your employer can wipe your phone clean, American bosses, and more by Alison Green on January 31, 2014 A few miscellaneous things — 1. Your employer might be able to wipe your phone clean … remotely Here’s an disturbing Wall St. Journal article about how if you use your own cell phone for work, your company may have the right to remotely wipe your phone. A scary excerpt: A former employee of Hopkinton, Mass.-based cloud-computing firm EMC Corp.EMC +0.12% who requested anonymity said his phone was wiped a few years ago after he was terminated for not hitting sales quotas. The employee started the job without a smartphone, and EMC didn’t provide one, but he said he was missing late-night notices of meeting changes and other important information, so he purchased an Android device. On midnight of the day he was terminated, the phone went blank. “I was completely surprised,” he said. “I know it’s so they can protect their data assets, but if that’s such an important policy, we shouldn’t be mixing business with personal.” He has no memory of signing a release or user agreement, though he concedes that a dialogue box may have appeared when he first connected to EMC’s server “and like everyone else, I was like ‘OK, check.'” 2. Cultural workplace differences A reader sent me this interesting clip about cultural differences in the workplace. She writes: “It’s a staged conversation between an American boss and a Danish employee intended to show how the high-energy and relatively authoritarian American style clashes with the low-key and egalitarian Danish style. The gist of the conversation is that the American boss is informing the Danish employee that he will be relocating to a department based in another city, while the Danish employee is blindsided because he expects to get a say in such a decision. The clip was created by a Danish consulting company that has many years of experience teaching Danes and foreigners how to work together without tension.” The American manager in the clip is pretty horrifically repugnant, and I don’t think at all representative of most American managers — but I’m sure there’s truth in the style conflict that’s presented, even if it’s caricatured here. 3. Miss Manners on gifts for your boss Since questions about giving gifts to managers have come up frequently here, you might be interested to see Miss Manners tackled it earlier this week, in response to a question about a manager who received a gift from an employee just minutes before firing him. 4. “Ask the readers” posts Thanks to a suggestion from a reader, we now have an “ask the readers” category in the archives, where you’ll find all past “ask the readers” posts. You may also like:did this goodbye email overstep, problematic volunteer events, and moreshould I try to get my HR rep fired, new boss lives on my street, and morewhat's up with people responding to emails with a phone call? { 128 comments }
Matthew Soffen* January 31, 2014 at 2:08 pm 1) I believe they have to have your explicit permission to alter ANYTHING on your personal phone (what if they deleted everything on it – like your personal photots/etc.). I would think they’d have to have had a written policy AND your signed permission for them to alter data on your phone. And they may also limit what they can remove.
Mimi* January 31, 2014 at 4:51 pm My organization wipes phones clean, and I didn’t realize until after I started. Apparently it’s outlined in the IT Confidentiality Agreement I signed when I was a new hire. It doesn’t affect you unless you sync your work email to your cell phone, which I did. It wasn’t until later, when I became friends with some employees in IT, that I was told what a bad idea that was: once I leave the organization, apparently they will “wipe” my phone.
Liz in a library* January 31, 2014 at 5:23 pm My former org was exactly the same way. There was a click through agreement when I synced e-mail and no other notice at all.
Lilien* February 1, 2014 at 4:56 am Current android models will explicitly list the shenanigans that your company’s server admins can pull on your phone after connecting to Exchange. It even listed “Disables Camera” on mine. I presume that was to disable Face Recognition Logon but who knows.
Andy* February 1, 2014 at 1:45 pm To wipe the company data (emails in most case) should not be a problem – but to wipe the _whole_ stuff: even if agreed, it’s rather unfair. Though, I sugges to use the same habit of mine: I only keep 3G / WiFi on when needed. No connection, no sudden wipe. In case the firing is ‘in the air’ I’d turn off that ‘service’ of the phone (which removes the email sync too of course) but at least there’s no wipe either.
Josh S* January 31, 2014 at 6:27 pm I have a new job and got a new phone (an iPhone 4) as part of the onboarding process. I’m an Android/Google fan, and really can’t stand using the small screen, etc of the iPhone, so I started looking into the IT policies/procedures to see if I could forward calls and sync emails to my Android-based device. (If for no other reason than carrying two phones everywhere is downright annoying.) Sure enough, instructions right there on the corporate site for doing just that. However, a disclaimer stating that they had remote access to wipe the device (among a few other things) gave me pause. Ultimately, I’ve sync’ed email. But I know that the instant I start to get any hints that the job might be coming to an end, I’m going to remove that account from the phone and rescind remote access to whoever the Admins are for the Webmail account. Also, I hear rumors that it *might* be possible (but would likely break all kinds of user agreements with both an employer, your phone manufacturer, and your mobile service provider) to root your phone and restrict access to remote wipe capabilities. I’m not going down that road (yet), but if you’re sufficiently techy and paranoid, you might want to look into that option as well.
Anon* January 31, 2014 at 7:48 pm There’s no problem with the phone manufacturer or mobile service provider to root your phone. Google “XDA Forums” and your model number. Stick to the developer sections and you’ll learn a great deal!
Lilien* February 1, 2014 at 4:54 am You are correct, these kinds of restrictions are enforced by the OS on your phone and with the right tools or patches can be removed. For people who’re interested in this but don’t want to deal with rooting their phone and other shenanigans, there are solutions for Android phones on the XDA forums that only patch certain parts of your phone’s system instead of replacing the whole thing. You’ll still need to make some changes but the guides should help you along. I requested Exchange access with my company but chose not to connect it to my Android device when I saw the humongous list of restrictions they enforced. Not until I’ve patched my device anyway.
