Skip to main content
Feb 09, 2015

Current State (for now) of BYOD Laws & Liabilities

There are multiple benefits that organizations can derive from bring your own device (BYOD) programs and the use of enterprise mobile apps. More than two-thirds of businesses have experienced productivity gains and generated improvements in customer response times by allowing employees to use their own mobile devices at work, according to a study conducted by Dell. The use of enterprise mobile apps can also enable organizations to become more agile and drive higher levels of collaboration between employees and work teams by extending the use of mobile technologies and apps. But along with these opportunities, mobile deployments can also lead to serious legal and liability risks. Companies can face legal exposure when employees knowingly or unwittingly disregard corporate security and usage policies and expose sensitive company or customer information to cyber criminals. Not to mention the costs associated with data breaches.

A Ponemon Institute study places the average total cost of a data breach at over $5.4 million for U.S. companies, with malicious or criminal attacks (37%) representing the most frequent causes of data breaches worldwide. Meanwhile, organizations are increasingly facing liability issues related to the use of mobile devices in the workplace. For instance, a recent California Court of Appeal ruling found in the case of Cochran v. Schwan’s Home Service, Inc. that an employee who is required to use his personal cell phone for work must be compensated “…a reasonable percentage of their cell phone bill” following an analysis of California Labor Code section 2802. At this point, case law related to BYOD is relatively thin, making the landscape of BYOD laws and liabilities uncertain for employers.

Cases involving employee-owned devices for workplace usage may just be the tip of the iceberg in terms of the legal and liability issues facing organizations. To help protect themselves, legal experts recommend that companies explore the concept of “legally defensible” and “reasonable security” strategies for personal mobile devices that are used by employees and contractors under BYOD programs.

To reduce their legal and liability risks, organizational decision-makers should carefully examine their existing security and mobile usage policies to help identify and respond to any policy gaps that need to be addressed. Corporate counsel and other stakeholders who do the legwork can help their companies mitigate risk more effectively.


More from the Blog
Aug 08, 2019

Mind the Gap: Applications Are Your Biggest Weakness

Something Has To Change There has been a lot of talk this year about the need to better protect applications, particularly m ...
Read more
Aug 07, 2019

Here Comes CCPA

Ready Or Not, Here It Comes! As of publication, there are 147 days left until CCPA and SB-327 come into effect.
Read more
Aug 01, 2019

A Wake-up Call to the Financial Services Industry and Legislators: It’s Time to Regulate Mobile Apps

The time for resting on laurels is over.
Read more