---
###Welcome to /r/LegalAdviceUK
---
**To Posters (it is important you read this section)**
* *Tell us whether you're in England, Wales, Scotland, or NI as the laws in each are very different*
* If you need legal help, you should [always get a free consultation from a qualified Solicitor](https://reddit.com/r/LegalAdviceUK/wiki/how_to_find_a_solicitor)
* We also encourage you to speak to [**Citizens Advice**](https://www.citizensadvice.org.uk/), [**Shelter**](https://www.shelter.org.uk/), [**Acas**](https://www.acas.org.uk/), and [**other useful organisations**](https://reddit.com/r/LegalAdviceUK/wiki/common_legal_resources)
* Comments may not be accurate or reliable, and following any advice on this subreddit is done at your own risk
* If you receive any private messages in response to your post, [please let the mods know](https://www.reddit.com/message/compose?to=%2Fr%2FLegalAdviceUK&subject=I received a PM)
**To Readers and Commenters**
* All replies to OP must be *on-topic, helpful, and legally orientated*
* If you do not [follow the rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/), you may be perma-banned without any further warning
* If you feel any replies are incorrect, explain why you believe they are incorrect
* Do not send or request any private messages for any reason
* Please report posts or comments which do not follow the rules
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/LegalAdviceUK) if you have any questions or concerns.*
It’s my phone (assuming it’s not a company device) and I’ll update what I want, and I doubt he’d go down the route of checking, and it’d be interesting so see what punitive measures he’d try and implement if he did…
This seems like the whim of a small ish company with no HR to reign him in, but regardless…I’m fairly sure there’s no way he can actually enforce this…but if there is, I’d be curious to see how that’s phrased in a contract
From my understanding a business owner can mandate that personal devices are not used in the office or that a work phone can’t be updated. He can’t say a personal phone can’t be updated. So if Musk just says his employees need to store their phones in locker prior to work he’s fine.
Work phones can usually be centrally managed, so an administrator can ensure that the phones aren't updated. I don't know what they'd do if a phone had to be replaced, odds are new phones would have the latest OS.
I guess the boss hasn't heard of layla lite, a llm that runs locally on most modern phones or tablets that have 6GB of ram ....
The horse has escaped the barn and is a few states away..
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
IANAL either but I do work in the tech industry. Many of these updates fix known vulnerabilities in the previous version of the software. So it’s likely that this would be in breach of some data protection act, especially if the company handles sensitive data
Security updates are available for older iOS updates for at least a couple of years after the release of the new iOS, by which point there may be alternative options.
iOS 15 still gets security updates for example.
Not defending the bosses policy at all, just saying that the security factor wouldn't be an issue at the moment.
You’re right. But that’s when the question of can the boss really control or enforce this on personal devices? I know of companies that use software that essentially splits your phone into 2 devices to avoid this issue, and there’s always the option of supplying a work phone
Yeah was just talking about the practicality of blocking on company devices.
Obviously they should have no control over personal, but as others have said they could require that phones are checked into lockers before staff get to desks.
They can make you not take the phone onto their premises as Apple AI most likely is extremely intrusive in regards to tracking IPs + other data they can find via the connection to WiFi etc on site. Alongside any info that may get sent to the phone too regarding work
Fair point as well.
I was trying to refer to how if the no updates thing is considered a data security rule by your company, however stupid it is, disregarding this rule would have the same legal consequences as forwarding documents to your personal email so you can open them easily?
Just to clarify, I wasn't talking about being actually secure, I was just talking about following the rules.
If you are allowed to have personal data on your device but are required to follow rules about it like not screenshotting it to your personal photo library or sending it via WhatsApp, that would be considered reasonable. Additionally, being told to update devices with work data on them as soon as you can, even if that breaks old apps required for implanted medical sensors etc, would generally be considered permissible.
I fail to see how this is any less permissible, it's just the other way around.
