Many of us view sensitive materials every day on our personal computers, tablets, smart phones, and e-readers. What happens when the newest gadgets or processors roll out and we want to upgrade our devices? If you’re like me, you put your current device up for sale on Craigslist or eBay, or send it along to an electronics trade-in website, like Gazelle.
Theoretically, that sounds reasonable. The problem arises where people resell these devices without adequately erasing data from their hard drives. I say adequately because you, as a loyal LG reader, are smart enough to know that you should delete your data before sending it along to a third party. Unfortunately, as Zeddicus Zu’l Zorander is so fond of pointing out, “Nothing is ever easy.”
Many lawyers seem to think that simply reinstalling the machine’s operating system is sufficient. It’s not. In fact, when you reinstall Windows or OS X onto a machine without first performing a secure hard drive wipe, much of your data is still relatively accessible. Depending on the type of installation you’ve performed, the data may even be accessible by a relative computer novice.
Mobile devices and gadgets aren’t completely free of potential liability, either; although some mobile devices are certainly more amenable to resale than others. iOS, which runs on all iPhones and iPads, has had a secure delete function for years. This iOS feature simply deletes the encryption key used to access your data. It is unclear whether or not the underlying data is actually deleted, though. Android devices don’t seem to have such a feature baked into the operating system, but third-party apps — created solely for the purpose of securely deleting your data — are widely available.
Are most lawyers theoretically capable of securely deleting their data? Maybe. Are most going to do it? Probably not. For those people, the obvious solution is to either not sell old electronics, or have a third-party handle the data wipe.
My intent wasn’t to argue one way or the other, but rather, I am hoping to get a dialogue started and possibly raise some awareness about lawyers recycling electronics. To those ends, I pose the following question: knowing that it’s very difficult or impossible to completely erase sensitive client data from your personal electronic devices, is it ethical to resell those devices?1
What do you think?
Incoming search terms:
- sell used electronics
- what store buys used electronics
- ios Secure delete
- ipad comparison
- what do lawyers use in court
- selling used electronics law
- securely wipe mobile for resale
- secure erase ipad before selling
- resale electronics
- post a comment sell used electronics
- The caveat being that this is generally only true if your machine is purchased by a hacker or computer guru. [↩]
Related posts:
{ 4 comments… read them below or add one }
I DBANed my last computer when I got rid of it. While it might be well-known among people interested in tech. things, it doesn’t strike me as the kind of utility that a ton of non-tech. people would know about…
When I resell or give away laptops, I wipe the hard drive with Kill Disk. The free version writes zeros over all disk sectors. (There’s a paid version that will do three passes, but I think the free version is sufficient.) Depending on the size of the hard drive, it can take several hours, but you can just leave it alone to do its thing, and it’s so simple that even a novice can use it.
I do not think they should be able to. One used computer given to a family member, had confidential information. Contracts, work product, totally left for anyone malicious to use it. We donated it an organization that wipes the data before donating the computers to schools. I do not think they should sell them without switching out the hard-drive.
It’s actually a little more complicated with flash-storage devices, suck as the iPad and MacBook Air depicted in the image. Consider: http://www.macworld.com/article/158217/2011/03/securessd.html