that two Swindon companies are responsible for the shipments to Brazil, Parks was unable to comment on this.
Parkes said: “The EA already does a lot of work in this area by checking where waste is going and the quality of the waste. We have been pleased with our progress as there seems to be a much higher awareness now over material quality, so it is very disappointing that we have this fairly serious issue occurring still. It is also disappointing if it were to undermine public confidence in recycling.”
According to Parkes, regulations regarding waste movement have only recently been reviewed with tighter and tougher controls. However, there are difficulties policing certain waste such as Waste Electronic and Electrical Equipment, as it is perfectly legal to export second-hand working electronics. However end-of-life broken electrical equipment is subject to export controls.
Parkes added: “I think the answer with waste in general is to ensure the markets are working properly and the right procedures are in place. It is up to all of us to sort waste properly.”
If those responsible for exporting waste to Brazil are taken to Crown Court they could be subject to unlimited fines and custodial sentences. If taken to a magistrates court, a £20,000 fine and two years in prison is the maximum punishment.
Sixty-four containers of hazardous waste were found on 17 July at three Brazilian ports (see MRW story). It was reported that this waste contained syringes, condoms, packs of blood and WEEE, although the EA could not comment on this
Electronic Recycling recyles all types of Waste Electrical and Electronic Equipment (WEEE) to the highest standards using the best available technology
www.electronic-recycling.ie
AGT Technology Ireland, converting waste plastics to energy
www.agt-technology.ie
Wednesday, July 22, 2009
Householders Waste €35m of energy on "Standby"
Irish consumers are wasting up to €35 million worth of energy annually by leaving appliances on standby when not in use.
TVs, DVD players, stereos, computers and microwaves are consuming vast amounts of energy when they are not fully turned-off - and leaving them on is costing the average household up to €40 annually.
Sustainable Energy Ireland (SEI) has revealed that appliances left on standby are wasting 30 watts of electricity every hour - which, over a year, equates to the same amount of energy as 220 loads in the washing machine.
Households can also save cash by cutting down their use of appliances. The cost of operating appliances can vary from €116 a year for a dishwasher, to €90 for a fridge freezer. Hairdryers can cost around €18 a year, while a hair straightener sets a household back around €30 a year.
A blender costs an average of €9 a year to run, while a carving knife costs around €3.20 a year to operate if used for one hour every month.
Research conducted by consumer website - saveafewbob.ie - found that the cost of monthly gas and electricity bills is a major concern among Irish consumers, especially those with young families. Managing director of saveafewbob.ie, Niall McHenry said - "I have no doubt that consumers could save hundreds of euro each year on their electricity bills and also cut back significantly on their gas bills."
A spokesman for the ESB said it is impossible to estimate how much the average household spends on the use of appliances each year, but added that the average electricity bill has dropped by €15 over the last 12 months to €140.
An SEI spokesman said - "When buying appliances, look for the energy label and choose the most efficient one which suits your needs and your budget - and then make sure you use it efficiently."
SEI estimates that buying energy efficient appliances could save households up to €100 a year. It said simple measures such as switching-off lights when you’re not in the room, turning the thermostat down by one degree and closing doors and windows to prevent heat loss, could mean big savings for householders.
Figures from SEI show that, over the past 20 years, there has been an increase of more than 1,200% in the number of homes with a microwave, while there has been an increase of 559% in the number of homes with a dishwasher. Also the number of homes with two or more TVs has risen by 248%.
Irish householders use 27% more energy per dwelling than Britain and we stand at 36% over the EU average.
If it plugs in or has a battery, we can recycle it
http://www.electronic-recycling.ie/
Click to visit Computers for Irish Schools
http://www.computersforschools.ie/
TVs, DVD players, stereos, computers and microwaves are consuming vast amounts of energy when they are not fully turned-off - and leaving them on is costing the average household up to €40 annually.
