Skip to main content

Exercise Care With Holiday Donations of Technology

Please read if you are considering a donation of technology devices!!  Failure to properly address stored information could expose your personal information and that of others -- and could expose you and/or your company to liability under federal and state laws for non-compliance with laws regulating disposal of personal information.

During the holiday season, many organizations are soliciting donations of old cell phones or laptops to be repurposed.   This is an excellent way to "reuse, reduce, and recycle" and puts those useless (to you) items to use in a positive way, but please remember -- important and private data reside in your cell phone's internal memory, even if your phone has a removable SIM card and merely "erasing" data on your hard drive will not eliminate it.    PINs, passwords and other critical information are often stored in a cell phone's memory.  The more mobile apps you use, the more important it is for you to ensure that you wipe the cell phone internal memory before donating, trading-ins or selling.  Hard drives on computers or laptops to be donated should be wiped clean using disk sanitizer software.


Some tips -

1) Don't forget to remove the SIM card!

2)  Call logs, photos, memos, and other information might reside in the phone's internal memory, and are often difficult to delete if you rely on the phone's manual (and who keeps those, anyway??).    The folks at ReCellular - a cell phone recycling service - have a great solution called The Cell Phone Data Eraser.  It lets you choose the brand and model number of your phone, and then displays the precise commands you need to delete every piece of data from it.    The ReCellular website is  If you can't find the info you need here, most cell phone manuals are available online at the manufacturer website for download.

3)  Use disk sanitizer software to wipe information from hard drives before donating computers or laptops.  It's available for free download at many sites and uses Department of Defense-level algorithms for triple-wiping hard drives.

If you think you can circumvent the privacy threat by sending your phone back to your service provider, you could be mistaken. According to one report, a customer who returned a malfunctioning phone to a provider and received a replacement was contacted some months later by a purchaser of her refurbished phone that contained all her personal data.

Don't let this discourage you from turning those paperweights back into useable technology for folks who need it -- just take some extra time to protect your personal information and that of others which may be stored on those devices.


Subscribe To Viewpoints


Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.