First Reference company logo

First Reference Talks

News and Discussions on Payroll, HR & Employment Law

decorative image

Whose device is it anyway?

device

Technology continues to blur the lines between our personal and work lives. How often have you answered a client email on your work laptop, only to receive a follow-up question via text message on your personal phone?

Many workplaces have adapted to the fluid use of technology and encourage their employees to use their own technology at work through bring your own device (BYOD) policies.

BYOD can provide many benefits to workplaces and employees. It has been shown to improve efficiencies and worker engagement while powering a more innovative, productive and collaborative workforce.

As the use of mobile devices increases relative to personal computers, and as organizations continue to embrace the benefits of remote working arrangements, we believe that BYOD will continue to trend upwards.

But what are some of the legal risks and best practices surrounding BYOD which organizations should be aware of?

Permitted uses

Employers should define the acceptable uses of personal devices for work purposes. An employee’s use of email, instant-messaging and the internet can be a vehicle for inappropriate, discriminatory or harassing behaviour, especially for employees who feel less inhibited using their personal device.

For example, an employee who exchanges inappropriate images with another employee on their respective personal devices could be engaging in workplace harassment. As such, employers should be clear about the acceptable uses of workplace technology, regardless of who owns the equipment.

Vicarious liability and security

Vicarious liability refers to a concept whereby employers can be held responsible for the negligent actions of an employee, which includes an employee’s use of technology.

What happens when an employee’s personal computer is stolen, yet is flush with highly sensitive client information and which has minimal security preventing access to the computer, company networks and applications?  What about an employee who uses their personal computer to visit questionable websites on their personal time and is then subject to a malware attack which places confidential company information at risk?

Employers should educate employees on the importance of security best practices, such as not storing any work product locally. Organizational best practices can also include using a password manager like LastPass and using a Virtual Private Network (VPN) to add security and privacy to private and public networks.

BYOD policies should also contemplate the security of confidential information on personal devices for departing employees. The exit requirements should include a process for deleting data and proprietary information, as well as revoking access to organizational networks and applications.

Overtime

We have previously written about some of the issues surrounding constant connectivity, which can include claims for unpaid overtime to employees who are checking and responding to emails after work hours. This is especially true for remote workers and workers who use their personal devices at work. Employers should therefore have clear policies about the use of personal devices for work related activities after hours.

Takeaways

While there may be some logistical hurdles in implementing an effective BYOD policy, we do not think it is something employers should shy away from. Studies suggest that up to 67% of employees use a personal device at work, whether an organization has a BYOD policy or not. You might as well embrace the fact that your top performers will check their work email on their brand new iPhone and access your cloud platform from their tablet in a trendy coffee shop on a Sunday afternoon.

Organizations should therefore proactively devise and manage effective BYOD policies so that both employers and employees can reap the benefits of leveraging technology in the workplace.

If you need help developing a BYOD policy, we would be glad to assist.

Follow me

Lisa Stam, Spring Law

Founder of Spring Law, Employment and Labour Lawyer at Spring Law
Lisa Stam is founder of Spring Law, a virtual law firm advising exclusively on workplace legal issues for employers and executives. She practices all aspects of employment, labour, privacy, and human rights law, with a particular interest in legal issues arising from technology in the workplace. Lisa’s practice includes a wide range of entrepreneurs in the tech space, as well as global companies with smaller operations in Canada. In addition to the day to day workplace issues from hiring to firing, Lisa frequently blogs and speaks on both the impact, risks and opportunities of social media and technology issues in (and out of) the workplace, as well as the novel ways in which changing expectations of privacy continues to evolve employment law. Read more here.
Follow me

Latest posts by Lisa Stam, Spring Law (see all)

Kindle

, , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *