At the dawn of portable electronic devices, they were primarily work-related productivity tools. Often, employers would purchase (or lease) devices and distribute them to their need-to-have employee base. It’s not so long ago that we can remember when the Blackberry transitioned from a business device to a consumer device. Everybody wanted a Blackberry (weren’t those the days for RIM?) and free email providers like Yahoo and Gmail offered accessibility of their email content through the Blackberry.
Then, mobile devices got smart. They became phones and productivity tools and the footprint shrunk from two devices to one. One smart device that was both phone and email. And, of course, all those cool new apps.
Consumer demand skyrocketed and consumers (those same folks who are employees) didn’t want two devices to lug around; they only wanted one device. And employers were losing some of the benefit of employees having mobile productivity tools, as the “work phone” often got left on the dresser at home.
Navigating the IT, privacy, security, and intellectual property issues was difficult enough. After a few years, though, the law is catching up with BYOD. So here are some things you should continue to think about if you haven’t looked at your BYOD policy in a while:
Be careful about the remote wipe.
Many corporate BYOD policies allow or require an employee’s phone to be wiped in the event the device is lost or the employee leaves. This is likely to protect the employer’s confidential, sensitive, or proprietary information that may be at risk. Courts have held this permissible, even when the wipe is complete – deleting all the personal information (e.g., pictures) of the phone’s owner. But, honestly, it’s kind of rude to wipe someone’s phone and put it back to its factory settings when they quit. There is way to partition the memory so that only the work-related areas are wiped upon a departure. At a minimum, explicitly make your employees aware of when a device may be wiped and what a wipe will really do to their devices. If they know the potentially drastic results to their personal data, they may actually prefer two devices.
That pesky overtime.
Non-exempt employees checking email at home after hours – is that work for which they should be paid overtime? Likely so. Are employers capturing this time? Probably not. Are employers getting in trouble because of this? Yes. Either capture ALL work-related time for non-exempt personnel, or do not allow non-exempt employees to access work-related content after working hours.
Consider reimbursing your employee for at least a portion of their device costs.
If your state law requires that employers reimburse employees for all expenses incurred in discharging their work responsibilities, you might want to consider reimbursement even if your employees don’t have any additional expenses associated with their work-related use. California has already weighed in, and other states will likely follow.
Ugh. The dreaded litigation hold. Data from on premise, cloud-based, and mobile storage devices is all potentially in play as part of the eDiscovery process. The penalties for failing to get this right can be stiff. If you can reasonably anticipate litigation, and there is discoverable content on your employees’ device, the rules may require you to find it and keep it. The revised Federal Rules and approach to proportionality might impact the issue. Your litigation counsel or eDiscovery specialist needs to help you figure this one out.
BYOD has advantages, for both the employee and the employer. But you need to think it through, on a regular basis, as “the times, they are a-changing.” And share some of the results of your thinking with your employees. Both parties are better off with more information, not less. Most employers these days come down on the side of BYOD, but don’t make the decision in a vacuum. Be smart, just like your phone.
By Janine Bowen of LeClairRyan