Today we have a guest blogger at The Employer Handbook. It's Shannon Dorvall. Shannon is a practicing Los Angeles criminal attorney. She is a graduate of the University of Montana law school, and has argued cases in front of Ninth Circuit Court of Appeals and the Supreme Court. When she isn't writing about law or actually practicing it, Shannon enjoys perfecting her cooking and catching up with a good book
(Want to guest blog at The Employer Handbook? Email me).
As more and more companies move toward a BYOD approach to business, more and more people are beginning to wonder about the legal aspects of BYOD policy. Based on a survey by business software provider Globo, 68% of employees surveyed reported that they use personal devices for work, while only 29% of the same respondents report that their employer has an established BYOD policy--the point here being that BYOD is happening whether businesses want it to or not. The biggest legal questions inherent in a BYOD policy pertain to ownership of property, intellectual and physical, the security of data, and employee privacy; better to look into the issue now than be a business caught with its pants down.
One of the issues that almost all businesses should ask themselves pertains to intellectual property. Let's say that Jim works for an architecture firm that allows him to bring his own laptop to work to draw up drafts. Who owns the intellectual property that is created using Jim's computer? Under the United States' federal patent law, the rights to the property would automatically go to the inventor, though if the invention was created on the employer's dime and the scope of employment, the employer may still be able to claim ownership of the IP through "shop rights". A business owner's best bet is to try clearing up this issue before it becomes one by adding a "work for hire" clause in the employment agreement.
Ownership and Privacy
One of the larger issues involving BYOD is whether or not employers have the right to access, copy, and/or destroy data that is located on an employee's BYOD device. As per the Fourth Amendment of the US Constitution and the Stored Communications Act, citizens are normally protected from unreasonable search and seizure of electronic data stored on neutral property. However, the FTC has ruled that employee emails sent using employer resources are owned by the employer. So are you able to search an employee's phone if they are sending company emails from it?
Some companies are introducing business clauses that allow for shared management, or in some cases, a company will buy a device from an employee for a menial amount, such as a dollar, resulting in a legal transfer of the device, with the commitment that they will sell the device back for the same amount when the employee leaves the organization.
Another issue that employers face is data leakage. If an employee is storing corporate information on their device and then loses that device, or that device is stolen, are they liable for negligence? Some even ask if the simple act of storing trade secrets on a personal device could make an employee liable because of the way that certain clients such as Outlook and Apple Mail store local copies of emails. More importantly than setting down a policy here, companies need to protect their data to the nth degree to avoid liability problems.