ITAD in the United States: R2, E-Stewards, and State Laws

Key US Frameworks for Mobile ITAD

R2v3 (Responsible Recycling Standard)

R2v3, published by Sustainable Electronics Recycling International (SERI), is the leading certification standard for electronics recyclers and refurbishers in the US. It covers responsible recycling and refurbishment practices including: data destruction requirements, focus material (hazardous material) management, downstream vendor management (ensuring your recycling partners are also responsible), and environmental health and safety.

R2v3 certification is facility-specific and requires an annual audit by an accredited certification body. For SMB operators, R2v3 is not always required — it is most critical when pursuing enterprise ITAD contracts with government agencies, large enterprises, and organisations with formal vendor compliance programs that specify R2.

E-Stewards Certification

E-Stewards, developed by the Basel Action Network, is a certification for electronics recyclers that emphasises environmentally responsible practices, specifically prohibiting the export of hazardous e-waste to developing countries. E-Stewards-certified operators provide assurance that no toxic electronics go to substandard facilities overseas. Some enterprise clients — particularly those with strong corporate responsibility programs — specify e-Stewards alongside or instead of R2.

NIST SP 800-88: Guidelines for Media Sanitization

NIST Special Publication 800-88, "Guidelines for Media Sanitization," is published by the National Institute of Standards and Technology and is the federal government's benchmark standard for data destruction. It defines Clear, Purge, and Destroy levels of sanitization and specifies appropriate methods for each storage media type. For mobile devices, cryptographic erasure meets the Purge level of NIST 800-88.

NIST 800-88 is not a legal requirement for private-sector operators, but it is the most widely referenced standard in enterprise ITAD contracts and is required for federal government contracts. Claiming NIST 800-88 compliance requires using erasure tools that implement and document the standard — not simply performing factory reset.

State E-Waste Laws

More than 25 states have enacted electronics recycling laws. Key states with established programs:

• California: Electronic Waste Recycling Act (SB 20/SB 50) — advance recycling fee on covered electronics, registered recycler requirement
• New York: Electronic Equipment Recycling and Reuse Act — manufacturer take-back program
• Texas: Texas Computer Equipment Recycling Program (TECYCLE)
• Washington: E-Cycle Washington program
• Illinois: Illinois Computer Equipment Recovery Act (ICERA)

ITAD operators and buyback businesses that process end-of-life electronics must comply with the e-waste laws in each state where they operate. This primarily means using certified recyclers (rather than general waste disposal) for non-resalable devices and maintaining records of recycling transfers.

Data Privacy in US ITAD

While there is no single federal data privacy law comparable to GDPR, US ITAD operators face meaningful data breach exposure under state breach notification laws (all 50 states) and sector-specific laws (HIPAA for healthcare data on devices, GLBA for financial services data). State privacy laws — CCPA/CPRA in California, VCDPA in Virginia, CPA in Colorado, and others — create additional obligations.

The practical implication: certified data erasure on every device, documentation of the erasure standard used, and per-device erasure records are not optional for US ITAD operators handling devices that may contain personal information.

For US Operators Starting an ITAD Business

See the full guide to starting a buyback business in the US, including second-hand dealer licensing, IMEI check services, and the wer.org platform configuration for the US market.