Some answers. We will definitely document our way of working with groups, especially in a decentralised, Covid-safe way. We can share here.
Who is responsible for wiping the data off the hd/ssd - us or the donor?
In most cases, it’s the receiving group and their volunteers. Individuals don’t always do this. We have great advice on our Wiki. Companies often wipe machines and/or remove drives before they donate them.
How are these covered for Windows licensing (using the original OEM key on the laptop?, or maybe installing linux?)
Nobody we know puts Windows on these machines. Too much of a hassle. It’s Chrome OS or Linux.
Is a waiver required by the organisation receiving the laptops, or does the insurance that most Restart groups already have cover this?
Each receiving org has their own protocol. Re insurance, we can only assume that they have the most basic public liability insurance to cover their work, and safeguarding policies. Don’t think any insurance would cover data breaches or problems with this sort of work, but I could be shown otherwise.
Also noting that some organisations don’t give away the laptops, they loan them out, so they even have agreements with recipients. This is an interesting approach and probably increases the sense of shared responsibility all around.