ALM Properties, Inc.
Page printed from: Corporate Counsel
Select 'Print' in your browser menu to print this document.
Investigation of Employee Mobile Device Apps
Law Technology News
With mobile devices such as laptops, smartphones, and tablets common in the workplace, employees personal social media and webmail content may invariably find its way onto devices and into the hands of employers. Employers must carefully consider the implications of personal data being accessible to company managers or IT personnel, and be sure that policies, training and protocols are established to reduce or eliminate risks.
Indeed, many corporations are embracing the "dual use" phenomenon. In policies for both company-owned equipment and bring your own" devices, the overarching goal is to facilitate employees effective and efficient use of time. Not long ago, employers and their counsel focused primarily on risks associated with accessing email, whether corporate or personal. But the explosion of mobile applications that users download onto smart devices has increased the challenges and risks. Today's apps now can store or export data onto or from mobile devices, raising potential trade secret and data protection risks.
For example, the email alerts provide information regarding the substantive content of the message, including sender, subject, and the first few lines of the emails body. Similarly, the Facebook alert conveys that the employee has been tagged in a friends photo or that comments have been made to a post she wrote or in which she is tagged. If the employee is later terminated and her device returned to the employer, are there additional risks associated with examining her device and the data stored on it?
When a device is turned in, basic investigatory safeguards can help protect the company. For instance, as a starting point, to avoid inadvertently accessing the personal accounts, the device should be fully powered-off before it is returned. From there, only a properly trained technician should examine the device, disabling the automatic login features, if it is possible to do so (to avoid additional, automatic transfer of app information). Human resources and IT personnel can help an employer avoid falling into the traps discussed above if they are aware of the risks and are trained on how to handle such media.
Lauren Schwartzreich (firstname.lastname@example.org) is e-discovery counsel based in New York City and Aaron Crews (email@example.com) is e-discovery shareholder based in Sacramento, at Littler Mendelson.
This article originally appeared in Law Technology News.