Sustainable Energy Ireland (SEI) has revealed that appliances left on standby are wasting 30 watts of electricity every hour - which, over a year, equates to the same amount of energy as 220 loads in the washing machine.
Households can also save cash by cutting down their use of appliances. The cost of operating appliances can vary from €116 a year for a dishwasher, to €90 for a fridge freezer. Hairdryers can cost around €18 a year, while a hair straightener sets a household back around €30 a year.
A blender costs an average of €9 a year to run, while a carving knife costs around €3.20 a year to operate if used for one hour every month.
Research conducted by consumer website - saveafewbob.ie - found that the cost of monthly gas and electricity bills is a major concern among Irish consumers, especially those with young families. Managing director of saveafewbob.ie, Niall McHenry said - "I have no doubt that consumers could save hundreds of euro each year on their electricity bills and also cut back significantly on their gas bills."
A spokesman for the ESB said it is impossible to estimate how much the average household spends on the use of appliances each year, but added that the average electricity bill has dropped by €15 over the last 12 months to €140.
An SEI spokesman said - "When buying appliances, look for the energy label and choose the most efficient one which suits your needs and your budget - and then make sure you use it efficiently."
SEI estimates that buying energy efficient appliances could save households up to €100 a year. It said simple measures such as switching-off lights when you’re not in the room, turning the thermostat down by one degree and closing doors and windows to prevent heat loss, could mean big savings for householders.
Figures from SEI show that, over the past 20 years, there has been an increase of more than 1,200% in the number of homes with a microwave, while there has been an increase of 559% in the number of homes with a dishwasher. Also the number of homes with two or more TVs has risen by 248%.
Irish householders use 27% more energy per dwelling than Britain and we stand at 36% over the EU average.
If it plugs in or has a battery, we can recycle it
http://www.electronic-recycling.ie/
Click to visit Computers for Irish Schools
http://www.computersforschools.ie/
Thursday, July 16, 2009
Jimmy and Mary get sued
Last month Jimmy and Mary decided not to pay Electronic Recycling to have their small business computers disposed of in a compliant manner. Instead they tried to bring them to a civic amenity site, which are only for use by private individuals, but the CA site was closed. While they had something to eat, their car was broken into and the computers were stolen. Subsequently €12,000 was taken from their bank accounts.
Jimmy’s problems did not end there and some weeks later, his phone rings........
Jimmy’s problems did not end there and some weeks later, his phone rings........
“Hi Mary, what’s up?”
“Jimmy, we just got a registered letter from Crachet and Quiver Solicitors”
“Yeah, what’s it about?”
“Jimmy, we’re being sued for a hundred thousand euro!!”
“What”
“It’s something to do with information taken from a computer they say is ours”
“What do you mean, who is it that’s suing us?”
“It says they’re called Bragg Civil Engineering”
“Why are they suing us Mary? They’re a customer of Mick Fuller, the builder I do work for with the van”
“Jimmy, they’re suing Mick as well, you better come home and read this”
“There you are Jimmy, what took you so long?”
“I got here as fast as I could, where’s that letter?”
“Here it is Jimmy, I’m sick since I read it”
“Calm down Mary, it can’t be that bad”
“Jimmy, we don’t have a hundred thousand euro, we’d have to sell the house”
“Don’t be silly Mary, nobody is selling the house”
“Don’t call me silly Jimmy, you’re the one that lost the computers”
“I didn’t lose them, they were stolen”
“Well they wouldn’t have been stolen if you weren’t trying to be a smart Alec and save a few euro”
“Listen, we’ll talk about it later, I’m going to see the lawyer”
“Good afternoon Mr. McGuire, you’re here to see John DeFixor, he will be with you in a few minutes”
“Good afternoon Jimmy, come in, come in, have a seat”
“Thanks Mr. DeFixor”
“What can I do for you?”
“I got this registered letter this morning, I’m being sued for a hundred thousand euro because of some information that was on a computer that was stolen from my car”
“Let me have a look”
“Well Jimmy, this does look serious, I’ll need to study it and make some calls to the other side, can you leave it with me and I’ll give you a call later?”
