Uncategorized

IN DRAFTING COMPANY-ISSUED DEVICE AND BYOD POLICIES, DON’T FORGET THE WAGE AND HOUR ISSUES.

I’ve been holding my breath waiting for the decision by the U.S. District Court for the Northern District of Chicago in the Allen v. City of Chicago overtime collective action before giving you a blog post on this case. The trial concluded almost two months ago. Because I am starting to turn blue, and because the issue is an important one, I’m not waiting any longer.

The case involves claims by Chicago police officers in the Bureau of Organized Crime seeking pay for time spent off-duty checking and responding to emails, texts and phone calls on police department issued Blackberry’s. Although not requiring hours and hours of off-duty work each day, the officers claim that they were contacted after hours by informants, other members of law enforcement, and their superiors, and often could not wait until normal working hours to address the issue. The time, they claim, added up.

The police department defended the case by pointing to a policy dating back to 2010 that informed employees that they were not obligated to carry data devices or respond to messages while off duty. The department also asserted that in 2013 it issued a policy forbidding employees from doing so. The officers, however, countered by contending that there was an unwritten policy that required them to work off the clock, largely imposed by a culture in the department.

Although I don’t have a crystal ball, my gut is that the outcome favors Chicago. Courts in other jurisdictions have relied on employer policies prohibiting “off the clock work” in dismissing employee claims for pay for work performed in violation of the policy. These courts recognize that employees, in the face of such a policy, have a responsibility to accurately record their own time and to complain to their employer if a supervisor asks them to work without recording their time. Another great fact for the City of Chicago is that officers who actually reported working overtime answering messages on their devices outside of normal working hours were paid their overtime.

So what does this have to do with privacy and data security? It demonstrates that issues often handled by privacy, data security and IT professionals often touch on a variety of other issues as well. In company-device and BYOD policies and user agreements, such professionals need to address potential wage and hour issues by making it clear that non-exempt participants in the program must properly record their time, are prohibited from using the device for work outside of their regular working hours, and/or are prohibited from working off the clock. The documents should provide a clear avenue for complaining about any requests to work off the clock (either directly or by reference to another company policy). This issue will take on even greater importance soon when the U.S. Department of Labor issues its final regulations, making millions of employees, including many managers, nonexempt and eligible for overtime under the FLSA.

If, however, the court in Allen finds that such off the clock policies and prohibitions are not sufficient to defeat claims for unpaid wages, employers will need to find other ways to ensure that non-exempt employees are properly paid. That might include monitoring employee use of the devices during non-working hours. That kind of monitoring can absolutely raise privacy concerns, and the employee’s consent to monitoring will become critical. In those states with social media password protection laws, prohibiting an employer from even asking the employee for a password to a private account can make monitoring tricky. Other state laws may come into play, such as California Penal Code Section 637.7 which prohibits the use of electronic tracking devices to determine the location or movement of a person. Too much tracking might also give the employer information about an employee that it otherwise might not want to have, such as information that would disclose an employee’s protected characteristic – such as gender preference. Company policies and the device program terms of use, therefore, should take these laws into account. One must have: prohibit employees from using personal accounts (such as personal email accounts) for work.

Hopefully, however, my gut is right. Stay tuned……

Discussion

No comments yet.

Leave a comment

Your email address will not be published. Required fields are marked *

Welcome to Data Points!

The technology and regulatory landscape is rapidly changing, thus impacting the manner in which companies across all industries operate, specifically in the ways they collect, use and secure confidential data. Moore & Van Allen’s Privacy & Data Security Group recognizes the challenges clients face in the effort to stay abreast of such volatility. “Data Points” seeks to educate by providing transparent and cutting-edge insight on the most critical issues and dynamics. Our goal is to inform business decision-makers who are navigating these waters about the information they must protect, and what to do if/when security is breached.

Connect To Recent Authors

  • Karin McGinnis:  View Karin McGinnis' Bio View Karin McGinnis' LinkedIn profile
  • Todd Taylor:  View Todd Taylor's Bio View Todd Taylor's LinkedIn profile
  • Mindy Vervais:  View Mindy Vervais’ Bio View Mindy Vervais’ LinkedIn profile
  • Omari Sealy:  View Omari Sealy’s Bio View Omari Sealy’s LinkedIn profile
  • Brandon Gaskins:  View Brandon Gaskins' Bio View Brandon Gaskins’ LinkedIn profile
  • Robert Sumner:  View Robert Sumner’s Bio

  • Subscribe to Blog via Email

    Follow MVA

    Facebooktwitterlinkedinrss

    Blog Topics

    Archives

    Interested In Other Topics?

    Tell us what else you are interested in here.

    Our Privacy & Data Security Practice

    Moore & Van Allen has a Privacy & Data Security practice with the depth and breadth to advise the multitude of business industries and practices impacted, including sales, human resources, data maintenance and storage, IT, legal and compliance, labor and employment, health care, finance, cross-border transactions, energy and litigation. All require careful attention to protecting the privacy of personal information as well as preserving the integrity of company, customer or third party data. To help our clients successfully navigate their data security challenges and manage their risk in these areas, our multi-disciplinary team draws on their deep experience in addressing data privacy and information security obligations and disputes. Read More About Our Practice and Meet the MVA Privacy & Data Security Team.

    Disclaimer

    No Attorney-Client Relationship Created by Use of this Website: Neither your receipt of information from this website, nor your use of this website to contact Moore & Van Allen or one of its attorneys creates an attorney-client relationship between you and Moore & Van Allen. As a matter of policy, Moore & Van Allen does not accept a new client without first investigating for possible conflicts of interests and obtaining a signed engagement letter. (Moore & Van Allen may, for example, already represent another party involved in your matter.) Accordingly, you should not use this website to provide confidential information about a legal matter of yours to Moore & Van Allen.


    No Legal Advice Intended: This website includes information about legal issues and legal developments. Such materials are for informational purposes only and may not reflect the most current legal developments. These informational materials are not intended, and should not be taken, as legal advice on any particular set of facts or circumstances. You should contact an attorney for advice on specific legal problems. (Read All)