March 21, 2022

Protecting your personal information and privacy on a company phone

Joel Snyder

When you use a new employer-issued smartphone, or you use your own phone to read your work email, you might ask yourself, “Wait, did I just let my employer look at everything on this phone? Did I just give up my privacy?”

Well, maybe some, but probably not anything that should be of concern. There are three things protecting your information: the technology itself, your employer’s device policy and the law (at both federal and state levels).

Here’s a look at all three — and exactly where you are and aren’t protected.



All smartphones have a number of built-in features that can help maintain the boundary between your work life and personal life. Some of these features are for you to use just to keep things organized on your own phone. Samsung’s Dual Messenger capability, for example, lets Android phone users create two different accounts, such as a work account and personal account, in chat apps such as WhatsApp and Facebook Messenger. But these boundaries are more intended for organization than for actual privacy.

To really isolate things so that your employer can’t access personal data, you need Android’s Work Profile feature — a capability that doesn’t exist in iOS. When you establish a Work Profile on your Android phone, there’s true isolation between this profile and the rest of your smartphone.

In terms of privacy, if your employer has control of your Work Profile — which is how things are normally set up — then the information outside of that profile is absolutely off limits to them. They can’t see any of your private data, contacts, calendar events, messages, emails or camera roll. (Which means that you’ll need to back up these items yourself.)

But from a technological point of view, there are some things your employer can control outside of your Work Profile. For example, your employer may be able to keep you from installing certain apps, even on the personal side of your phone. They can also remotely lock your phone or erase it if necessary.

Your employer’s exact capabilities will depend on how your phone is set up. For example, many employers use a Bring Your Own Device (BYOD) approach to let you use your own phone for work but give them a little piece of the phone that they can protect for work purposes. In a BYOD environment, your employer may be even more limited in what they can do. On the other hand, some organizations use a Company Owned, Personally Enabled (COPE) approach. In a COPE environment, your employer still can’t reach into your private data, but they do have more control over the device settings, such as requiring a passcode to unlock your phone or tracking the device’s location.


Company policy and its affect on privacy

Your employer’s specific BYOD or COPE policy is also an important part of keeping your personal data private. In the U.S., employers have tremendous flexibility in what they can regulate. While the employer has the advantage in writing the policy that the employee has to agree with, these policies still have to be very specific in what types of information your employer can look at. If the policy doesn’t address a particular issue, then employers don’t have permission to overstep any privacy boundaries.

For employees, this means their employer’s BYOD or COPE policy must define all of the rules for data privacy. And if your employer says the information on your phone is considered private, then they cannot legally violate their own policy.

In the U.S., employees traditionally haven’t expected much privacy in employer-provided IT systems, such as company email — but that’s changing rapidly. When privacy issues have gone to court in the past, employers have usually won, because employer policies used to say, in effect, “You have no reasonable expectation of privacy on anything you do on our network.” In other words, if the policy says that particular information isn’t considered private, then you’ve been given notice that your employer can look at that type of data on your smartphone. This is true whether the device is personally owned (BYOD) or owned by the employer (COPE); U.S. law allows employers to enforce their device policies as long as the policies are clear and agreed to by the employee.

This imbalance in favor of employer access has changed as more people have started to bring their own smartphones and other personal computing devices to work. People have become much more sensitive to privacy issues, and policies have changed accordingly, giving greater respect to employee privacy and reassuring people that their private information will stay private.

The gray area emerges when an employer’s device policy doesn’t say anything about privacy. If there’s a question in court about what the policy says, the judges will likely ask, “Is there a reasonable expectation of privacy for this kind of information?” Employers can’t easily justify peeking into your smartphone for information that would normally be considered private. But a “reasonable expectation of privacy” can be interpreted very differently in different courtrooms.



Laws and regulations are third in this list because in the U.S. there are very few laws that directly protect your privacy, especially at the federal level. The Constitution doesn’t explicitly list privacy as a right, but the Supreme Court has stated that there are “penumbras” (shadows) within the Bill of Rights that give us a general right to privacy. These penumbras are generally cited when a law goes too far and invades our privacy rights — which is very different from protecting an employee’s right to privacy on their smartphone, no matter who paid for it or who manages it.