“OK, thanks Mr. DeFixor”
“Yeah, Hello Jimmy McGuire here”
“Hi Jimmy, John DeFixor here, can you talk?”
“Yeah, go ahead”
“Well Jimmy, it looks like you have a problem here, apparently Bragg Civil Engineering lost out on a major tender because of an information leak and when they traced the leak, it came from a hard drive which was bought on eBay, which was then traced to a computer last owned by you, which I assume is one of the computers stolen from your car”
“What does this mean Mr DeFixor?”
“Well Jimmy you will have to defend this or else they will get a judgement against you for a hundred thousand euro”
“How much will that cost?”
“I don’t know Jimmy but it is in the High Court so you could be looking at about thirty thousand euro “
“Thirty thousand!! I don’t have thirty thousand euro”
“Listen Jimmy, if you drop into me with five thousand euro, I will start the defence ball rolling, that will delay things for a while and we can figure out the costs later”
“OK Mr DeFixor, thanks, I will have to see where I can get five thousand euro, I’ve already lost twelve grand because of those stupid computers”
“Well Jimmy, how did it go?”
“Not good Mary, I need to get five grand to the lawyer to defend the case”
“Where are you going to get five grand? Our bank account were already cleared out”
“We’ll have to sell your car Mary”
“My car! You’re not selling my car”
“We’ll have to Mary, I need the van for work and we don’t have anything else worth five grand”
“I never forgive you for this Jimmy McGuire - will the five grand fix the problem?”
“I don’t know Mary, it only starts the defence, I won’t know until next month”
“You and you’re trying to save money Jimmy McGuire, why didn’t you bring those computers to Electronic Recycling?”
“I know Mary, I know”
Next Month. Jimmy goes to Court...................
Friday, July 3, 2009
A Treasure Trove For Hackers
From the Irish Times on Friday 3rd July 2009
NUMEROUS LAPTOP thefts have highlighted poor corporate security practices and privacy protection in recent months. Companies however may be overlooking a source of potentially serious data leaks: employees who work at home, writes KARLIN LILLINGTON
Forensics experts at the Dublin office of consultancy Ernst & Young have found evidence that prominent companies in Ireland are allowing home-based employees to download sensitive company and client data to their personal computers.
Second-hand computer hard drives containing sensitive information - including hundreds of customer bank, Laser and credit-card account details, car registration information, staff PPS numbers, internal corporate information and e-mail details - were purchased on Irish auction website eBay.ie from owners who, in most cases, had not even bothered to erase the drives.
With forensic tools, the data could be accessed easily - even when the drive was erased.
In addition to exposing their employers to litigation, and customers and employees to potential fraudulent use of their data, the failure of employees to protect such data is a violation of European data protection legislation.
Pat Moran, a partner at Ernst & Young's Dublin office, says: "We found very sensitive corporate information about customers, transaction levels and volumes, company and personal e-mails, customer lists and, in one case, a plan for the technical architecture of the company's network." .
The network plan could have given hackers easy access to the corporate network of the company.
For the investigation, several drives were bought on eBay's Irish website from random individual owners for as little as €5.
"The purpose was to analyse what type of documents might be found on second-hand computers," says Moran.
He says it was obvious who the employers of the computer sellers were, based on the data on their PCs and laptops. The employers include well-known companies in the utility and financial services industries here, he says.
"Some of the information belonged to some of our own clients as well, and we had to tell them we had found it," he says.
Basic forensics programs were able to retrieve data even when owners believed they had erased the hard drives. Many home PC owners are unaware that safely erasing drives involves more than just reformatting or erasing the drive using inbuilt tools provided on home PCs, Moran says.
Corporate computer drives are generally cleaned numerous times with an industrial-strength erasing tool before PCs or drives are sold on.
"It proved to us that we could see a common thread: people remotely working from home and forgetting when changing the home PC that they have quite a bit of work material on it," Moran adds.
