Comment: Should lawyers bring their own phones to work?
James Foley, vice president of customer experience at BT smartnumbers, looks at the practice of bringing your own device to work and argues, there is now a better alternative.
Following the economic downturn, we have seen many legal firms rationalise their core practices, shifting from a more generalist offering, to more specialist activities.
With a tighter focus on fewer clients, coupled with competition from equally specialised firms, client retention has never been more important. The one-to-one nature of relationships is possibly more important in the legal sector than any other, and to support this, some legal firms have implemented a Bring Your Own Device (BYOD) strategy.
BYOD provides legal staff the flexibility to communicate efficiently and cost-effectively with clients, while staying up-to-date with caseloads when they are in the office, travelling or working remotely. However, client interactions from mobile devices need to be captured securely and invoiced accurately, and this can be challenging and time-consuming.
We are also seeing a move by some legal firms towards mobile call recording. On one hand, this is to secure evidence in case of dispute, but firms are also using this technology to upload their conversations to customer relationship management systems. Yet if a lawyer is using their own phone and personal calls are inadvertently recorded, the firm could be liable under data protection rules.
A recent report, prepared by data protection and privacy expert Ben Hooper for BT smartnumbers, summarises the legal challenges posed by the UK’s Data Protection Act 1998 (DPA) and the Regulation of Investigatory Powers Act 2000 (RIPA). In general, business calls may be recorded without contravening the DPA if the benefits of recording outweigh any adverse impacts, and if appropriate steps are taken to satisfy the other data protection requirements that apply. In practice, however, organisations often allow employees to also make personal calls on business devices, or at least turn a blind eye to such personal calls. Although this is no doubt convenient for employees, it raises significant compliance issues.
In particular, if there is a viable alternative which could ensure that only business calls are recorded, while leaving personal calls private, then an organisation that disregards that option and instead implements a blanket recording policy for all calls may well be contravening the DPA and thereby exposing itself to the risk of significant reputational harm, a substantial fine, and other legal challenges.
The pressure on legal firms will only increase when the upcoming General Data Protection Regulation comes into effect in April 2018. The regulatory sanctions are set to be more severe than DPA, with data breach fines reaching €10m, or up to 2 per cent annual worldwide turnover of the preceding financial year, whichever is greater.
But does this mean that two phones is the only solution? Not any more.
Today there is technology available where, instead of carrying two phones, you can carry a single phone with two separate mobile numbers. That way, clients can reach you on one number, while friends and family can call another. And so it goes for outbound calls too – you can select which number is presented depending upon which number you call out from.
With a ‘two numbers, one phone’ model, business calls are billed directly to the company, while personal calls are charged to the user. Gone are the days of running slide rules against mobile phone bills to claim expenses, and the fear of breaching data protection rules if call recording is implemented.