The rise of the smartphone has ushered in a new era of information exchange and communication, and employers are wise to stay ahead of the curve and leverage this technology to their advantage. Permitting the use of smartphones and tablets in the workplace can increase employee productivity, help ensure accountability, and improve employee morale, among many other benefits. Recognizing the economic value of a happier and more productive workforce, some employers have even gone so far as to buy or reimburse employees for their own personal smartphones or tablets that are used for both work-related and personal activities. In the information age, these BYOD (“Bring Your Own Device”) policies are popping up everywhere and are a huge boon to the American workforce.
Yet some sobriety, caution and forethought should be given when developing a BYOD policy for your company. Privacy concerns, protection of trade secrets and intellectual property, and cyber-harassment are only a few of the many potential issues a BYOD policy elicits. Creating a policy that fits your specific business and industry – and updating that policy as circumstances change – can help avoid the pitfalls BYOD can create.
Of major concern to most employees utilizing BYOD is their personal privacy. In a recent case, an Ohio federal court held that an employer could be criminally liable under the Stored Communications Act (“SCA”) for viewing an employee’s personal emails on a device she used for both work and personal activities without the employee’s consent. The employer told the employee she could use the company-issued device for personal email, but was given no indication that the employer would look at any such emails. Without a clear policy specifically stating the terms of privacy expectations on such devices – whether personal or company-issued – the court held that employers may be liable for monitoring or accessing personal communications. The court went so far as to indicate that employees must give specific, clear authorization to the employer before it can monitor its employees’ communications.
For employers, a greater concern may relate to trade secrets, intellectual property, and other confidential information. Employees who use BYOD will inevitably have access to some non-public information – possibly residing in their email, or on some type of remote access technology. Depending on the nature of the business or the industry, a BYOD policy should contemplate how to protect this information from inadvertent disclosure. This may include device monitoring via a global tracking system, the ability to remotely wipe the device, or the installation of spyware protection software.
For all the advantages BYOD provides, a sober approach to crafting an effective policy is imperative. However, the legal landscape has yet to catch up with the rapid pace at which employers are embracing new technological advances, which makes creating an effective policy all the more difficult. If your company permits or is contemplating BYOD in the workplace, being ahead of the curve with the applicable policies can help avoid a hangover in the future.