Proper security would require that work information only be allowed out in an encrypted form to PCs and laptops provided by the firm. Unauthorised computers should be unable to access any corporate files from the company network, especially sensitive client data.
Moran says his forensics unit has also noticed increasing levels of fraudulent breaches of company phone exchanges (PBXs).
In one case, an Irish company's PBX was hacked and the breach was only discovered when its monthly phone bill spiked from €10,000 to €60,000.
"Hackers were using the PBX to make calls into Cuba. They were selling time on that network to Cubans," he says.
The hackers themselves were using a North American-based server for the breach.
"The trend we're seeing for this type of fraud is that hackers look for bank-holiday weekends - long stretches when no one is likely to notice unusual activity on the network," says Moran.
In the Cuban case, the security was also poor for the PBX, a digital network running on the company's internet connection. Rather than place a firewall in front of the PBX and the internet connection, the firewall only protected the company's internet access and hackers gained access easily.
Another problem - and one Moran flags as a growing issue - was that the company had outsourced its PBX management and the management company failed to notice the odd traffic patterns for three weeks.
Moran says that too often, security is an afterthought when information systems departments are under pressure to meet project deadlines. Also, many IT specialists do not realise where the security "back doors" are. "However, when you have those IT breaches, privacy breaches and laptop thefts, it's not the IT security guy that's on TV with a microphone under his chin - it's the chief executive."
Moran says the solution is better corporate governance and better security awareness at management and board level. For example, it is not good enough that managers say they have implemented security requirements such as laptop encryption - someone needs to verify this has been done.
In addition, Moran believes a national disclosure law of the sort now standard in the US would be helpful. In most US states, companies must report any IT security breach involving personal information. "We've tried the carrot. Now we're moving more towards the stick," he says.
Data discovery: disks sold on eBay
Of eight disks purchased on eBay, only three had been erased by the owner. Typical of what was found on the disks:
A brand-name online payments company (disk purchased for €5.79 including P&P). Information recovered:
• Technical files relating to a popular bill payment solution which included technical specification documents and consultancy firm reports in relation to the bill payment solution;
• PPS numbers of staff and customers;
• Hundreds of customer bank account numbers and sort codes;
• Hundreds of Laser card numbers and expiry dates;
• Hundreds of credit card numbers and names;
• Significant amount of e-mails detailing customer data;
• Internal corporate information, staff details etc.
A well-known Irish car dealership (disk purchased for €10.79 including P&P). Hard disk for sale on ebay.ie with comment in ad: "Used to be in a Dell computer but I removed it. I didn't bother deleting the files off it but this can be easily done." Information recovered:
• Bank account numbers;
• Customer names and addresses;
• Customer invoices and bank details;
• Customer car registration information.
• "Second-hand computer hard drives containing sensitive information were bought on eBay
This article appears in the print edition of the Irish Times
NUMEROUS LAPTOP thefts have highlighted poor corporate security practices and privacy protection in recent months. Companies however may be overlooking a source of potentially serious data leaks: employees who work at home, writes KARLIN LILLINGTON
Forensics experts at the Dublin office of consultancy Ernst & Young have found evidence that prominent companies in Ireland are allowing home-based employees to download sensitive company and client data to their personal computers.
Second-hand computer hard drives containing sensitive information - including hundreds of customer bank, Laser and credit-card account details, car registration information, staff PPS numbers, internal corporate information and e-mail details - were purchased on Irish auction website eBay.ie from owners who, in most cases, had not even bothered to erase the drives.
With forensic tools, the data could be accessed easily - even when the drive was erased.
In addition to exposing their employers to litigation, and customers and employees to potential fraudulent use of their data, the failure of employees to protect such data is a violation of European data protection legislation.
Pat Moran, a partner at Ernst & Young's Dublin office, says: "We found very sensitive corporate information about customers, transaction levels and volumes, company and personal e-mails, customer lists and, in one case, a plan for the technical architecture of the company's network." .
