• Property & conveyancing
  • Business legal services
  • Building & construction
  • Legal Counsel Packages
  • Wills and estates

Stay in touch with how the law affects you! Subscribe to our

Subscribe to Forum Law News

* indicates required

BYOD (Bring Your Own Device)

Business Law News | April 2013

As technology moves forward, employees are demanding more flexibility around when and where they do their work. The traditional nine-to-five workday is declining in popularity and we are seeing employees use their personal devices, such as smart-phones, tablets and laptops, to do their work.

This new trend of increased connectivity and access to technology raises a raft of issues for businesses. To address these issues, it is important that a rigorous Bring Your Own Device (“BYOD”) policy is developed and implemented. In this article, we discuss three of the most important areas of risk for businesses arising from BYOD: privacy, data security and intellectual property.


Employees typically understand that personal data stored on business devices may be able to be accessed by the business. However, employees' expectations of privacy in relation to personal data stored on their own devices are much higher. When both personal and business data is stored on an employee's personal device, the employee's right to privacy can conflict with the interests of the business. A business's BYOD policy should include provisions that set out how personal information on BYOD devices will be dealt with. These provisions will need to comply with important amendments to the Privacy Act 1988 (Cth) that come into effect in March 2014.

Data security

The portability of employees’ devices increases the risk of data being lost or stolen. Businesses need to develop strategies addressing how business data will be stored on employees’ devices. One option is to segregate business data from the employee’s personal data; another is to consider storing data virtually. In the latter option, no data is stored physically on the device, and access to virtually-stored data can be switched off remotely if the device is lost or stolen. However a business chooses to address the data storage issue, it needs to ensure employees are trained to protect the security and privacy of the business’s data.

Intellectual property

The use of employees' personal devices creates issues in relation to ownership of intellectual property. Content that is created on business-owned devices in the course of employment remains the property of the business. However, ownership of content can be difficult to determine when it is created in the course of employment on a personal device, outside of working hours. To assist with making the ownership of content clearer, businesses will need to amend and review employment agreements, indicating what content will remain the business’s property. Privacy, data security and intellectual property are just some of the issues that a good BYOD policy should address. BYOD has implications for almost all areas of a business, including HR, finance and management, as well as contracts with third parties such as software providers and insurers.

To make sure your business has addressed all the risks stemming from BYOD, contact Forum Law to discuss.

Forum Law is an active member of several reputable law and industry associations. We have recently obtained ISO9001 accreditation.