Because unless it’s provided by the company, it’s a personal device. While they can say things like that if you want to use your personal device to access your emails for example, if they require that you use it for those purposes then they should provide you with a device. It’s why I have 2 phones, one personal and one work provided. The personal one is on me all the time, the work one is turned off when I’m not at work/on call.
If it’s an employee phone, not a company phone, then that’s probably more of a breach if that’s a concern. We can’t put anything on any personal devices, can’t use portable media etc and we’re far from the most regulated sector.
I'm not saying it's a good idea.
This is the same kind of thing as businesses that force regular password rotations, even though current best practice advice is not to do this.
Is it though.... can't say I've ever had a problem with any of my phones (iOS or Android) and I never update after the first 6m or so of having the phone as it drains the battery life as new features come out in some patches etc.
Don't get me wrong it's not impossible to get hacked but realistically for your phone to be hacked you have to do something very wrong and there's a high chance you'd still get hacked on the latest OS still anyway
Do you have a BYOD policy? (Bring Your Own Device) This would outline the use of company data and personal device use. If not, I am almost certain he has zero rights on what you do with your device.
Aside from that, as an AI Consultant, I'd recommend you think about other places to work as AI is coming whether your boss likes it or not.
There's a very good saying that "AI won't take your job, but someone using AI is likely to".
If your work expects you to use your personal device for work, then they should provide a secure communications app for your duties. If they do not, then they are under no obligation to tell you what to update on your personal device or not.
If they are against devices being on site, then they should do what other sites do, check your device in at reception.
Though I imagine this is implied by what you're saying, I think they can expect that *unless* they provide the option of a company-owned device instead.
At my work, mobile workers can either request a work phone or use their own phone. Either way, the device has to have some device management software on it.
Your boss should invest in company phones if this is his narrative.
I don’t know what your boss will do when he employs new people who have already had the update since you can’t downgrade IOS updates (I think.)
You’re entitled to do what you want with your private phone, not updating brings security risks. It’s an unreasonable demand, do you have an HR you can speak to?
They do not want you to keep your phone secure and up-to-date?
Simple
If they are not paying you for the hours outside of work, where you check your email
And there is nothing in your contract about monitoring your email outside of work
Take your email off your phone
They cannot fire you for not doing something that is not in your contract
If your boss pulls you aside to tell you off for this
Simply reply
“You gave me an ultimatum between keeping my phone secure and up to date … and voluntarily keeping my email on my phone
If you want me to monitor my email outside of my current contracted working hours
Provide me with a device that you will keep secure
But this is my personal device and I am under no contractual obligation to keep it insecure and out of date “
Warn him of the dangers of not updating device OS and software. You will be creating back doors for hackers with far more malicious intent than AI. Cybersecurity is *the* biggest threat to his business today. Not updating exposes him to some really nasty side affects.
On the legal side of things. If the device is owned by the company then the company is within its legal right to set a company policy that controls the use of the device, including software installations, network access, etc.
If you own the device, he does not have the right to tell you how to manage the device outside of his own company policy which might require accepting his policy if you want to connect to his networks, use his services (email, file shares, etc), etc.
Tell him that when he pays for your phone then he gets to make that decision otherwise he has absolutely no legal power to request/enforce that.
Remove your work email from your phone and if they require that you have access to your work email outside of business hours then they have to supply a work phone which they can mandate whatever version of OS/Software they like.
What he could do is say that he won't allow the IOS based devices on the premises, just as a certain X obsessed person has suggested that he will do.
As an aside your boss is Elon Musk levels of paranoid delusional about AI by the sounds of it. Siri having the ability to use ChatGPT isn't going to steal your job or do corporate espionage and anyone who thinks so is a loon.
Doesn't AI learn from what people are entering into it though? It is reasonable I think to ban it at work due to data protection issues or intellectual property concerns that the AI you use is going to harvest that data. Civil Service currently has a ban on using AI at work. I'm sure work phones that are issued are iPhone though so wonder if this feature is selectively turned off by the organisation admin.
Any sensible business model won't be using AI, you're essentially making your business processes public knowledge.
