Bring Your Own (Tech) Device to Work? That Could Be a Problem…

 I am writing this post on workplace issues while at work, but I’m using my personal laptop computer to do it. Could that be a problem? Potentially, yes.

This issue (particular, of course, to our age of rampant technology) has been written about often enough to get its own acronym: BYOD (“Bring Your Own Device”) and here’s what employment lawyers want you to know about it:

1. It Becomes Harder to Ensure Data Security

“Remember the days when employees would show off their work PDAs, smartphones and laptops as perks of their job? These days, increasing numbers of employees have better access to technology at home than they do at work, with personal devices and apps that are user friendly and convenient in ways that their work equipment and systems are not. Employees also wish to work differently (working remotely, outside regular hours, on the weekend, on vacation, etc. are becoming the norm) and users want their business tools to enable this change. Employees also want to limit their need to carry and manage multiple devices. The answer? Bring your own device to work…

Data security and the risk of data ‘leakage’ has always been a key concern for organizations. The use of company phones, laptops and other mobile devices increases that risk – because, by their very nature, these devices are more easily lost, stolen and accessed. The risk is further compounded when employees start using their personal devices for business purposes as part of a BYOD strategy.

One of the key challenges in designing a strategy to implement BYOD successfully is how to ensure data security on non-company equipment – primarily as a result of it being harder to keep track of where data may actually be, how data is protected and the difficulty of policing the use of personal devices.” (“Bring Your Own Device” Brings its Own Challenges – by Morrison & Foerster LLP)

2. The Line Between Personal and Work Time Blurs (Even Further)

Employers typically refrain from developing policies that attempt to regulate off-the-clock behavior, but when employees are using personal devices sanctioned by the employer for use in the course and scope of employment, the lines between work and personal time blurs. When looking at regulating what employees can do with a smartphone, employers must be careful not to infringe on personal ‘freedoms,’ while also not inadvertently creating an environment that easily allows the entry of offensive material into the workplace. Several years ago, an employer in South Carolina terminated an employee who refused to take his confederate flag sticker off of his personal lunch box. Ultimately, the Fourth Circuit found that the employer had a legitimate, nondiscriminatory basis for terminating the employee. Dual-use devices may be the new “lunch box” for employers, and employers should craft new policies and procedures that anticipate the risks associated with allowing the devices in the workplace.

Moreover, given that employees may use their personal devices for conduct outside of the workplace that would not be permitted on work premises, there is a significant likelihood those activities may bleed over into the workplace. For example, the icons for some Apps or photographs stored on the device may not be suitable for work, yet the employee will be using that same device to conduct work. Employers will need to find ways to deal with the consequences of this blurring of the lines…” (The “Bring Your Own Device” To Work Movement: Engineering Practical Employment and Labor Law Compliance Solutions – an excellent, 68-page primer on the topic by Littler)

3. Companies Need to Establish Policies, Procedures, and Access Agreements

“The simple solutions of the past, such as banning personal use or personal devices, or having separate work and personal devices, ignore present reality. Companies need policies that address how one should handle the employee that demands, or the employer that wants to adopt, a ‘bring your own device’ or ‘bring your own technology’ to work policy — devices which employees then use for both personal and business functions. Developing policies and procedures that will allow and govern such use, while still protecting important employer confidential information, requires sensitivity and balance. Additionally, making sure that the company has express agreements in place that will provide the employer with rights of access, inspection, and retrieval of devices post-employment necessitates clear and forward- looking contingency planning that is legally-informed, technologically-astute, and tactically practical. Experienced counsel who is already addressing these issues with numerous clients can significantly lessen your learning curve and speed your progress…” (Take 5: Views You Can Use – by Epstein Becker & Green P.C.)

The updates (read them on your work or personal “device” – we don’t mind):

Read additional advisories at the intersection of employment law and technology>>