Risks of smartphones in companies

Category: Nachrichten
By: F. Fiesel - 2B Advice GmbH - the privacy benchmark

In addition to constant telephone accessibility, smartphones offer the advantage that employees also have on-the-road access to their e-mails and appointment calendars. Yet, the use options go far beyond such mentioned functions, and harbor an enormous potential for legal problems.

Therefore, particularly with the use of smartphones in the company, it is important that it be made certain that nothing is left to chance.

 

Thus, initial policy provisions must be adopted for the use of smartphones, and adherence to them by all employees must be obligatory.

Such policy provisions should cover at least following points:

 

- Private use

Depending on whether the private use of business smartphones or mobile phones is permitted, different laws are applicable upon the evaluation of the use data.

 

If private use is permitted, an evaluation by the employer is no longer permissible; whereby, controls that are subject to the duties to exercise diligence of the management and/or the management board can no longer be conducted (e.g. § 93, para. 1 of the German Stock Corporation Act (Aktiengesetz)).

 

Here, the evaluation of the use data falls under the German Telecommunications Act (Telekommunikationsgesetz).

 

However, if private use is not permitted and it is also not tolerated, it is permissible for the employer to conduct an evaluation of the call records.

Moreover, the employer has the right to check whether the prohibition on private use is also actually adhered to.

 

Thereby, if a violation should be discovered, this can punished by disciplinary measures. However, such controls may take place only by random sampling in intervals (max. every 6 weeks), and may not lead to employee monitoring.

 

- Security

Smartphones contain more personal data than ordinary mobile phones, since they can also contain e-mails or files. Therefore, special security precautions must be implemented at a technical and organizational level, such as, for example, the mandatory entry of a security code for the unblocking of the device, or the deletion of the entire device memory after the incorrect entry of the unblocking code for a certain number of times.

 

- Obligatory policy provisions

Obligatory policy provisions are the basis for all further steps that concern the use of smartphones.

 

The guidelines for security and use must be recorded in writing in a document obligatory for all employees, in order to create clarity as to what is permitted and what is prohibited.

 

As a logical consequence, violations may be punished only if there are fixed policy provisions for this in the company.

(1712 times viewed)