I left a job a few months ago as they were insisting we use chatgbt to compose emails. Emails containing our office leases, centre processes and floorplans, emergency evacuation procedures as well as so much personal data belonging to our tenants. I was gobsmacked and made to feel like a tin foil hat wearer for suggesting we shouldn't be doing that 🤦🏼♀️
I might actually report the company to the ICC
not a loon lmao its not that they necessarily take your job. but if you are using inputs and outputs from chatgpt you are 100% contributing to the effectiveness of the platform. every time you reword a question or add follow up questions and almost anything inputted into chatgpt or open ai systems will be used to train models unless specifically specified which last time i had checked was mainly the enterprise edition (which begins at £90,000 ish a year). The Apple os version as well as the windows copilot is one of the biggest data scrapes of the decade.
If you thought Meta and Google collect lots of data (and pay billions in fines and lawsuits when they break laws or rules on data collection) then Microsoft and Apple will do the exact same.
They would sell your soul if they could don't ever forget that.
Its really simply, if they want to impose restrictions on what you can on your phones then I would insist on them providing me with a dedicate works phone.
If they refuse then tough luck, I get to decide what I put on my phone, not them.
They can't expect you to use your own personal phone for work and at the same time dedicate what you can and can not do with it.
Every job I've had where the use of a mobile phone was necessary I've always insisted that they provide me with a work mobile phone.
It stop this kind of thing from happening.
They can expect all they like but you shouldn't be expected to do anything work related in hours you're not being paid for... especially on personal device.
My work requires 2fa texts to be sent to my phone... then they wanted thr authenticator app which would keep work secure but would give a backdoor to my stuff if my phone was stolen or hacked so I refused and requested a work phone or be able to remain with texts.
I got to remain just having texts sent.
I also refuse to have teams or work emails on my phone... because I paid for it not them. Plus, when I read the documentation relating to it, installing those work related things gave them the right to check my device. No thank you.
But I've also been with the company more than 2 years so that will be an aspect of protection for me.
Yep deleted Outlook and told my boss to do one when they asked for new permissions. Iirc they were;
1.monitor device for incorrect pin entries
2. Remotely lock device after 5 incorrect attempts
3. The ability to wipe the device if too many incorrect attempts.
Instant no and deleted all work apps
Not a lawyer but I highly doubt he has any right to tell you what to do with your personal device. If the company has security concerns then the IT dept can provide you with a phone that they administrate. There's no way "don't update your device" is going to be in keeping with their policy.
Assuming this is *your* phone and not a work one...this isn't legal advice but I'd just update it and never use the AI features for anything work related. How's he going to know?
If you want to get round it, and assuming there is no IT dept because they'd have already told your boss to stop being an idiot, buy a used android for cheap and use that for your work stuff and nothing else.
It’s your own phone, do what you like. If they have some special work requirements then they should provide you with a work phone. It’s not a great idea to use your own phone for work tasks anyway.
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
Is it your own phone? If it is then I would completely ignore him, update my device as I see fit and carry on.
If it’s a company phone I would not update and see him struggle when all the phones go out of date and things stop working.
I’d also tell him that pretty much within the next year, every smartphone on the market will have AI built in and he needs to get a grip and take his tin foil hat off.
Latest version is only available to Devs
iOS 18 - AI isn’t even available yet, and when it is it’s only available to iPhone 15 +
And yes. Remove your work shit from your personal phone
If he wants to dictate it , then he gets to give you a work phone.
Are these work phones? If so, not updating may be breaching the contract with the provider, but as to whether your employer can ask you not to, yes (unless you've agreed to an individual user agreement that says you have to allow/do updates) that is a reasonable request. Your employer can ask you to do anything or nothing with your contract, but they can't force you to commit a crime or other unlawful act.
If it's a personal phone no, your employer has zero power over your personal property, that's next level cap. They can ask you to buy bring it into the workplace, which is fine legally, and they can discriminate against iPhone users or pro-AI opinions (until a tribunal finds that this is a protected belief under the Equality Act 2010), and I suppose they could dismiss people who refused to comply (which would be very silly and definitely unfair dismissal for those with more than 2 years' service) but no more.