Since the federal government offers few protections, privacy rights are now determined state by state. Traditionally, California state law advances these protections faster than other states, but other states are also legislating in this area. The general direction across most of the U.S. is for state legislatures to increase privacy rights, but these rights remain very uneven.


Following the rules

Most of us think about privacy as personal protection, but it’s important to remember that we can forfeit our privacy if we don’t follow the established rules. Most BYOD/COPE policies, for example, say that certain device uses and apps are work-specific, and that’s where the employer is allowed to look; everything else on the device should not be used for work and is off limits to the employer.

To stay within the policy limits, you have to only do work within the apps that are controlled by your employer. For example, if policy states that all of your work chats must be in Microsoft Teams, choosing to have those conversations in WhatsApp or Facebook Messenger could cause you to lose some privacy rights to other software or data on your phone.

At the end of the day, your best phone privacy protections come from technology that partitions your work data and employer access from everything else on the device. At the same time, a clear and fair BYOD/COPE policy also helps protect employees’ privacy and sets the limits of what is and isn’t allowed.


An aside for HR and IT

To avoid problems with your company’s BYOD/COPE policy, make sure the policy is clear and understandable to your employees, and that employees are trained on the policy; that the policy is certified, even annually, to ensure that employees understand it; and that the policy is consistently enforced across the organization.


For more mobile security solutions, discover the array of tools in Knox Suite, Samsung’s end-to-end set of device management tools.

[Icon] close

Get the right solution for your business

Join 25,000+ organizations around the world.

[Icon] suitcase
Are you a reseller or solution partner?

Get access to the Knox Partner Program for helpful partner tools, such as the Knox Deployment Program portal, Knox MSP portal, partner SDKs, and more.

[Icon] info
Unified Endpoint Management
Knox Suite
Rebranding and customization
Knox Configure
Fraud and theft protection
Knox Guard
Device protection plan
Samsung Care + for Business
Other products & services

Get started with

[Image] Knox Suite

All-in-one solution bundle for enterprise mobility.

[Icon] Check mark

Join us and get a 90-day free trial for Knox Suite and other Knox products. *Approval required

[Icon] Check mark

A complete set of tools to secure, deploy, manage, and analyze your enterprise's corporate mobile devices.

[Icon] Check mark

Try powerful features bundled with Knox Suite, such as Knox Remote Support.

Knox Suite include:

[Icon] Knox Platform for Enterprise Knox Platform for Enterprise
[Icon] Knox E-FOTA Knox E-FOTA
[Icon] Knox Mobile Enrollment Knox Mobile Enrollment
[Icon] Knox Asset Intelligence Knox Asset Intelligence
[Icon] knox manage Knox Manage
[Icon] knox capture Knox Capture

Get started with

[Image] Knox Configure Logo

Remotely configure Samsung devices in bulk and tailor them to specific needs, right out of the box.

[Icon] Check mark

After approval, you can try both the:

  • Setup edition — designed for a one-time deployment
  • Dynamic edition — deploy and update policies as many times without a factory reset.
[Icon] Check mark

Try either the Setup edition or Dynamic edition of Knox Configure on up to 30 devices.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Icon] Knox Guard Logo

Remotely control Samsung devices to reduce financial risks and protect assets.

[Icon] Check mark

After you get approved, generate your free trial license for 90 days.


Try all the features of Knox Guard on up to 30 devices, including SIM control and device locking.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Image] Samsung Care Plus For Business Logo

Protect your business devices against accidental damage and mechanical breakdowns.

[Icon] Check mark

Are you already a Samsung Care+ for Business customer? Create an account and access the Samsung Care+ for Business console.

[Icon] Check mark

Contact the Samsung sales team and get peace of mind for your devices.

Other products & services

[Image] Others logo
[Icon] Check mark

Samsung offers additional solutions to serve the unique needs of your business. Talk to a Samsung expert today.

Back to top