IT Manager* February 1, 2014 at 7:58 pm Just an FYI, the software can probably see you have a rooted phone, and if so revoke access based on that.
Lilien* February 3, 2014 at 12:51 pm Would depend on the phone and the extent to which the connection requests access. Especially on Android it shouldn’t be able to detect a rooted phone since there are so many OS signatures out there from different manufacturers. The one promising solution I found worked by letting the phone apply restrictions and then just not actually enforcing them, which shouldn’t trip any checks even if the software does those. This would of course depend on the level of security employed by the company. Probably 90% of system admins won’t care or be paid to provide more than rudimentary security, some likely exceptions are government and defense sectors or any employees handling truly sensitive data instead of just some work emails. Of course, as Josh S mentions above, this would likely violate the Terms of Use on your company access, possibly any NDA you signed (this would fall under reasonable precautions against information leaks) and could cause an awkward situation in cases where information is really stolen from your device. At which point you just say that the thief/hacker must have circumvented the protection.
Josh S* January 31, 2014 at 6:30 pm Also, BACK UP EVERYTHING! TWICE! NOW! /This has been a public service announcement
Kou* January 31, 2014 at 7:26 pm My employer makes it very, very explicit that they’ll wipe your phone if they think it may be compromised and that if it’s lost or stolen you need to tell them immediately so they can wipe it. They know putting it in a big wall of text will let it slip past people’s attention so you have to sign a sheet that says basically just that one point. I’m in health care so it’s an issue of patient protection, which I’m fine with. I don’t see why most companies make people in most roles agree to such a thing, though. There is no way most people have trade secrets or somesuch.
Anonymous* January 31, 2014 at 10:09 pm It doesn’t have to be the formula for Coca-cola to be valuable. Work in marketing? Stats on the latest campaign will be of interest to your competitors. Work in product development? Got plans for the next new thing on your phone? Work in finance? Maybe you have a spreadsheet or two that shouldn’t get out. Virtually everyone has access to information that competitors’ll want to see.
Kou* February 1, 2014 at 10:53 pm Yeah and I don’t know anyone whose job might have information of competitor interest, save for this one dev that *might*. I certainly never have, before the health information deal, had a job with anything interesting every coming across my desk.
KellyK* February 3, 2014 at 8:32 am Sure, but companies aren’t generally in the habit of ransacking your house or your car to see if you’ve taken work files home, or wiping your personal computer if you’ve synced your work email to it. There’s a huge difference between someone having access to information that a competitor might find useful and having access to information *so* critical that destroying someone else’s property is a reasonable step to prevent it getting out.
Jamie* February 3, 2014 at 11:57 am This. I’m stricter than most about protecting data and I do believe in the right to wipe phones upon termination – which is why we issue company phones, because the device I’m wiping you’re giving back to me. I would not wipe a personal phone, ever. On rare occasion when I’m asked by owners to depart from my general policy and allow work email on a personal phone they know that. I won’t support outside devices and I’m not responsible for the data control. I supply the connection info and that’s it. Which is why it rarely happens.
fposte* January 31, 2014 at 2:11 pm The American manager in that clip is straight out of The Office (US), but that’s why the show is funny–it’s true. What amuses me is how indirect the American is even as he’s being aggressive and pressure-y. I mean, it would be annoying enough to be told “I want you to move away and head up the legal department, and I need to know by tomorrow because we’re moving fast,” but to sit through all the crap about bricks and mortar without anybody every saying anything specific? That would make me want to play dumb. “You’re building a house? I don’t know anything about building houses. We don’t use a lot of brick here, so I don’t think bricks will be good to build with.”
Not So NewReader* January 31, 2014 at 2:45 pm I would guess that 50% of the bosses out there are like this guy. Within the first minute of conversation he starts with the put-downs. He loves how the employee is so casual AND he would never go see a boss dressed like that. (The boss draws the guy into the conversation with what seems like a compliment but turns out to be snark.) There really is nothing the guy can say because the boss has decided the employee is changing jobs, period. Basically he will go home and have to decide if he will quit the job or not. I can’t even watch The Office because it is too real. FWIW, I am embarrassed that this is the way Americans come across to people.
ScaredyCat* January 31, 2014 at 2:52 pm FWIW, I am embarrassed that this is the way Americans come across to people. I hope not all of them are like this, because the guy is down-right creepy. While, I’m not from Denmark, I am from Europe and used to a much more direct approach. So all this round about way of phrasing everything seems so weird to me. Kind of condescending too…
fposte* January 31, 2014 at 3:15 pm I’m fully willing to believe that there are cultural differences people need to be aware of, but I can’t imagine getting behind this guy in an American office either. Not that that makes it a bad instructional film–I bet it’s a great talking point. I just don’t want the Danes to think that’s what looks good to us.
KayDay* January 31, 2014 at 4:50 pm While I am absolutely sure that there are American managers like this (esp. the stupid office-esque brick analogy), I have never encountered one in person. It sounds like something that a bad manager who is trying to hard would do. Of course, there are plenty of bad American managers, so warning people about this is fair. (And I do think it is helpful to know a culture’s commonly seen faux-pas; rudeness can happen anywhere, but it sometimes hard to spot when your in another culture.) I find it interesting that in a lot of cultural aspects (e.g. directness, social conservatism, relationships) Americans are in the middle compared all other countries; you would think this would make us easy to get a long with, but instead it just leaves everyone confused (i.e. we’re more direct than a lot of cultures, less direct than others).
