After the advent of BlackBerry, iOS and Android devices, some enterprising companies began to issue company mobile devices, while many others told employees to “bring your own device.” The trend has become widespread enough, it is better known in the business world as “BYOD.” In a 2013 Ovum survey it was found that more than 60 percent of employees surveyed used personal devices to access company data.
No ad to show here.
However, many unique challenges have risen for companies that require or encourage employees to bring their own tablets, smartphones and similar devices to work. While there are technical issues to be ironed out by any company relying on employee’s personal devices, businesses need to consider the complicated issues surrounding intellectual property in an age where both work and play are done on the same device.
Understanding Intellectual Property
Becoming familiar with the basic laws that govern the creation and copyright of intellectual property is the first step to unraveling the many questions surrounding BYOD and intellectual property ownership. Whenever an employee is using a personally-owned device for use in a corporate setting, questions about who owns the content and data stored within arise. In the event an employee is terminated, BYOD companies may find data ownership becomes muddled and unclear.
Under U.S. copyright law, when an employee creates copyrighted work in the frame of employment, that work is owned entirely by their employer. However, the law also states that all inventions are owned by their creator, not the inventor’s employer. This is why many companies require employees to assign any patent or copyright ownership over to the company in the employee’s contract. For independent contractors and freelancers, U.S. law presumes that any and all intellectual property they produce is owned by them, unless specifically signed over in a contract.
Contracts and Policies
Intellectual property ownership is difficult to determine when employees use their own devices without some kind of written agreement to establish the rules of ownership. An employee who has not signed such an agreement could claim a piece of art, data or graphic design, created on a personal device for the company was personal property, and not the property of the employer.
The solution is to draft clearly worded employee contracts and established IP policies. A well-written employee contract should address employee email privacy, intellectual property rights and the employer’s minimum requirements for encryption software and security measures on any personal devices that will be used to access company cloud backup servers, employer provided email, data systems, and and similar resources. The need for documents and policies for BYOD management may not apply to your business now, but technology research group Gartner predicts that by 2017, half of all employers will cease to provide devices, and instead require employees to provide their own devices. By addressing these issues in a clearly written manner, employers can protect themselves from employees unwittingly compromising the security of company systems.
Building a BYOD policies now is a critical step in planning for the future. BYOD policies should be written as a joint effort by many departments. Involving the human resources and legal departments is just as critical as involving software developers, as each group will have a necessary and unique outlook on what a policy should include. Compliance in any BYOD policies should be mandatory for all employees, and they should address rules concerning joining and leaving the BYOD program.
In addition, policies should cover the use of features such as cameras, GPS systems and audio recorders in the workplace. While data loss is certainly the main concern, intellectual property can easily be compromised by something as innocent as a picture of someone waving while seated at their desk. Malicious data theft is easier to deal with when an organization has clearly mandated rules concerning the use of personal devices.
If you plan to create security credentials such as passwords and usernames for your employees, it is critical they are created securely. According to a survey by security software developer ESET, only approximately one-third of devices owned by employees are encrypted. Company policies should set limitations concerning the use of insecure Wi-Fi networks, and ensure personal devices used for work are compliant with company security standards.
Effective BYOD policies can create a productive environment for employees and secure an organization’s intellectual property. Making sure every employee, from executive to sales rep, understand the polices eliminates many of the concerns that arise from staff using personal devices for work. By clarifying company expectations regarding intellectual property rights and safe use of personal devices, an organization can easily reduce the risk of intellectual property loss and foster safe innovation among employees.