Smartphones and tablets also have a higher risk of loss or theft, inherent to the material value of the devices and the ease with which you can lose them. But then it doesn't matter whether it's a BYOD device or a fully managed work device. I don't think it's about BYOD. The weakest link is and remains the user."
Big brother is watching you: privacy & legislation
The discussion is now about the employer and big brother is watching you. The employer has access to private e-mails, bank accounts, all social media channels, chats and more via the device managed by the IT department. A particularly frightening development. How do you see that?
“From the need for control and management, employers are crossing the line and taking measures in the BYOD policy, which gives them access to all information. Suppliers are putting tools on the market that make it possible to watch and read along in depth, to follow what the employees are doing. The functionalities are available. There is no privacy-by-design . That should be discussed much more sharply and forcefully within companies and put on the social agenda as a priority .
Works councils should be concerned about this and start looking into the possible privacy violations. Employees are presented with BYOD agreements with provisions that violate legislation and fundamental rights, with the explanation: 'if employees sign for it, then it is allowed'. It is never allowed, but no fuss is made about it. That is the most frightening development. Let the security debate of 2013 be about that and put the interests of the individual first.”
Especially since it does not only concern the employee himself but also life and private information of third parties. How is this currently regulated by law?
“The Personal Data Protection Act and its elaborations by the CBP provide a number of valuable tools. For example, a company may find it necessary for business operations to provide a smartphone with a location service, which makes it clear where the employee is at any time of the day. The employee has the right to turn off the location service outside working hours, so it should not be a hidden tool.”
'Big brother' leads to less innovative employees
Officially, the employee is not allowed to just look at the browsing history, e-mail boxes, apps logins, Twitter, Facebook, LinkedIn etc. but it happens daily. What are the dangers for the employee because of this unequal position?
“Dismissal, for example due to unwanted statements via social media. Of course, as an employee you have to be very sensible about what you put online, but it can be used as an excuse to say goodbye to an employee. In addition, the freedom of expression of the individual must always be guaranteed. The great danger is self-censorship, with which you lose open and transparent discussions, also within companies. That loss equals less knowledge sharing and ultimately the brake on innovation. Simply put, companies with Big Brother measures will lose the greatest innovators in our society. ”
Ensuring the online safety of the individual
“You quickly run the risk of coming up with a kind of umbrella term such as privacy-by-design , but that is not enough. IT systems are designed and marketed that are based on central control and management, so centralization and bundling. We need to go much further, towards a radical individualization of IT, where the primary responsibility and authority lies with the individual. The user is the manager and owner of devices and applications, with the responsibility for online security.
Think of the EPD , the Electronic Patient Record (or any other incarnation). Designed as a centralized sweden telegram data system, where the patient can indicate whether or not to participate, but about which the patient has little further say. The patient has no control over the information that is stored or consulted by care providers or health insurers. I am coming to a system where you as a citizen are the owner and bearer of the medical and care data. The individual determines at what time a care provider gets access to certain data and for how long.
Of course, such a system cannot be built overnight and we will have to invest in the skills of citizens to deal with it , but that is a matter of designing standards, building technology and providing training and awareness programs. BYOD shows that we can do it and that we are moving in that direction.”
Integrity solution: openness & transparency
How can an employer make it easy for itself, offer itself as an organization and all individuals associated with it an honest solution?
“The key word is openness, also referred to as transparency. Finally, have a discussion within the company about honest IT and give it concrete form. I advocate a business IT think tank with individuals who use new consumer technology for business purposes. Make sure that such a think tank has insight into the company, the compliance requirements, etc. and let them think along about the strategic technology course. Do not let them be guided to death by so-called consultants who are stuck in old paradigms and are part of the old way of thinking .