Active discussions

Meet the Other Phone. Child-safe in minutes.

Meet the Other Phone.
Child-safe in minutes.

Buy now

Please or to access all these features

Talk
AIBU?

Share your dilemmas and get honest opinions from other Mumsnetters.

Original poster

To consider this request beyond unreasonable?

108 replies

luckylucky24 · 24/04/2017 12:33

DH has just text me to say his work have asked him to install an app that gives them access to his photos, browsing data and location.
His phones is full of pictures of our kids, some in the bath etc. This aside I feel this is a huge invasion of privacy. Surely the don't have a leg to stand on? Can they enforce this?

OP posts:
PigletJohn · 24/04/2017 13:01

Lots of apps do that.

If you have a look at Permission settings on your phone, you'll find that google can turn on your camera, read your location, read your emails, take photos, and send emails without asking you.

If your phone ever gets hacked, or you download a dodgy app, there's no limit to what they can do. There are a few countries where government-sponsored agencies bug lots of phones.

I agree with getting a work-only phone, and taking care not to look at your private emails, photos or any minority interest websites on it.

skyzumarubble · 24/04/2017 13:01

If they want him to be contactable outside of work they need to provide a phone. Simple.

NotMyPenguin · 24/04/2017 13:01

If he wants to show goodwill, he can say he'd be very happy to use the app on a work mobile if one is provided!

If they're not providing one, they can't really expect employees to either check their email out of the office, or give access on their personal phone to an app that has dubious permission settings!

GloriousGoosebumps · 24/04/2017 13:01

Why does the company want access to photos, browsing data and location? His manager must have given a reason.

I wouldn't give access but if I thought the company would harrass me and make my life hell I'd simply buy the cheapest smart phone on the market and download the app onto that phone. Then I'll leave the phone in the office - permanently...

LurkingHusband · 24/04/2017 13:03

A properly written and installed app would have a sandbox, which is a protected part of memory/file system which is encrypted, and which will be the only place where emails (plus attachments) would be stored and viewable. There would also be the ability for the system administrators to setup a matrix of what is or is not allowed within that sandbox (e.g. not allowing emails to be printed, forwarded, or attachments to be stored offline). It would also prevent any data from leaving the sandbox and being copied into the personal area of the phone. And it would be configurable for geolocation, so could not (or only) be used outside the UK, EU, etc etc. And as a final resort it would allow itself to be deleted remotely if the device were lost or stolen.

But then a properly written, configured and deployed app would cost a lot per user, so the temptation to use a cheap POS is strong.

A lot of organisations are completely clueless about mobile strategy, and - weirdly - becoming more, not less so.

expatinscotland · 24/04/2017 13:05

So it's a personal phone. In that case, the only answer to this is NO.

LurkingHusband · 24/04/2017 13:06

Why does the company want access to photos, browsing data and location?

Applying cock-up over conspiracy, it's a POS app that thinks it needs that permission ...

What does the company Information Security Officer say about all this.

They have got an ISO, haven't they ... ????

Oldraver · 24/04/2017 13:06

I'm glad he has said no.

If it were me I would tell them I don't do 'Apps'. My phone is for phoning and texting and the occasional photo

Tartle · 24/04/2017 13:07

I have this app on my work phone and was going to install it on my personal iPad as well but as soon as I saw what it allowed the company to see I changed my mind. If I remember rightly it is not just that the app can access things but also that people on your company can then access them as well and remotely change or wipe your data.

Fine on my work phone but not for my personal stuff.

Original poster
luckylucky24 · 24/04/2017 13:08

Not sure if they have an ISO. Never heard him speak of one and to be honest it is a bit of a thrown together company so probably not!

OP posts:
Fruu · 24/04/2017 13:10

If any workplace had tried this on me, I would have told them my personal mobile got broken / stolen and I won't be replacing it. I think it's hugely unethical to expect staff to check emails outside of work during their personal time anyway unless it's a truly massive emergency.

Spikeyball · 24/04/2017 13:11

It's possible in some cases it could be a condition of bringing your personal phone into work. Dh is not allowed to take his in and has to leave it in his car or with security.

LilacPoint · 24/04/2017 13:11

It is a bit of a thrown together company

That is apparent. Are they any other companies that OH could work whose management does not have dodgy ethics?

Bluntness100 · 24/04/2017 13:12

I also think you have both misunderstood, the app needs access to work, it's not that they wish to access his personal data. They will not be using it for this purpose as it will be illegal. I don't understand why he doing work emails on his personal phone anyway they should provide a work phone for that. They have every right to make sure their mail is secure, they have no right to ask employees to use their personal equipment for work purposes, if he is also not provided with a laptop and can only work from an office location on a computer then he will not be able to work out of hours.

CosmoKlit · 24/04/2017 13:13

No way. That's horrific.

CosmoKlit · 24/04/2017 13:14

thrown together company

Absolutely no way they would be accessing all my personal life, or my partners, or my children - what would happen with things like bath time shots? Your DH could actually end up in a lot of shit if those were shared with the wrong people.

Original poster
luckylucky24 · 24/04/2017 13:14

Not at the moment Lilac but he is on the lookout!

OP posts:
LurkingHusband · 24/04/2017 13:15

I also think you have both misunderstood, the app needs access to work, it's not that they wish to access his personal data.

At this stage, that is an assumption ...

They will not be using it for this purpose as it will be illegal

when it comes to Data Protection, very few people are on the ball. The apparent lack of an ISO is a red flag already, as it suggests the company believe that no one should be responsible for Information Security.

The Information Commissioners Office might beg to differ.

Manupprincess · 24/04/2017 13:17

My DP had the same at work- it's not an energy company is it Luckylucky24 ? My do works on the tech side and whilst in theory the company shouldn't impact any other apps there is the potential for the company to accidentally reset to factory settings if an upgrade goes wrong. The company is a bit thrown together and this is possible. My dp said no and they lost a good few hours of work from him every week.

LurkingHusband · 24/04/2017 13:17

I don't understand why he doing work emails on his personal phone anyway they should provide a work phone for that.

Because a BYOD management license is far cheaper than a business contract phone ...

Original poster
luckylucky24 · 24/04/2017 13:20

Not an energy company no.
To give an idea of how crap this company is, DH texts me at least once a week to say he can hear the manager snoring in his office [hmmm].

OP posts:
ChasedByBees · 24/04/2017 13:20

Absolutely no way.

parrotsays · 24/04/2017 13:21

OP is it Lotus Notes?

By any chance is he working within YW ?

LurkingHusband · 24/04/2017 13:23

Also, what does their Information Security Policy say ?

MrsMozart · 24/04/2017 13:23

No. And from the new Data Protection law coming up n I think his company is barking.

Swipe left for the next trending thread