Not So NewReader* February 1, 2014 at 8:42 am Ditto from me. Most American workers would find this behavior totally unacceptable. Sadly, we do not have a law on the books that prevents overseas managers from acting like idiots. Notice the guy never blinks his eyes. I wonder what’s up with that.
Windchime* February 2, 2014 at 12:53 pm Yeah, the intense staring would totally creep me out. I hate it when people do that; it makes me feel like I am under the microscope.
Angel* January 31, 2014 at 11:05 pm I’m shocked – I’m going to assume it was over the top to make a point but the underlying message of “You’ll do this job, move to this city and have no real say in the matter other than leaving” is completely abhorrent to me. Would that seriously happen ? And the comment about his wife being excited about setting up a new house ? I have to ask, would any manager seriously say something that was outdated in the 1950’s ? I’m now exceptionally glad that my government vetoed a deal that would have seen my company taken over by an American company.
Ask a Manager* Post authorJanuary 31, 2014 at 11:33 pm Possible, but very unlikely. That manager was unrecognizable to me (and I would assume to most other Americans).
Anonymous* February 1, 2014 at 9:16 pm I recognize him — he was my last boss, a new acting manager. He came to my cube, said someone was going to come talk to me about a job, touched my leg, and told me to not turn it down. That was a bit creepy. As I researched the job, I found it had all the bad parts of my then current job, and no programming (I’m a database programmer). The more I learned about it, the more I felt sick about taking it. So I didn’t. I was laid off about a month later. I still regret losing the job I had, because I loved it, but I have no regrets about turning down that other job.
ThursdaysGeek* February 1, 2014 at 9:18 pm Oh, that was me. Had to watch the video at home, used a computer I don’t usually.
Angel* February 2, 2014 at 1:04 am Our company moved offices, we sold the site we were on (a manufacturing site) and moved into a more traditional office. Before the move there were several surveys about location preferences and maps of Sydney with everyone’s home suburbs and they looked for offices in the most popular areas. We ended up only about 15km from the old location, which is brilliant for me as it’s now only 3.5km from home. Although some people grumbled the new offices didn’t overly negatively impact most people. I’m beginning to realise how lucky I am that I work for such a company and as a result I can’t imagine it being handled in any other fashion. Thank you for the insights into different companies.
Not So NewReader* February 1, 2014 at 8:37 am I have seen the tactic used in several nation-wide companies. Mostly when they are trying to shake off an employee. Two examples (if I said the names most people would know these companies) Company A would offer an early retirement package. Let’s say you are dense, so you decline. The following year they offer another early retirement package, not as nice as the first. You still decline. Not much later you find that your job is now half way across the country. So you go. A year and a half later you find that your job is in another location yet again requiring a 1000 mile move. Company B tells you that you must move to X location for your job. You go. You buy a home, get the kids registered for school. Two months into the school year company B tells you “oh your job is 300 miles away, now.” On the more local level we have two companies here that routinely take their managers and place the managers in a location that is an hour to an hour and a half from home- EVEN THOUGH there are openings near their home.
Anon for this one* February 1, 2014 at 3:23 pm My experience with a transfer was that the company planned something, hinted for months, then got more explicit but would not confirm until very late in the process. Then, all of a sudden, things moved swiftly. There was certainly no discussion and people could take the transfer or become unemployed. Some managers I’ve dealt with have reminded me of the American manager dealing with the Danish employee. Where I saw this more was when the company adopted Some New Plan, whether it involved cross-training or outreach or new computer technology or a different way of setting goals and evaluating employees. We would be nagged for months about this, then the powers-that-be would lose interest, then about a year later there would be Some New Plan — that is, a different plan with different goals. Nothing was ever followed through to completion or made a difference, and there was never adequate planning, never adequate involvement of employees, and always a desire to do the plan on the cheap. (Among other things, the company cut short training in an expensive new software because the four weeks that had been agreed to was obviously excessive and one week would do.) As a result, employees got very tired of new initiatives because they knew no one would care that no goals had been set after the first set of goals, or no one mastered the software and different departments went their merry way using or ignoring features that were supposed to cut out production time, and so on. Basically, in February you’d get the brick analogy, and you’d hear it for four months, but the following January the managers would all be talking about how the company was like a wind turbine and how great it was going to be in March when all the wind turbines came online. Employees who weren’t managers became pretty passive-aggressive about new initiatives.
EngineerGirl* January 31, 2014 at 3:34 pm I’ve only had a couple of managers like this. One thing I do know – poor performing managers in the US often get deployed to remote settings. So the poor remote offices get the worst of the worst. This could be part of what the Danes are seeing. I have personally had cultural issues the other way. As a female that had to deal for years in the macho aerospace culture, I was given a team of mostly males from SE Asia. Disaster. I gave direct orders, they did a passive-aggressive response. I directly questioned them, they wouldn’t respond so I could fix it. Everyone got burned. Two ended up getting fired for insubordination (but not by me). To this day I’m not sure what the right approach would have been. I’m still a little gun-shy over it.
Not So NewReader* February 1, 2014 at 8:23 am I feel that this is where your boss should have stepped in and affirmed your authority on matters. There is more than one problem going on here and the problems are epidemic in the group.
Windchime* February 2, 2014 at 12:51 pm We used to have a boss like this. He would say whole paragraphs of brick-and-mortar type stuff, but no real substance. He also did the “intense eye contact while being overly jovial” thing, which just made me want to slink away from him. My current boss is nothing like this, thank goodness.
