BYOD poses data privacy challenge for businesses

North Americans are inextricably tied to their mobile phones. The Pew Research Center’s Internet & American Life Project has shown that in 2013, more than 90 per cent of North American adults own and operate mobile phones.

Interestingly, 56 per cent of that total consists of smartphone owners – that means that there are now more smartphone users than regular cell phone users and non-users combined.

It’s pretty easy to see how this came about. Mobile phones are practical, easy to use, and essential to our lifestyle. Of course, that means that there’s something important for us to realize: Our phones store and carry information about nearly every aspect of our lives.

So, what happens with such information if the phone it’s on is seized by law enforcement? This is a highly complex issue, and one that has recently been the subject of a U.S. Supreme Court Ruling.

Deciding on an appeal in the case of David Leon Riley, the court recognized that large amounts of sensitive data are now stored on cell phones and that this information requires a heightened level of protection. It ruled that law enforcement officers must acquire a search warrant before looking at the contents of cell phones seized from people they’ve arrested.

The public response to the ruling

This Supreme Court ruling was well-received by digital privacy supporters. Many see it as a major victory for data protection. Though this may be true, there are additional implications to consider. The heightened value placed on personal privacy will impact both governments and businesses. For example:

  • Governments will have to change the ways in which they conduct electronic and cyber reconnaissance activities; and
  • Companies will have to revisit their approach to the management of proprietary electronic information.

How the ruling impacts businesses using BYOD

The Bring Your Own Device (BYOD) trend is still gaining momentum in the workplace. Many employees engage in this practice because of device familiarity and (perceived) efficiency. The trend, paired with the Supreme Court ruling, means that employers lose a degree of control over conduct on employee-owned devices. It is going to be more difficult for employers to secure proprietary information because the court has positioned digital privacy more in favour of employees.

With this change in digital privacy protection, businesses need to be concerned about how they, their customers, and their partners deal with employees’ personal information in the context of a BYOD device.

In practical terms, this ruling means that someone accused of committing a crime has the right to shield their phone’s digital content from warrantless searches. The barriers to getting warrants aren’t necessarily very high, but they do represent at least one more painstaking step in securing important proprietary information from abuse.

The question is whether the privacy protection rights of employees are going to cause major issues for employers who justifiably want to protect confidential information from being abused or misused.

What’s next for businesses using BYOD

Given the potential for BYOD to leak sensitive information, managers need to design and implement policies that will minimize this risk. Part of this means having to address employees’ love of BYOD.

In the case of protecting one’s business, a policy of furnishing employees with corporate-owned devices that they can personalize (i.e., corporate-owned, personally-enabled, or “COPE”) offers organizations much more control. This in turn enables better security and could mitigate the impact of privacy protection laws.

Naturally, personal information must and should be secured against inappropriate prying, but this right must be balanced against business owners’ needs to protect themselves as well.

Chris Thierry
Chris Thierry
Chris Thierry, is the President and Founder of Etelesolv, Canada’s leading provider of telecom and IT expense management software. His team recently developed the new platform, Cimpl, which helps organization connect information, clarify the data and gain control over their assets. You can reach him at [email protected].

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Latest Blogs

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.