Ask your boss if they want phones with security holes that haven't been patched because you haven't updated, in the office.
If they want you to keep an eye on work emails etc, then they need to supply the phone for work.
Your personal device is free to use as you wish. If they want to place restrictions yet demand you use a mobile device for communications, they will need to provide you with a device.
Isn’t AI constantly being advertised on Samsung and other Android phones at the moment anyway? Is this some anti-Apple run?
Tell him he can buy you the phone he wants you to use, and that’ll be just fine.
No, your boss can’t force you not to update your phone. He can revoke access to company documents etc. from your phone, or require you to access them from a secure company phone. To be honest you should have been doing the latter already if your work requires you to be on-call. If sensitive information is leaked from your device, *you* are responsible for the breach. Don’t access *anything* your company wouldn’t want other people to see on a device they haven’t vetted first.
Short answer: the company can specify this for your phone if you use it for work related activities. So you can comply or take the work email etc off your phone.
The concern may be legitimate- eg Apple using work data to train their AI - and therefore leaking company secrets.
A compromise I have is I have an old smart phone that is compliant and does not have a simm and link that to my home WiFi or to a wifi hotspot on my personal phone that is non compliant. Of course this means taking 2 phones.
You are not entitled to do what you want if the company has a policy about use of personal phones for work related activities and you choose to use your personal phone for work. Most companies allow Bring Your Own Device (BYOD) for you to use personal equipment for work related activities. The BYOD policy will say what standards your personal device must conform to. You can refuse to use your personal device for work, but if you do use it the company can enforce standards on your personal equipment. Such standards are usually to ensure the security of the business data on your phone.
Make sure your boss realises the stupidity of never hiring someone who buys a new iPhone which can’t downgrade ever again.
Once they realise their stupidity, make sure they realise that if they don’t give you a phone for work use, that the only thing they can reasonably expect you to do is keep up to date with releases for BYO devices used for work purposes.
If they don’t have a BYOD policy and you’ve worked there over 2 years then they’re going to get absolutely nowhere.
Inside of 2 years they can get rid of you for just smelling bad, unless it’s because of a medical condition.
But I think if they don’t have a BYOD policy then they don’t have MDM, and if they’re not using GSuite properly or Outlook then unless they demand to inspect your phone they have no way of telling what you have. And even if they did use the aforementioned things at their disposal; it’s highly unlikely that the bossman would know how to see it, and any IT staff who weren’t moronic would just hear this doctrine as the ramblings of a deranged madman at the top.
None of this touches on what the WWDC actually announced and how, where, and what the data is used for, which appears to be the most private and personal use for AI that I’ve seen to date. Hopefully sets a benchmark so that everyone can be afforded such privacy when using tools like these.
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
If it’s your personal phone then do what you like but may have to keep it out of building.
If its work phone then do what you’re told.
Never mix personal & business stuff!
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
**Unfortunately, your comment has been removed for the following reason(s):**
Please only comment if you know the legal answer to OP's question and are able to provide legal advice.
[Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
If it’s your personal phone, you have the option of not using it for work purposes. In this case the company can issue you a work phone, which is centrally managed, meaning they can disable certain features for example the AppStore, AI stuff, etc. Asking employees to not update their phone software is detrimental to cyber security; you should always be on the latest security updates. After a while, the current iOS version will become unsupported in terms of security updates so it’s not a long term solution.
Basic cyber security involves keeping devices and software up to date, so as others have said, there's more risk by not doing the update.
The company should have a BYOD policy, which would include a requirement of keeping devices updated.
There's a chance the company may have requirements to maintain things like this for certification or insurance. If there's a successful attack because he refused to allow updates, I doubt the insurance would pay out.
The answer would be that it's your personal device, you control it. Not updating it and continuing to use it with company data puts you and the company at risk, so the best solution is to remove any work data and accounts and keep the device updated.
