The care with personal data is a constant concern for those who live online – and, according to data from the annual TIC Domicílios 2023 survey, already 84% of Brazilians. Electronic devices such as smartphones, laptops and cable TV decoders store sensitive user information, which raises questions about the security of this data during the refurbishment process for the device to find a new owner
A study by Gartner, published in 2021, identified data security as one of the main concerns in refurbished devices, pointing out that up to 40% of second-hand smartphones contained malware or data from the previous user. Various other studies and reports confirm the existence of security risks in refurbished devices. It is the case of the research from the University of Glasgow in 2019, that discovered that 21% of tested refurbished iPhones contained malware; and from a BBC report in 2020, pointing out that some refurbished laptops came with pre-installed spyware
Carlos Tanaka, CEO ofPostalGow, leading company in specialized logistics solutions in the telecommunications sector, highlights the importance of strict security protocols. "It is essential that companies implement robust measures to ensure that customer data is completely removed before reintroducing a device to the market", affirms
The importance of rigorous procedures
Electronic devices, when being collected for maintenance or refurbishment, may contain a variety of personal information, as consumption data, usage preferences, passwords and payment records. The absence of an efficient data management policy can result in privacy violations, with the leak of financial records, intimate photos and highly confidential professional documents
To ensure data security, it is essential to adopt strict cleaning procedures, including the use of specific software for the complete removal of information. Furthermore, the implementation of encryption practices during the transport and temporary storage of devices can prevent unauthorized access
Security policies in refurbishment companies
Companies that deal with the refurbishment of electronic devices should adopt security policies that include regular audits and ongoing employee training. The implementation of recognized certifications in the market, like ISO 27001, can ensure compliance with international information security standards
Carlos Tanaka concludes by reinforcing that consumers have the right to demand transparency when purchasing a second-hand device. Protecting customer data is a responsibility that must be taken with the utmost seriousness. This needs to be clear to the clients, "at the risk of jeopardizing the reputation of the service and the company", alert the specialist
