Mobile
Employee Privacy Vs. Corporate Liability
Three pitfalls your Bring Your Own Device (BYOD) program can’t afford to ignore.
Save to Folio
Three pitfalls your BYOD program can’t afford to ignore.
Mary D. joined MD&M Inc. in 2009. Being an Apple enthusiast, she was quite excited to learn that the company offered an innovative BYOD program that allows employees to use their own iPhone for work. As part of the new hire package, Mary signed the acceptable use policy and was granted access to corporate email on the go.
Mary’s started having performance problems in her second year, and her manager put her on notice. After six months, Mary was terminated. When her manager clicked the ‘terminate’ button within the company’s HR system, a series of automated tasks were initiated, including the remote wipe of all information on Mary’s iPhone.
As it turned out, Mary had been performing poorly because her son John was dying of cancer. Just a few weeks before Mary was terminated, her husband took a picture of her and his son using Mary’s iPhone. It was the last photo Mary had of her son, and MD&M Inc. unknowingly destroyed it. Mary sued the company for damages.
Just how much is the last photo of a mother and son worth? Attorneys and expert witnesses sought to answer that question. They arrived at $5 million.
Three pitfalls your BYOD program can’t afford to ignore.
While Mary’s story is a fictitious case* debated last year by the International Legal Technology Association (ILTA), it’s just a matter of time before stories like this become mainstream reality.
A recent survey by Trend Micro** clearly shows that a majority of companies are already allowing employees to use their personal devices for work-related activities– 75% of organizations in the U.S. offer BYOD programs.
Besides preserving data security and managing a myriad of personal devices, companies must also consider a new set of legal and ethical issues that may arise when employees are using their own devices for work. Here are just three pitfalls to consider:
Pitfall #1: Remote deletion of personal data: Under what circumstances (if any) should the company have a right to remove any non work-related content from an employee-owned device?
Pitfall #2: Tracking individual location: What corporate applications might ‘track’ the location of an employee-owned device? Is the employee aware that this is possible?
Pitfall #3: Monitoring Internet access: Should accessing questionable websites be restricted, when an
employee is also using a personal device for work?
COMING NEXT: How to Avoid These Pitfalls
Reference* http://www.integricell.com/wordpress/?p=61
Reference ** http://bringyourownit.com/2011/09/26/trend-micro-consumerization-report-2011/