Is “Bring Your Own Device” to work legal?

Written By Todd Mitchell

I am intrigued by the concept of the BYOD or company owned device. Is the company who owns the device liable as well as the employee who clicked the unintentional link? Just because you can work from anywhere doesn’t mean you should work from everywhere (Genova, 2010). On June 5, a U.S. District Court for the Northern District of Ohio, in Lazette v. Kulmatycki held that a supervisor, using a company-owned BlackBerry mobile device to access a former employee's personal e-mail, was not authorized by the mere fact that the device belonged to the employer (Klein, 2013).

A former Verizon employee claimed that her then-supervisor read more than 48,000 of her personal e-mail messages using the company-issued BlackBerry she returned when she left the company. The plaintiff was told by her employer that she could use the BYOD for personal email. The personal email account was not deleted by the supervisor and in fact was used to monitor her emails for over 18 months (Klein, 2013).

References

Genova, G. L. (2010). The anywhere office = anywhere liability. Business Communication Quarterly, 73(1), 119-126. Retrieved from http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=bth&AN=48858821&site=eds-live&scope=site

Klein, S. (2013). Liability lessons from lazette case for employers with BYOD policies Mondaq Ltd. Retrieved from http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=edsgbe&AN=edsgcl.339632825&site=eds-live&scope=site

Todd Mitchell
Previous

What is Penetration Testing and Reverse Engineering?
Next

Should the Cyber CZAR be a politician?