BYOD raises privacy concerns at Energy Australia

Some BYOD users bring "Big Brother" mentality, says Energy Australia telephony analyst, Drew Ball (left).

Energy Australia has had to respond to employee concerns about location privacy as a result of rolling out a bring your own device (BYOD) strategy, according to Drew Ball, telephony analyst at Energy Australia.

The power company has a mix of corporate-owned mobile devices and BYOD, with BYOD representing about 30 per cent of devices, Ball said on a customer panel at the AirWatch Connect conference in Melbourne.

“If there is a legitimate business need for you to have a phone or smart device, then by all means we’ll give you one,” he said.

While Energy Australia does track the location of its corporate-owned devices, the power company does not collect GPS data from BYOD devices, said Ball.

Nonetheless, privacy concerns have been raised by “people with a Big Brother mentality,” Ball said. For example, he said some are worried that the company will keep tabs on them when they take sick days so as to ensure they’re not at the pub, he said. “People don’t feel comfortable with that.”

Ball said he has found that the best approach to alleviating privacy fears is to “be very open and honest” with concerned staff. Ball said he will sit down with an individual employee and log into AirWatch to show exactly what data is being collected.

Ball noted there are tough legal questions about whether the organisation has the right to track an employee. “If it’s bring your own device, perhaps not,” he said.

Ball also spoke about how tightening controls on enterprise mobility can help employees to keep their personal lives separate from work. He told a story about how—at a previous company—IT had to lock down third-party apps’ access to corporate email after an employee accidentally broadcast racy photographs intended for a dating app.

Ball said an executive assistant had signed up for a dating website and downloaded an app for the iPhone she used for work. She used the app to take racy photographs of herself and inadvertently sent them to unintended recipients, he said.

“Because the company hadn’t locked down access to email from professional apps, the racy photos went to everybody in the global address list, from the boss’s email address.”

Privacy also plays a major role in the Australian Sports Commission’s mobility strategy, according to the agency’s ICT director, Stephen Kay.

As a government agency, the ASC has “policies up the wazoo,” and security is a major concern, Kay said on the AirWatch customer panel. “Anything to do with privacy ... needs to go to both CEO and the minister for approval.”

“But for us it’s just an extra step,” he said. “It’s not a roadblock in any fashion.”

The ASC uses mobility to collect information about the health and performance of its athletes, said Kay. “We have lots of unique privacy challenges,” he said. “For example, there’s lots of bloodwork that gets done for athletes and DNA profiling and those sorts of things.”

The commission is interested in wearable computing as a way to increase such tracking, and this raises new privacy issues that the ASC is still working through, he said. “To date, our response [to wearable computing] has been fairly sketchy … There may be some issues that we’ll have to deal with fairly soon.

Adam Bender flew to Melbourne as a guest of AirWatch.

Follow Adam Bender on Twitter: @WatchAdam

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia