Most Canadian businesses these days supply their employees with devices such as laptops, cellphones and PDAs that are then often used by employees after work hours for personal use. In most cases, this isn’t a problem for either the employer or the employee. But too many businesses that issue cellphones, laptops or PDAs to their employees have not taken the necessary steps to mitigate the associated legal risks.
These legal risks can include the fact that employees can use these devices to distribute emails or text messages that defame other parties or that include illegal sexual or racial content (which in Manitoba could give rise to employee and employer liability under The Human Rights Code). Employees may also use these devices to intentionally or unintentionally leak personal or corporate information. Employees, however, may have an expectation or legal right of privacy depending on the circumstances, so wholesale monitoring by employers may not be in the cards.
Doug Cornelius recently wrote on Compliance Building about a U.S. court decision (Quon v. Arch Wireless) concerning police conduct in accessing personal texts sent from a police-issued cellphone:
In that case the court found that a police department had violated the Fourth Amendment and state constitutional rights of employees and the people they exchanged text messages with, when they reviewed “personal” text messages created on devices owned and issued by the police department. It also found that the text messaging provider, Arch Wireless, violated the Stored Communications Act (SCA), 18 U.S.C. §§2701-2711, by providing transcripts of these messages to the employer.
Although this decision is based on U.S. law, similar results could happen in Canada. As a result, Canadian businesses should ensure that their employees clearly understand what they can and cannot do with the devices issued to them. One of the best ways to accomplish this goal is to develop appropriate policies and procedures, which will minimize the chances of being taken to court by third parties or employees.
Brian –
Computer use and internet access has become ubiquitous and the line between personal and professional use has become blurred. Companies need to set reasonable expectations about their use and abuse or they risk getting themselves into trouble.
Doug,
Thanks for sharing your thoughts! You’re bang on when you say that the line has become blurred.
Brian
The last two companies I worked for, attempted to keep my PDA just for ‘business’ purposes. I made it a condition of hire. I am not carrying two devices (unless everyone from the CEO down is doing it as well). If the company wants me to be available 24×7 (which they both did), then there is a cost associated with that. The cost is that everyone has personal lives and people in their personal lives are going to contact them. It’s part of life, deal with it.
I am a reasonable person when it comes to using company property for personal use. However, I expect the company to be reasonable as well. More importantly, I expect the company to trust me to do the right thing, make the right decisions, and back up decisions that I make. That is why they hired me in the first place. If the company is not able to trust me or me them, then it is time to move on.