For businesses who want to cut cost and improve employee moral (i.e. every business), a bring your own device (BYOD) policy might seem like the obvious choice.
After all, by allowing employees to supply their own hardware, organizations can save substantial amounts of money, while also increasing productivity in the work place.
However, along with the many advantages that a BYOD policy could provide, there are also certain negatives that need to be considered. Issues such as security, ownership, and payment could all put the brakes on your BYOD adventure. And among these potential problems, perhaps the biggest is the issue of legality.
If not handled properly, your company’s BYOD policy could put you at odds with the law. Here are a few things to consider:
1. E-discovery on personal data
So, let’s say that an employee has been using his or her own device for company purposes, and at some point the company needs to access that device to retrieve pertinent data. However, while they retrieve the desired information, they happen to discover illegal personal content on the employee’s device in areas not directly related to business. What should the employer do?
While it may seem obvious to some that law enforcement should be contacted, the question of employee privacy is one to consider. After all, the device in question is personally owned; what right does the company have to access it? If the decision is made to prosecute, will the evidence found on the phone be usable in a courtroom setting?
2. Destruction of personal data
Similarly, there are times when company data becomes compromised. When that data is located on a mobile smart device, the accepted method of operation is to use a special app to remote-wipe the hard drive of the lost or stolen device. This allows companies to destroy data before it can be misused.
However, when the device is personally owned, there’s a good chance that some of the data being destroyed is also of a personal nature. Family photos, personal notes, and other non-business related data could also be lost forever, which could potentially put the company at risk of legal reprisal. Really, the question of “Who owns the device?” is one that has yet to be fully answered from a legal standpoint.
3. Violation of National Labor Relation Act
This final legal implication is one that has recently come to light in relation to social media, but could just as easily apply to BYOD as well. Section 7 of the National Labor Relations Act guarantees the rights of employees to “form, join, or assist labor organizations, to bargain collectively through representatives of their own choosing, and to engage in other concerted activities for the purpose of collective bargaining or other mutual aid or protection.”
How does this apply to BYOD? Well, according to the National Relations Act Board, a BYOD policy could potentially “chill an employee's ability to communicate with others about wages, hours and working conditions or to engage in otherwise protected activity.” This means that if employees feel that their right to safely discuss the company is being hindered by corporate access to their own personal devices, then it’s not unheard of that lawsuits could potentially follow. After all, we’ve already seen it happen with social networking.
To combat these issues, organizations need iron-clad, definitive BYOD policy guidelines which outline the rights and responsibilities of both employees and employers. However, even with legal bases covered, BYOD remains a relatively new phenomenon, and only time will be able to expose all of the legal pitfalls associated with it.
Find out more in the BYOD sessions at Enterprise Apps World this June