A 2014 Texas case, related to BYOD, brings up certain issues relating to the rather new and trending concept of BYOD (Bring Your Own Devices). We are now prompted to think about the need of having concrete BYOD policies…
The Texas case
A ruling by U.S. District Judge Ewing Werlein at the District Court for the Southern District of Texas in the ‘Saman Rajaee v. Design Tech Homes, LTD and Design Tech Homes of Texas, LLC case’, made on 11th November, 2014, is what brings alive this discussion on BYOD and BYOD policies. Saman Rajaee, who had worked as a Houston-area salesman for Design Tech Homes (a privately held, family-owned company) had used his iPhone for the job. It’s learnt that since the company didn’t provide Rajaee any cell phone or smart device, he used his phone to connect to the company’s server and access his company email, contact manager, and calendar provided by the company. After having worked for 13 months, Rajaee notified the company that he would be resigning in two weeks. The company immediately terminated him.
A few days later, Design Tech Homes’ Network Administrator remotely wiped Rajaee’s phone, restoring it to factory settings and in the process deleting all data in it- both personal and work related. This made Rajaee sue Design Tech Homes, alleging that their actions had caused him to lose more than 600 business contacts he had collected during his career, family contacts, family photos, business photos, videos, passwords etc. He sued Design Tech Homes alleging violations of Electronic Communications Privacy Act and the Computer Fraud and Abuse Act. But U.S. District Judge Ewing Werlein disagreed and dismissed the case. Personal data stored on a cellphone is not protected under the Electronic Communications Privacy Act, observed the court. Rajaee’s Computer Fraud and Abuse Act claim too was dismissed by the court, which observed that Rajaee couldn’t prove that he had sustained at least $5000 in losses specifically due to either the cost of investigating and responding to an offense or the costs incurred because of a “service interruption.”
The need for BYOD policies
The Texas case involving Saman Rajaee and Design Tech Homes proves the need for concrete BYOD policies, for the employers as well as the employees. If Design Tech Homes had had a BYOD policy, there would have been clarity on things and both the company as well as the employee (Saman Rajaee in this case) would have behaved accordingly and things would have gone a different way. They wouldn’t have had to fight it out in the court.
BYOD is now getting popular with employers as well as employees. It was in 2009 that the term BOYD was used for the first time and it was after 2011 that the trend got popular. Today, with people using smartphones, tablets etc getting so popular, employers are encouraging BYOD. Employees too are happy about it; it’s even reported that BYOD boosts productivity, saves expenses etc and does good to many business endeavours. In this context, it would be good for companies to have concrete BYOD policies. That would help make things clear at the outset and would save many a litigation, as has happened in the case of Saman Rajaee and Design Tech Homes. While employers could act as per their BYOD policies, employees too could do the needful to make sure their personal data is not lost. They could go for regular backup of personal data. Usage of containerization software would also be good because it would help segregate business data from personal data on the phone. That way the employer can resort to wiping only the business data when an employee quits the organization.