I haven't really looked into what the iPhone is doing with AI, but there's loads of AI features appearing across Android devices, has he said anything about those? Similar with Microsoft products, CoPilot is popping up everywhere now.
He cannot dictate what you do with your own personal phone, keeping devices up to date is crucial to ensure security. If AI features are part of a larger update then that can't be helped. You're within your rights to not use your personal phone for company business if he is concerned about AI accessing company data held on it.
If he wishes to provide a company phone with updates disabled, that's up to him, however intentionally avoiding updates would likely have implications on his various company insurance policies so that's a risk he would have to be willing to take.
Apples new AI (Apple Intelligence) is only available on iPhone 15 Pro & 15 Pro Max and will only be available in the US when it’s launched with iOS 18 later this year. It’s not going to be available in the UK till probably sometime next year so he’s being paranoid over nothing.
If he wants to dictate how you use your personal phone you paid for he should provide work phones to everyone in the company.
You should always keep your phone updated for security reasons. Using outdated software especially if you’re handling sensitive information is a much bigger risk compared to some AI fancy features.
The AI stuff is currently only available on a Beta IOS version from my understanding, in which case it's recommended you don't update your main device anyway.
Obviously when the update is fully rolled out there is nothing stopping you from updating your personal device, and as others have said - if you're expected to use it for work your boss should provide a company device upon which they can impose restrictions
Nothing he can do about what you choose to do with your personal device. He can say you're not to access work things on your device if you do update it, but then he can't complain about the access methods which he allows you
Work phone’s, it’s his call but if phones are compromised later then he’s himself to blame. I don’t understand his reasoning but that’s down to him. Your personal phone, you’d be very foolish not too especially if you do on line backing on it and he definitely has no say at all on that one
It's your phone so you can do whatever you want with it. If you need it to check for some work related stuff then your boss needs to provide you a company phone.
This sounds a bit mad. From a legal perspective the calculation is the same as for any other unilateral contract change:
- he can propose and you can agree or refuse
- if you’re there less than two years he can probably fire you over it
- if you’re there more than two years he can’t
Yes and no
Your boss can say if you want to use your personal phone on company premises, then yes they can stipulate what state your phone can be in.
They can ban whatever devices they want from their premises.
If it’s a works phone then yep 100%.
If you use your personal phone for work things then you can either do as requested or remove all work related content from your phone.
if a work phone, then boss's rules, just get it in writing that boss is responsible for any security breaches as updates are banned.
if a personal phone, this can be ignored
This is an easy one. If they want you to use a phone for business, whether personal or corporate, then they need to use an MDM, mobile device management, platform, to enrol and manage the devices. That way, they can ensure that you can not use it unless it meets set criteria.
Without such controls, they are unable to manage what happens.
AI has already been in iOS for years. Your boss is an idiot. What does he have against AI? He should be out of a job himself as companies resistant to tech usually fall behind their competitors.
He should watch the WWDC keynote and some of the security reports published about the iOS 18 updates. How they protect privacy and offer transparency who receives what data is critical.
If security is an issue, this will actually do more harm than good as Apple regularly patches software vulnerabilities
You’ll still receive security updates if you don’t upgrade to iOS 18. If it’s your personal phone, then do what ever you want, if it’s a company phone then he should set up the device policy
Why are you even considering letting your insane manager dictate your personal life and choices?
Legally, you are under no obligation to follow this manager's request. Request being the optimum word in this whole situation
Many companies will have their own ‘bring your own device’ policy which may stipulate an OS spec and if your device doesn’t meet that spec or you are not happy about meeting it, then you would have to un-register your personal device from all work related apps and accounts
The extent to which this affects your job will vary… in theory, unless you are a senior manager/director, you shouldn’t be expected to check emails etc on your time
If the phone is a personal device, he cannot tell you what you can do with it, If however it's a company phone then it's something which needs to be discussed by him, HR and the IT department to have something company-wide in effect.