The network plan could have given hackers easy access to the corporate network of the company.
For the investigation, several drives were bought on eBay's Irish website from random individual owners for as little as €5.
"The purpose was to analyse what type of documents might be found on second-hand computers," says Moran.
He says it was obvious who the employers of the computer sellers were, based on the data on their PCs and laptops. The employers include well-known companies in the utility and financial services industries here, he says.
"Some of the information belonged to some of our own clients as well, and we had to tell them we had found it," he says.
Basic forensics programs were able to retrieve data even when owners believed they had erased the hard drives. Many home PC owners are unaware that safely erasing drives involves more than just reformatting or erasing the drive using inbuilt tools provided on home PCs, Moran says.
Corporate computer drives are generally cleaned numerous times with an industrial-strength erasing tool before PCs or drives are sold on.
"It proved to us that we could see a common thread: people remotely working from home and forgetting when changing the home PC that they have quite a bit of work material on it," Moran adds.
Proper security would require that work information only be allowed out in an encrypted form to PCs and laptops provided by the firm. Unauthorised computers should be unable to access any corporate files from the company network, especially sensitive client data.
Moran says his forensics unit has also noticed increasing levels of fraudulent breaches of company phone exchanges (PBXs).
In one case, an Irish company's PBX was hacked and the breach was only discovered when its monthly phone bill spiked from €10,000 to €60,000.
"Hackers were using the PBX to make calls into Cuba. They were selling time on that network to Cubans," he says.
The hackers themselves were using a North American-based server for the breach.
"The trend we're seeing for this type of fraud is that hackers look for bank-holiday weekends - long stretches when no one is likely to notice unusual activity on the network," says Moran.
In the Cuban case, the security was also poor for the PBX, a digital network running on the company's internet connection. Rather than place a firewall in front of the PBX and the internet connection, the firewall only protected the company's internet access and hackers gained access easily.
Another problem - and one Moran flags as a growing issue - was that the company had outsourced its PBX management and the management company failed to notice the odd traffic patterns for three weeks.
Moran says that too often, security is an afterthought when information systems departments are under pressure to meet project deadlines. Also, many IT specialists do not realise where the security "back doors" are. "However, when you have those IT breaches, privacy breaches and laptop thefts, it's not the IT security guy that's on TV with a microphone under his chin - it's the chief executive."
Moran says the solution is better corporate governance and better security awareness at management and board level. For example, it is not good enough that managers say they have implemented security requirements such as laptop encryption - someone needs to verify this has been done.
In addition, Moran believes a national disclosure law of the sort now standard in the US would be helpful. In most US states, companies must report any IT security breach involving personal information. "We've tried the carrot. Now we're moving more towards the stick," he says.
Data discovery: disks sold on eBay
Of eight disks purchased on eBay, only three had been erased by the owner. Typical of what was found on the disks:
A brand-name online payments company (disk purchased for €5.79 including P&P). Information recovered:
• Technical files relating to a popular bill payment solution which included technical specification documents and consultancy firm reports in relation to the bill payment solution;
• PPS numbers of staff and customers;
• Hundreds of customer bank account numbers and sort codes;
• Hundreds of Laser card numbers and expiry dates;
• Hundreds of credit card numbers and names;
• Significant amount of e-mails detailing customer data;
• Internal corporate information, staff details etc.
A well-known Irish car dealership (disk purchased for €10.79 including P&P). Hard disk for sale on ebay.ie with comment in ad: "Used to be in a Dell computer but I removed it. I didn't bother deleting the files off it but this can be easily done." Information recovered:
• Bank account numbers;
• Customer names and addresses;
• Customer invoices and bank details;
• Customer car registration information.
• "Second-hand computer hard drives containing sensitive information were bought on eBay
This article appears in the print edition of the Irish Times
www.electronic-recycling.ie
Subscribe to:
Posts (Atom)