The Legal Complications of BYOD

As more and more companies rushed to hastily implement their own home-cooked BYOD-based mobile device/apps management policies to cash in on the new fangled idea of gaining enhanced employee productivity, industry experts warned that there were bound to be a few problems along the way. Though most of these problems were related to device management and corporate data security, many legal concerns have also emerged from BYOD implementation. In a BYOD environment, employees are allowed to use the same device for both personal and work-related activities. Here we will discuss some of the grey areas created by BYOD implementation by companies.

Employer’s access to Employees’ Personal Messages/Data

It really was much easier in the RIM (Research In Motion) age of long ago with only a few company-owned BlackBerry phones handled by a select group of high-ranking individuals, who connected to the enterprise network using those mobile devices. As it was company property, there was no question that whatever data was on the device was owned by the employer and the employee was expected to use the device only for of work-related activities. Following the implementation of BYOD, it’s not so clear anymore and many companies forgot to include express instruction related to management of personal data contained on those devices. A device bought and used by an employee under the employer’s BYOD policy may or may not contain a clear definition of what data on the device can be accessed by the employer. In such uncertainty, either party can (and probably will) perceive their situation to be infarction on their rights and demand for legal advice. Personal messages and personal data are only the tip of the iceberg- the situation could include an employee’s personal project, which is considered to be in direct conflict with a current project of the employer and so on. In each of these cases, if a carefully worded legally-valid document stating the current BYOD policy of the employer is unavailable, many of the cases could end up in court and lead to wastage of both time and money for all parties concerned.

Till some years ago, the practice of introducing spyware into enterprise computers to monitor employee behavior was considered to be an acceptable practice and such invasion of privacy was believed to be essential for securing the employer’s interests. Currently, companies have moved towards alternate methods such as blocking access to web pages using firewalls or restricting access to corporate networks using user authentication systems, key-based encryptions etc. Many offshore software development companies provide such enterprise security solutions to companies all over the world. Unfortunately, BYOD devices are not owned by the employer unless they provide reimbursement for the device purchased by the employee and mention the same in the BYOD policy document. This is a veritable legal mine-field and there is often no clear answer to the question it poses about- employee’s rights vs. employer’s rights. There are additional problems too, such as, what can the employer legally do, if an employee’s BYOD device contains potentially illegal data such as pirated music, pirated videos or other restricted material? Does the employer have the right to wipe such data or just inform the employee about a possible legal infarction? By informing the employee about the possibility of legal infarction, does the employer become an accomplice to the crime committed by the employee? These are but some of the tough questions that an organization’s legal department needs to figure out in order to develop an efficient BYOD strategy.

The Grey Area Intersecting Cyber Risk Insurance and BYOD

In legal terms, an organization (company) is considered to be an entity with the right to protect its existence as well as itself from criminal acts as well as other actions that have a detrimental effect on its operations. In order to reduce the losses incurred by breach of data security, many firms are resorting to the use of Cyber Risk Insurance as a tool to reduce probable losses. However, a new problem has emerged subsequent to introduction of BYOD in the enterprise. A number of the current cyber risk insurance policies currently in effect, provide organizations coverage for only those security breaches, which originate from company-owned devices. As, BYOD devices are employee owned and not company-owned (unless otherwise mentioned in any employee-employer agreement), such devices are not covered by many of the existing and currently applicable Cyber Risk Insurance policies. In such a case, if a security breach in the corporate network occurs due to improper usage of an employee-owned BYOD device, the insurance company can (and most probably will) decline any payout to the organization as such as device is not covered by the currently applicable Cyber Risk Insurance policy. I think this classifies as an example of the classic “out of the fire pan, into the fire” situation!

Some Probable Solutions

The first possible solution can be based on the point of view that “prevention is better than cure.” To that effect, an employee can choose to own two separate devices one for use at the workplace and the other for personal use, however that nullifies a key benefit of BYOD- having a single device of the employees choice for all of his/her work and personal requirements. Some legal experts have also advised employers to seek legal counsel at the time of signing a BYOD agreement to ensure that their rights as an individual are not infringed by the agreement, however, in practice that might be difficult as well as quite unfeasible for both the employee and the employer. The unfortunate fact is that, legal processes tend to move quite slowly as compared to the blazing speed of IT technology and mobile apps development and this creates gaps such as the gap caused between BYOD and its legal implications for the enterprise. It hence falls upon companies to introduce proper protocols to ensure that such situations are prevented wherever possible and also ensuring that an employee understands the ramifications of the security policy / BYOD policy currently followed by the employer. All of this is a source of concern provided that employers actually continue with the deployment of BYOD at the work place, though it is doubtful that the policy of enterprise BYOD would reverse itself following the current enterprise environment.

With respect to the cyber risk insurance situation, it is definitely advisable for organizations to carefully review the existing terms and policies of their insurance. If required, organizations would negotiate with the insurance to add new elements to the existing policy or if necessary, search for a new insurer to ensure that the corporation’s interests are adequately protected. Additionally, investing in custom software development targeted at strengthening the security of sensitive corporate data available on the company’s servers would also help organization weather out this BYOD storm.

Cyber Bullying Can Now Lead Cyber Bullies to a Fine of Up To Dollor 1000 or 1 Year in Jail

The most popular social networking site Facebook that was designed to catch up with old friends and make new ones has always been in the news for cyber bullying since the term was coined a few years ago. Well not anymore, because this New Year the law has changed in California to penalize those who try to harm others by using fake profiles and e-mail addresses, with the bullying leading to a fine of up to $1,000 and one year in jail.

