As a society, we attempt not to “bring work home,” both literally and figuratively. But what happens when life and work converge? One area in which this occurs daily is in the technology we use. Bring Your Own Device, or BYOD, policies have become increasingly popular. No longer do we find ourselves with a work Blackberry in one hand and our iPhone in the other. From the very same device that you order dinner on, you also send emails to clients and colleagues. These policies have benefits for employers, who are able to cut down on high service and support costs, as well as for employees, who enjoy the freedom and convenience of having only one device. However, if faced with a litigation hold, the costs of having a policy that permits employees to use personal devices for work purposes may outweigh its benefits.
For the past decade, litigation holds and the duty to preserve relevant electronic communications and documents have been the topic of much conversation and debate. In 2004, Judge Shira Scheindlin issued the still highly discussed decision in Zubulake v. UBS Warburg, LLC (S.D.N.Y. 2004) which held that the duty to preserve evidence, including electronic evidence, attaches when there is the anticipation of litigation, or a “triggering event.” BYOD policies complicate an employer’s ability to preserve such evidence. Employees who store personal data on devices may be unwilling to turn them over to their employer due to privacy concerns or simply may not be as proactive in saving electronically stored information (ESI) as their employer would expect. Recent case law suggests that an employer’s failure to preserved data on an employee-owned phone may result in sanctions. See Small v. Univ. Med. Ctr. of S. Nev., No.: 2:13-cv-00298-APG-PAL, 2014 WL 4079507 (D. Nev. Aug. 18, 2014)(where sanctions were issued when defendant failed to preserve ESI on employees’ personal phones). While a policy permitting employees to use personal devices for business purposes may have many benefits, when faced with litigation, such policies may prove disadvantageous.
Employers may be able to avoid sanctions if their BYOD policies include the right provisions. A strong BYOD policy will encompass many different areas, but when it comes to ensuring compliance with litigation holds, employers should include provisions about security requirements and employer access to employees’ personal devices. With regard to security concerns, employers should be mindful to include password and encryption requirements as well as guidelines about backing up data to a secured server. Furthermore, a BYOD policy should allow employers to retrieve and/or delete company information from an employee-owned device used for work purposes upon termination of employment. Employers should carefully craft their BYOD policies to ensure that in the event of litigation, they do not find themselves facing sanctions for failure to preserve evidence.