A Bug!* January 31, 2014 at 2:12 pm I’m so glad to see the Miss Manners column linked here, because that’s exactly what I thought of when I read that answer!
Adam* January 31, 2014 at 2:19 pm “…a manager who received a gift from an employee just minutes before firing him.” That is some sitcom level awkwardness right there.
HR Courtesy* January 31, 2014 at 5:14 pm Kind of like when I drove up to the off site warehouse in my new Mercedes. It got notice and praise from the guy working, then had to change subject to letting him go.
M* January 31, 2014 at 2:21 pm #1 is standard and people shouldn’t be surprised. It is an agreement that you have to accept when you setup the e-mail on your phone. I’ve worked for multiple companies and they all have this ability. I usually give people a heads up when activating a personal device, but the company has a right to protect it’s data.
Ann O'Nemity* January 31, 2014 at 2:37 pm I have a problem with companies requiring BYOD while also having policies that call for remotely wiping the entire device upon employment termination. If the company wants to protect its data, maybe it should consider paying for a company phone.
Laura* January 31, 2014 at 2:42 pm Me too. I wouldn’t have a problem with them wiping out the company email, but the whole phone – contacts, text messages, everything – sounds a little overkill.
Not So NewReader* January 31, 2014 at 2:47 pm I get that they want to protect their property. But if my personal use stuff is also wiped that is a problem. I wonder if there is any recourse contractually with the service provider.
holly* January 31, 2014 at 3:44 pm yes, this. this is like that company that required workers to front the money.
Mike C.* January 31, 2014 at 2:51 pm Just because some companies you’ve worked for do this doesn’t make it right, something that should be expected or even legal. Furthermore, the company’s “right to protect their data” (as in the “right” to willy-nilly wipe your personal phone) doesn’t exist. No company has the right to delete sensitive, possibly irreplaceable data that they do not own simply because it resides on the same device as data they may own. Frankly unless there is an explicit heads up, it feels quite criminal. Even then, I doubt an EULA style popup would hold up in court as proper. Companies are being too cheap to provide their own business equipment, and then rather than earmarking sensitive data (or allowing employees to back up personal data) are going the lazy route and wiping the phone. If anyone were interested in company data they would have backed it up anyway – and the wipe happened several hours after the firing occurred, so there was plenty of time for copying to occur anyway. So what’s next? Do you believe an employer has the right to wipe one’s backup media, both local and offsite? If an employee brings work home, should they be allowed to tear up the house looking for proprietary materials? If one had work in their car (say going from home to work and back), should they be allowed to tear it up like a customs agent looking for drugs? Just because it’s digital, and just because someone was informed at some point doesn’t make these policies anything that people should come to expect.
KellyK* January 31, 2014 at 3:11 pm Totally agree, Mike. Wiping their own data off the phone is fine–destroying irreplaceable data that isn’t theirs is not. And seriously, if you have such severe security concerns, maybe provide company-owned devices.
Angel* January 31, 2014 at 11:13 pm My phone that has my sisters last photo and text from about an hour before she died. If my company wiped that there would be hell to pay. I work in IT and I can’t even imagine this coming up as an option. And seriously, if I wanted to get data out there are dozens of better ways than using my company email.
Elizabeth* February 1, 2014 at 3:15 am If you haven’t done this already, back up that photo and text. Phones get dropped in puddles, left in taxis, stolen out of purses… any important digital information should exist in more than one location.
Angel* February 2, 2014 at 1:08 am I have a backup, both on my computer and in the cloud, but I still like the “original”. I know it’s silly and the backups are exactly the same, but I’d still be very upset if anything happened. Thanks for the suggestion :)
Ursula* January 31, 2014 at 3:04 pm This was made perfectly clear to me when I requested to have my email and calendar on my personal phone. This isn’t something needed for my job, it’s just for my convenience. I work for a Health Care provider and could have attachments with patient names (though no medical records). If someone has 10 unsuccessful attempts to get into my phone (a password is a requirement), my phone can be wiped clean. This is how I get my kids to stay off my phone. For the record, I don’t think it would be done upon termination of employment without being warned. That is extreme and unnecessary unless the reason for termination is something along the lines of breach of security. My two cents.
Mike C.* January 31, 2014 at 3:06 pm But in the example in the WSJ article, it was done hours later with no warning. Thus, security wasn’t protected at all, but all personal data was lost anyway. What’s the point in that other than to be vindictive and lazy?
Mimi* January 31, 2014 at 4:55 pm This is exactly what happened to me recently. I forgot my passcode, and after 10 attempts to get into my phone, it was wiped clean. When I asked IT about it, they asked if my work email was connected to my phone. I said yes, and they replied that essentially, I was screwed.
KellyK* January 31, 2014 at 3:07 pm That’s an excellent reason to never under any circumstances have work email on a personal phone.
Elizabeth West* January 31, 2014 at 4:30 pm I don’t, for this reason. I would scream so loudly if someone wiped my phone that you would hear me where you’re sitting. If they want me to have a phone, they can buy it for me.
EngineerGirl* January 31, 2014 at 3:17 pm The company has the right to protect its data. It does NOT have the right to destroy the private data of others. Want a secure device? Provide it yourself. Otherwise, GET OFF MY PHONE.
RobM* February 1, 2014 at 8:00 am If they require you to connect your phone to their system then I totally agree. If, however, I connect my phone to their system for my own convenience and ignore the warnings (IIRC Android at least warns you that this can happen, not 100% sure that iphone does) then I’m at least partly responsible. Companies should be making it very clear to staff that this could happen though.
