Lots of my coworkers use their corporate phone as their personal phone. There’s a process for porting your phone number over when you get the corp phone. People do it because it’s simpler to have one phone, or just to save money. I would never do this but I understand why someone with a different background and worldview would.
Myself and probably most of my coworkers just use our personal phones as company phones. Not sure if you see that as different. Also don't do activities on them that are... criminal.
Suppose I buy an iPhone from Apple, and load up a work profile on it. I need to trust that Apple doesn’t give my personal data to the employer profile, and my employer doesn’t have a zero-day to circumvent those controls. I also need to trust that the phone company (or my VPN) provider doesn’t give my browsing history to my employer. I’m pretty comfortable with all of those assumptions.
Now instead suppose my employer gives me an iPhone with a cell plan they are paying for. Now there are more questions - is this a vanilla iPhone or is some kind of tracking software installed on it? Perhaps the phone company will freely give up my browsing history to my employer? I’m a lot less comfortable with this. It feels like my employer has legal authority and technical capability to see a lot of what I’m doing on the phone.
Edit:
> Also don't do activities on them that are... criminal.
I’d not worried that employer would get me in trouble with the government for criminal activity. My behavior is a little more constrained by worries that somebody at company could be analyzing my browsing history for violations of company policy, which in a worst-case scenario could get me terminated or cause me to face civil litigation, especially if I were to do a startup.
I generally agree although you may still be asked to install MDM on that phone to access, say, work email. How obtrusive that MDM is depends on your company’s policies.
This has nothing to do with corporate supplied cellular phones. There are corporate campuses where your personal cellular phones will be tracked with an IMSI catcher/Stingray. All incoming and outgoing texts will get captured by a Stingray for the Insider Threat program to monitor. Voice calls as well. Maybe even data...
I am not saying anything criminal was discussed on these phones...
If you look for higher paying jobs and discuss the matter on your personal phone with a recruiter during lunch time... Insider Threat programs will report you to your boss and HR.
If you are socially active in your private time and receive a text about a meeting, these activities will be reported to your Insider Threat program and hinder your career.
If you are having an affair (not with any coworkers) and receive a text... This will be tracked by Insider Threat program.
If you get called on your personal phone by a VC firm or competitor for a new position, this will be tracked by Insider Threat program...
If there is a full disclosure upfront, then I don't think it's that bad... But if disclosure is only given to favorites allowing some to modify their behavior... That's horrible
Do you have evidence that this is happening? In the moonlighting, IP theft, noncompete etc. stories
you posted higher in the thread, I didn’t see any mention of a stingray. I think it would have been mentioned because a company would have to disclose where they got the data during discovery in litigation, and it would be newsworthy if they used a stingray.
I can believe some companies would use a stringray, but I don’t think the average line manager would be brought into the loop on this. It would be reserved to intelligence operations that never see the light of day, and therefore couldn’t inform low level operations like performance management of the average employee.