Cyberbullying can be more destructive than physical violence in a lot of ways because users can remain unidentified on the web, bullies get the chance to take harassment to the extreme and rarely get caught. In reaction to the growing problems surrounding cyber bullying and e-impersonation that are affecting children and adults nationwide, the facebook law is created!

“What Facebook users considered just a prank before is now a defiance of law and I hope it reduces cyber bully and increases internet safety for kids,” remarked the co-founder of popular internet marketing service, Safety Web () .

Cyber bullying has garnered nationwide attention in the past few years, with many teens committing suicide because of insensitive teasing online by their peers. It is also seen that the bully’s victims often find it difficult to self-report such incidents. Increasing concerns about teenagers safety on social networking sites like Facebook have incited the team of , the leading Web-based Internet monitoring software for parents, to launch the new “Find Help” application on Facebook.

It’s the first online help tool of its kind that enables teens using Facebook to promptly report any violation to Facebook officials. It also involves the leading safety and crisis support organizations related to cyber bullying, child abuse, child exploitation, suicide and depression, runaways, hate issues, drug abuse and issues related to alcohol abuse.

Along with that, parents can also opt for the Facebook monitoring services by to help defend kids from common online dangers. SafetyWeb makes protecting kids and teens online activity easy for any parent with no software to download or programs to install. Parents just need to simply sign up and submit their child’s email address and SafetyWeb takes care of the rest, scanning 45+ social network sites. SafetyWeb also offers a mobile integration allowing parents to use the service from their iPhone. It can also help you in monitoring cell phones of your kids and teens to protect them from bullying on phones.

For more information on protecting your children from cyberbullying, please visit:

Internet Copyright Laws And Why They Don't Always Work

Laws and regulations are an integral part of modern society, and they have been with us for a very long time, many centuries to be exact, giving us a guide to follow and conventions to respect. Well, the Internet has also become an integral part of modern society, and it’s no wonder that many countries all around the world are trying to create Internet or Cyber laws that will govern everything we do online. One of the most important Internet laws is in fact the Internet Copyright Law, and here will be discussed how it works in some detail.

The US Internet Copyright Law

Everything created on the Internet after the date of April 1 1989 is protected under the American Internet Copyright Law. This can in many cases probably be difficult to understand, but the fact is that if you come from the USA, and you have created something and uploaded it on the World Wide Web is the last 20 years or so, this work of your is protected, and it cannot be stolen by anybody. However, this is true only in theory.

The Problems with the Internet Copyright Law

Yes, it is true that you hold all rights to your work as the original author ever since your work has seen the light of the Internet day. Yes, it is also true that you have the right to take action if someone happens to steal your original work from the Web. However, the problem arises when there is more than one country involved in this process. Namely, if you are an American, and your work has been illegally downloaded by a person from let’s say Albania, there’s probably nothing you’ll be able to do about it. The reason for this is the fact that most countries don’t have any rules or regulations regarding the Internet, so even though you might know exactly who stole your work, in many cases you will not be able to act on this fact.

Another important issue related to the Internet Copyright Law is the fact that you often cannot know who violated the law, meaning that there are ways to steal your work from the Internet without you knowing who was actually responsible. For example, modern technology can, by tracing IP addresses, tell you where the person who stole your work was, but can never tell you exactly who this person is.

The Internet Copyright Law and Plagiarism

Plagiarism is another interesting subject related to the Internet Copyright Law, as in many cases it cannot be proven. For example, if you have taken a photograph and uploaded it to the Web, and if someone took this photo without crediting you as the original author, then you can make this person remove the photo, or even sue the person. However, if you have written an original article, for instance, and uploaded it on the Internet, you cannot do anything if someone read your article and steals the idea, even though plagiarism is actually defined as using someone else’s words, quotes or even ideas as their own.

Attorney General Declares War on Cyber Criminals

As criminal attorneys focused on white collar investigations and jury trials, we have seen a noticeable increase in the prosecution of computer related crimes. This is no surprise as United States Attorney Eric Holder has made the prosecution of “cyber crime” a priority for his administration. It is the Attorney General’s responsibility to assist legislators in drafting laws that address crimes involving rapidly changing technologies. In addition, his office must develop investigative techniques to solve cyber crimes – crimes which are typically committed by more sophisticated and savvy individuals with no eye witnesses.

There has been a noticeable increase in recent years in prosecutions for computer crimes such as identity theft, unauthorized access to computer databases, wire fraud related to illegal use of the internet, child pornography, internet child enticement, and the like.

There seems to also have been more international cooperation with the Attorney General in the prosecution of alleged cyber criminals abroad. For several years, Nigerian check scams, eBay fraud and the like were rampant, but difficult for prosecutors to stop due to the fact they were being committed by faceless computers from thousands of miles away. With more focus on capturing those responsible for these international schemes, there have been more extraditions and prosecutions in the United States such as the prosecution of Emmanuel Ekhator who is accused of stealing over $32 million dollars from 80 United States law firms from over seas in a fraudulent counterfeit check scheme initiated over the internet.

With this zealous focus on cyber crimes, the technology used by cyber criminals evolves at a faster pace than the technology of law enforcement. It is believed that cyber criminals have developed technology in some cases that allow them to remotely access the computers of unknowing persons and commit crimes from their computers without the owners’ knowledge or involvement. This is dangerous for those charged with computer crimes, and it must be determined if they are the actual perpetrator, or an innocent patsy whose computer was hijacked.

With our day to day lives being conducted on the internet through social media, email, and even online banking, cyber crime is not going anywhere, and we expect more innocent computer owners will find their computers being utilized by remote criminals. If you find yourself charged with a computer related crime, it is important for you to contact a knowledgeable criminal attorney who has experience in representing those accused of technological crime.