Ellis* January 31, 2014 at 4:15 pm I used to have my work email on my personal phone. Had the dialogue box and everything, but I didn’t think I should worry. UNTIL my boss requested copies of texts of one of my co-workers on his company phone. That very day I disconnected my work email on my personal phone. If he wants me to have access to my email 24/7, he can buy me a phone.
Anonymous* January 31, 2014 at 2:45 pm #1 isn’t news. But like most reporters who don’t understand technology, the article tries to play on the scare factor part.
Mike C.* January 31, 2014 at 2:57 pm What scare factor is that? Having to give your employer the ability to remotely wipe your phone while possibly not being made aware of it is a reasonable thing to be concerned about.
Chinook* January 31, 2014 at 2:52 pm Here is a question for you tech people, if you have a phone that allows you to separate work from home (I.e. BlackBerry), would they still wipe the entire thing or is it possible to limit the employer’s access to your personal information?
Josh S* January 31, 2014 at 6:33 pm I can’t speak to BB, but typically the “remote wipe” performs a factory reset to your phone. I can’t imagine a factory reset would respect any partitions. It’s basically the C:\>Format *.* of the DOS era.
Joshua* January 31, 2014 at 3:05 pm I guess I shouldn’t be surprised that people are surprised by #1. Don’t connect your personal phone to your work email. If your work requires you to be in contact after hours, they will have to provide the means to do so.
Mike C.* January 31, 2014 at 3:11 pm They don’t have to provide the means to do so. Also, good luck being labeled as “not a team player”.
Joshua* January 31, 2014 at 6:32 pm That’s why I do my best not to work for petty companies that insist on me footing the bill for them.
KellyK* February 3, 2014 at 8:36 am Sure, so do most people. But changing jobs is a long and tricky process, and unemployment is still pretty high. If you can avoid working for jerks, of course you should. But being stuck working for jerks should not mean that you lose the rights to your own property.
KellyK* January 31, 2014 at 3:13 pm That’s generally a good theory, but that requires working for a company that will actually do that.
anonymous* January 31, 2014 at 3:31 pm It’s so unhealthy to be connected to the workplace 24 – 7 via your personal phone. Best not to do this. Really.
Cat* January 31, 2014 at 3:52 pm Be that as it may, it’s something that’s not going away for a lot of us. We (as a society) are going to have to figure out how to do this while protecting employees to a reasonable degree – i.e., not allowing their employers to wipe their personal phones at any time.
Contessa* January 31, 2014 at 4:10 pm You don’t always have a choice, unless the choice is to change jobs. Some jobs require you to be by your email or phone 24/7. I have specific instruction to check my work email at least twice a day on weekends, for example.
KellyK* January 31, 2014 at 4:26 pm I agree with that, but a number of companies expect it anyway. The company that’s going to trash your personal data after they fire you is probably not a company who’s terribly concerned about your overall health and well-being.
Joshua* January 31, 2014 at 6:46 pm If the company wants me to work after hours, they will have to provide the means to do so. I am not paying for the privilege of being on call. That is a boundary I clearly establish early on at my jobs. Also, the whole ability to wipe your phone thing is a great bit in your favor for NOT using your personal phone as a work device. Anyone who is sane and reasonable who thinks about it for two seconds could see that it’s a totally legitimate objection. And before someone says that not all bosses/companies are sane, understand that you can use that retort on pretty much any workplace related discussion ever and it doesn’t actually further the conversation in any sort of helpful way.
Cat* January 31, 2014 at 7:40 pm There’s another dimension to this too, though, which is that for many of us, if you’re going to be checking your email after hours for work, it’s far more pleasant to only have one device to keep track of. Seriously, it used to drive me insane to have to try to remember to charge and carry a personal phone, a blackberry, and an iPod. (I could really only manage one; I opted for the latter; and nobody could ever contact me.) I eagerly condensed all those things on my personal iPhone. It makes my life measurably easier. In my particular case, for a variety of reasons, I’m not too worried about my current employer and this set-up. But I think that people who don’t have the reasons I have shouldn’t have to be worried about it if they want to combine their devices. There should be some protections there.
Cat* January 31, 2014 at 7:41 pm (NB – my employer does pay for my data, so I’m not entirely on my own personal plan here.)
Anon* January 31, 2014 at 4:35 pm My company has a webmail service that allows us to log into our work email online. They could just block access to it or take it down.
Editor* February 1, 2014 at 3:33 pm Yes, I prefer access through a server. To people saying employers should provide the phone if they want to control it, I agree. However, I’ve seen ads for journalists that require the applicant to provide a camera and a cell phone plus have the use of a reliable vehicle. Those are bad jobs — the applicant already knows the employer is cheap — but when unemployment is as high as it is, there are people who will apply because they need work.
Laura* February 1, 2014 at 9:26 pm Yes, this. My iPhone can actually handle logging into our web based Exchange server in the browser, so it’s never linked to my phone and the data isn’t stored. I think I’ve done that all of once or twice, though, when someone called me with an urgent issue that needed me to review information that couldn’t just be stated over the phone, and I was nowhere near a computer. I think the idea that an employer can effectively require you to link your device to their email – or be in default of their instructions to you – and can then wipe your device, is pretty horrifying.
inkyeagle* January 31, 2014 at 3:46 pm #1 – in my experience that little box that pops up gives a pretty clear explanation of all the functionality you’re giving your employer when you connect your device to their email servers. When I’ve connected work email, I’ve had to alter my password to be appropriately secure (aka no pattern unlocking) to fully encrypting my phone (which I then couldn’t undo without wiping it). But hey, I clicked the accept button at the warning, so my fault. Just another reason to always read everything.
Josh S* January 31, 2014 at 7:49 pm Depends on your device, and the OS. And many, MANY users click [OK] without reading what they’re agreeing to as a matter of course, because the “I’m sick of all this legal crap, I just want it to work” mentality many users have and come to expect. It doesn’t make it right or good, but that’s how many many end users act.
Mel* January 31, 2014 at 3:54 pm I work in IT and am familiar with point #1. Where I worked, if people wanted us to set up their work email on their personal phone, they had to sign a document stating that they understood we would wipe the device when they left the company. After the wipe, they would need to reload the phone with their personal data, either manually or restoring from a backup. We took pains to explain this clearly to people, and my company provided phones for people who needed them but didn’t want to go this route. Unfortunately not every company is as ethical. (Yes, if you have a lot of stuff on your phone, you should be backing it up. There are a variety of ways to do this, most of which involve your home computer. Putting company data on any machine not approved by IT is verboten, so you shouldn’t be keeping company data in your backup, but there isn’t really a technical way for anyone to stop you.) The reason for the complete wipe is that there’s no reliable way of separating out the company’s information – nothing that will satisfy a lawyer, anyway. Letting company data walk out the door is a major no-no in any case, and can get you in huge trouble if you’re a HIPPA compliant organization. If someone wants to circumvent policies like this they easily can, but at that point they’re the one who will be facing consequences, not the company. Hopefully the smart phone industry will mature to a point where the information can be segregated, but it’s not there yet. Policies like this are essentially growing pains, it’s not a great solution for anyone.
KellyK* January 31, 2014 at 4:29 pm Giving them notice is something, at least. Does your company provide phones to people who need them to do their jobs effectively? (If having work email on a personal phone is for the employee’s convenience, and they’re informed that the phone will be wiped if they leave, that makes it more reasonable. But if there’s a general expectation of BYOD, it’s still not an appropriate policy.)
Anonymous* January 31, 2014 at 4:31 pm Blackberry segregates personal and work information and can prevent backing up work data.
Elizabeth West* January 31, 2014 at 4:36 pm That’s a good way to handle it; some people don’t like to carry two phones. If they don’t back up, then it’s on them.
EngineerGirl* January 31, 2014 at 3:56 pm I noticed that Donna Ballman did a post on wipeouts: http://employeeatty.blogspot.com/2013/10/your-employer-wants-to-erase-your.html
Mike C.* January 31, 2014 at 4:25 pm Holy cow, I wasn’t off base with my earlier comment (RE: houses/cars/home/backups)! In the comments of that post, Donna herself relays the following story: I’ve seen employers send out nastygram demand letters that threatened to sue unless employees gave them access to their cloud-stored emails and documents to delete, turned over their backup drives, and allowed a complete forensic inspection. Most employees can’t afford to fend off a trade secrets lawsuit, so they end up giving in to these bullying tactics. !!!
tcookson* February 1, 2014 at 3:19 am Stealing the term “nastygram”. Unfortunately, it describes the email communication style of a couple of my co-workers.
Sydney Bristow* January 31, 2014 at 4:01 pm Related to #1, consider this a friendly reminder that if you combine your work and personal devices and your company is involved in a lawsuit, it is very possible that your personal emails will be reviewed by someone like me. Same goes for personal emails you may send through your work email account. Although the personal emails are often more entertaining at my job, I’m sure most of the people who sent them would prefer I didn’t see them!
Mike C.* January 31, 2014 at 4:32 pm I assume this is part of the discovery process in a lawsuit? I’m willing to bet that there’s a lot there that you’d rather not see. This is way off topic, but in those situations do you have to go through and open every individual file to ensure there isn’t something needed, or do you try more precise searches? It would really suck if it were the latter if you had to deal some insane collection of, er, “artistic photography” or weeks worth of music.
Sydney Bristow* January 31, 2014 at 5:06 pm Yes it is done during discovery. The level of documents we have to review depends on the case. Some are based on targeted searches and some searches obviously work better than others. I’ve definitely reviewed hundreds of vacation photos, calendar appointments, and contacts in a row because they were from a key person’s files and there wasn’t any further search done. I definitely see more than people would expect! Parts of it can be entertaining but sometimes its uncomfortable to know that a big name owner has has 2 mistresses or an employee is having major financial issues. Sometimes I have an irrational fear that I’m going to meet one of these people by chance someday and realize I know an insane amount about their personal life!
Sydney Bristow* January 31, 2014 at 5:09 pm Oh and I’ve only ever seen one set of “adult photos” but I hear that is a lot more prevalent on some of the major financial services cases.
Judy* January 31, 2014 at 9:53 pm I have always been curious about discovery. I’ve been involved in several IP suits. The lawyers / data contractors hired by my company always duplicate my entire hard drive, then they interview me about where the information they need would be on my computer. Obviously because it’s IP, the “other side” is our competitors. I’ve been assured that they don’t give the copy of my hard drive with all of my files for all of the projects I’ve got running. It still makes me nervous.
Miss Betty* February 1, 2014 at 9:50 am As a legal secretary, I’ve seen printouts of people’s Facebook accounts (portions, never an entire account), some really nasty e-mails between exes, printouts of text messages, personnel records, and copies of medical records going back to birth. If you got syphilis when you were 19 then get in a car accident when you’re 50 and sue the other party’s insurance company, I’ll know about it. Discovery is heartless!
Cat* January 31, 2014 at 7:43 pm Out of curiosity, do you have to sign something agreeing not to disclose any personal info you come across or is that just left up to your judgment?
Graciosa* January 31, 2014 at 10:21 pm Counsel reviewing information produced in discovery do not typically sign NDAs. Attorneys are bound by requirements of professional responsibility in the jurisdictions in which they are licensed. These requirements invariably include respecting client confidences. However, you need to remember that the employee is not the client, and the individual’s interests do not necessarily run with those of the employer (or the employer’s adversary in a lawsuit). There are many, many reasons for an attorney to reveal personal information discovered electronically. If you want to minimize the risk of this, don’t co-mingle your work and personal devices.
Cat* January 31, 2014 at 10:33 pm I don’t really care about the personal stuff I do on work-related devices (minimal despite them being commingled) – I was just curious if they had particular NDA set-ups for contract attorneys.
Anon for this* February 1, 2014 at 3:24 am I knew that emails sent/received on one’s work device can be viewed by the company. Our dean was recently taken down by a sexual discrimination lawsuit in which they confiscated inappropriate texts on his work cell phone (no idea what he was thinking. But I was thinking that, if the texts had been from his personal phone, the university would have had no way of intercepting them. Not true?
Kristin* January 31, 2014 at 5:07 pm Ugh the phone thing. My boss came to me very excited that the company was going to pay for my phone bill if I put work email on it. I was reluctant, and after starting to read the agreement, which included caveats that the phone could be remotely accessed and also remotely wiped. I then refused. It wasn’t a huge deal but I think I was seen as kind of not a team player. I don’t really care. If you pay for a separate device I am happy to be available. Otherwise, no. The agreement said it would only wipe work-related things but I am iffy about that on an iPhone. People can text me if they need me. $80 a month is not worth my company being able to access my private data or expect me to be available at all times. Plus, what a pain in the ass if the phone is lost. Not only does it suck personally but it turns into a big work hassle? No thanks.
Joshua* January 31, 2014 at 6:50 pm If they were willing to fork out $80 a month, I don’t get why they couldn’t fork out another $100/150 for a cheap serviceable smartphone for you to use.
Kristin* February 1, 2014 at 12:28 pm The company used to have blackberries, and then implemented BYOD I think to save money, but I agree it’s silly they could just give me a second phone and pay that bill for not much more. I had also declined an offer of a blackberry when we still had those. I should mention my boss was surprised about all the wiping stuff because she hadn’t really read the agreement – lesson – ALWAYS READ STUFF.
Jubilance* January 31, 2014 at 5:21 pm #1 isn’t a surprise to me – it’s standard procedure at my company and before they allow you to sync your work email on your phone, you agree that they can wipe your phone. You have the right to withdraw from the program at any time & deactivate the software and uninstall it and your work email access. This can be done before giving notice for example, if someone was concerned that their phone would be wiped by the company with no notice.
Elizabeth* January 31, 2014 at 5:38 pm I’ve (fortunately!) never had a boss quite like the one in the video, but there were moments in there that gave me really visceral flashbacks to a boss I used to have. Especially this: Dennis: “I sent you–I also sent some suggestions to you and–” Tom: “That was so great of you, Dennis, and I really, really appreciate that– I mean, that’s so important that you care enough to send me an email about which, uh, what you’re interested in. That shows initiative, and I value that. I really do. I value that.” It reminded me a lot of the lip service this boss paid to “valuing input.” They wanted to be seen as caring about people’s opinions and being an understanding person, but their actions didn’t actually reflect that. It was very frustrating. I understand that there are times that a boss has to make a decision, even an unpopular one, but it was difficult to watch them try to sugarcoat it and convince us that this decision was actually the one everyone wanted.
Cultural Differences* January 31, 2014 at 8:06 pm I’m the reader who sent in the Cultural Differences clip. So surprised and excited to see it published here! Attention has already been called to the negative side of the boss’s behavior, but I believe part of the reason for the clip is to illustrate how Americans come across as a positive, upbeat, cheerfully optimistic people in contrast with the Danes who (similarly to the Brits) are known for being glum, critical and constantly using irony. In this video, the American comes across as atrociously insincere because it is a pretty big deal to direct an employee to move three hours away and expect him not to bat an eye, but in many other contexts the American insistence on keeping a positive vibe is a good thing. For example, I know Danes in IT who have gone to work in Silicon Valley and who describe having culture shock because they are used to freely sharing negative opinions and expressing skepticism about other people’s plans and ideas, but they are finding out that over there it is a social faux pas to be explicitly critical. And after they’ve adjusted to expressing skepticism only through a lack of enthusiasm rather than through direct criticism (unless someone asks for it, of course), they’ve ended up strongly preferring it to the atmosphere back home in Denmark where you always have to be prepared for people dissing your stuff. The negativity culture is part of the Law of Jante which permeates behavior here and which essentially means that no one is allowed to stand out from the crowd: http://en.wikipedia.org/wiki/Law_of_Jante If you ever go to Denmark and tell someone of an accomplishment of yours and they happen to reply, “That’s not so bad,” please know that they are not unimpressed; on the contrary, this the Danish way of saying, ‘That’s unbelievably awesome!” Sorry if this isn’t very clear, but it’s 2 am here and I’m off to bed as soon as I press submit.
Cultural Differences* February 1, 2014 at 4:05 pm Haha – thanks, mr (and Not So NewReader)! ;) Glad my 2am scribbling made sense!
Marcy* February 2, 2014 at 10:53 am It isn’t just Denmark. I lived in Sweden for ten years and it is exactly the same there, including the Law of Jante. I worked with a Russian and she liked to brag about herself a lot and the Swedes were quick to put her in her place each and every time she said something. As for always being upbeat and positive- I had a co-worker once ask me if I really had to be so cheerful and happy all of the time. I thought I was just being friendly. It really is different working in another culture and its good to be aware of the differences going into it.
Adrian* February 3, 2014 at 5:10 am Thanks for suggesting this clip, it made me think in retrospective to some foreign managers I’ve had. I’m also trying to figure out a way the Danish guy could have participated more in the conversation and assert his needs. How do you think the manager character would respond if asked: – How come did legal prevailed over my other options, it was not even on the list? – Relocating is an important decision that I need to discuss with my family. It will take longer than one afternoon, how about we schedule a meeting for next week to talk about it? – Is there any room to reconsider this option? I’m not as enthusiastic as you are about it.
Noah* January 31, 2014 at 9:14 pm Until last year my company always said they could wipe your device if it had access to company email. Then they switched to some new software, we had to download apps and now it is apparently “containerized”. Corporate data is separate from personal data on the device. When employees leave or a device is lost, only those apps and their data are removed from the device. It is pretty slick. The only downside was we moved to completely BYOD, even our laptops and tablets. If you had a corporate device it was gifted to you, but you are now responsible for its upkeep. New employees though are required to have a smartphone, and in certain positions either a laptop and/or tablet.
Moi* February 1, 2014 at 8:50 am What is the software program? This sounds like a great solution that I’d like to look into a bit more.
Noah* February 1, 2014 at 11:29 am It’s called Airwatch. I left out the name because I didn’t want to come across as spammy.
Jay* January 31, 2014 at 9:29 pm BYOD is optional for me–I choose not to carry two phones and have been using mine for business so long that I think it is just easier to stick with one number. We “renew” our BYOD disclosure each year and it explicity says that can wipe the device. However, it also is pretty clear about what circumstances that would happen under. It really isn’t anything shocking or crazy, and in the case of a termination they would just shut off your network access anyway. I would be more concerned if the company said they could access my personal device remotely….
Dan* January 31, 2014 at 10:47 pm My company won’t let us BYOD, which is kind of nice. No expectation of email while not at work. We do have webmail and VPN, however.
short geologist* February 1, 2014 at 7:12 am I work outside and do a lot of coordinating. I already carry around too much stuff, so I have my corporate email on my smartphone. Most of the firm is in the same position as me, though, and I can’t imagine that they would ever do a remote wipe – they’d have an uprising. Besides, why would they need to wipe your phone when they just need to cancel your account? I have more sensitive information in my files on my car (hard copies of field logs) than ony phone, anyway.
The boss in the video clip* February 1, 2014 at 10:10 am is a dead-on accurate portrayal of bosses, especially male bosses, in the private sector. From the classist insult to the not-so-veiled economic threat, the whole encounter is intended to preserve the hierarchy more than to further the aims of the business. In our country, where unemployment is a devastating (often semipermanent) condition and folks can be fired at any time for no reason at all, this guy’s behavior is unfortunately rational.
Marcy* February 2, 2014 at 10:55 am I have run across many of these bosses in the public sector as well so I don’t think it is a public/private sector thing but instead is just a bad boss kind of thing.
Jen in RO* February 2, 2014 at 3:36 am I just watched that video and cringed. The boss reminded me of my last 2 bosses – they are very different people, but they both had this kind of faux-positive attitude. One of them drove us nuts for persisting in his ‘just keep on keeping on, everything will be OK’ approach to our problems, and the other drove most employees to look for other jobs because he visited our location, told us how good everything is going, then a month late started laying off people because of financial problems. Neither of them did the veiled threatening this, at least! My sample of 2 isn’t representative, but so far all my American managers have fit this stereotype.
another anon* February 3, 2014 at 10:26 am That video gave me flashbacks to some of my previous bosses. Horrible patronizing analogies, annoying corporatespeak, and a “my way or the highway” attitude instead of listening to suggestions and input to solve problems. Bosses like these definitely exist and are probably more common than AAM thinks… Especially since I have only been out of college ~5 years and can rattle off a few that resemble this video. I wish more managers would read this blog!
DS* February 5, 2014 at 11:41 pm I get flack all the time for refusing to use my personal phone (which is both my cell and home phone) for work activities, but this policy of wiping out all data is exactly why. What’s scary is that beyond that, you are often giving the company access to other data on your phone. I don’t think they have any business reading my texts or personal email or rifling through my pictures and passwords. Some apps can help limit this, such as Touchdown. It acts as if it is the entire phone, so if they put a hit on your phone, only the data in the app will be erased instead of your entire device.
Anonymous EMC employee* February 12, 2014 at 3:45 pm At the start of the month, EMC notified all employees that they needed to undergo an updated Privacy/InfoSec training. Featured prominently was the note that any device, company or personal, that contains sensitive information will be erased when the device user is terminated. I think they read your post.
anonymous* March 13, 2014 at 7:21 am Pretty sure employers want to replace people with robots because that’s basically what they expect of employees: submissive, obedient, perfect, flawless drones.
EMC Employee From The Story* April 8, 2014 at 2:30 pm To Anonymous EMC Employee, I’m glad to hear it, and I’m glad I no longer work there. As I mentioned in the article I looked into legal action and 2 major law firms said they were ready to take on a class action suit, both for their data practices as well as Unpaid overtime. I’m not one to go the legal route and I’m in the middle of building my own company so I declined these options, but I’m glad my goal of raising awareness is happening.