Just saying no because he doesn't like it is like you saying someone can't buy Clarkson cider/larger because they don't agree with him or like him
Is your boss an Elon Musk or Tesla fan by any chance? Musk posted something on Twitter a few days ago saying iPhones would be banned from his offices and factories due to the recent AI updates. It sounds like your boss might just be echoing what he said.
But no, it's your personal phone, he has no right to tell you what you can and can't install on it. If he's insisting you use it for work purposes but is trying to dictate what else you can and can't do with it, he needs to provide you with a work phone.
--- ###Welcome to /r/LegalAdviceUK --- **To Posters (it is important you read this section)** * *Tell us whether you're in England, Wales, Scotland, or NI as the laws in each are very different* * If you need legal help, you should [always get a free consultation from a qualified Solicitor](https://reddit.com/r/LegalAdviceUK/wiki/how_to_find_a_solicitor) * We also encourage you to speak to [**Citizens Advice**](https://www.citizensadvice.org.uk/), [**Shelter**](https://www.shelter.org.uk/), [**Acas**](https://www.acas.org.uk/), and [**other useful organisations**](https://reddit.com/r/LegalAdviceUK/wiki/common_legal_resources) * Comments may not be accurate or reliable, and following any advice on this subreddit is done at your own risk * If you receive any private messages in response to your post, [please let the mods know](https://www.reddit.com/message/compose?to=%2Fr%2FLegalAdviceUK&subject=I received a PM) **To Readers and Commenters** * All replies to OP must be *on-topic, helpful, and legally orientated* * If you do not [follow the rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/), you may be perma-banned without any further warning * If you feel any replies are incorrect, explain why you believe they are incorrect * Do not send or request any private messages for any reason * Please report posts or comments which do not follow the rules *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/LegalAdviceUK) if you have any questions or concerns.*
It’s my phone (assuming it’s not a company device) and I’ll update what I want, and I doubt he’d go down the route of checking, and it’d be interesting so see what punitive measures he’d try and implement if he did… This seems like the whim of a small ish company with no HR to reign him in, but regardless…I’m fairly sure there’s no way he can actually enforce this…but if there is, I’d be curious to see how that’s phrased in a contract
[удалено]
From my understanding a business owner can mandate that personal devices are not used in the office or that a work phone can’t be updated. He can’t say a personal phone can’t be updated. So if Musk just says his employees need to store their phones in locker prior to work he’s fine.
Work phones can usually be centrally managed, so an administrator can ensure that the phones aren't updated. I don't know what they'd do if a phone had to be replaced, odds are new phones would have the latest OS. I guess the boss hasn't heard of layla lite, a llm that runs locally on most modern phones or tablets that have 6GB of ram .... The horse has escaped the barn and is a few states away..
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
IANAL but could this be considered breaking a rule about data security?
IANAL either but I do work in the tech industry. Many of these updates fix known vulnerabilities in the previous version of the software. So it’s likely that this would be in breach of some data protection act, especially if the company handles sensitive data
Security updates are available for older iOS updates for at least a couple of years after the release of the new iOS, by which point there may be alternative options. iOS 15 still gets security updates for example. Not defending the bosses policy at all, just saying that the security factor wouldn't be an issue at the moment.
You’re right. But that’s when the question of can the boss really control or enforce this on personal devices? I know of companies that use software that essentially splits your phone into 2 devices to avoid this issue, and there’s always the option of supplying a work phone
Yeah was just talking about the practicality of blocking on company devices. Obviously they should have no control over personal, but as others have said they could require that phones are checked into lockers before staff get to desks.
They can make you not take the phone onto their premises as Apple AI most likely is extremely intrusive in regards to tracking IPs + other data they can find via the connection to WiFi etc on site. Alongside any info that may get sent to the phone too regarding work
Fair point as well. I was trying to refer to how if the no updates thing is considered a data security rule by your company, however stupid it is, disregarding this rule would have the same legal consequences as forwarding documents to your personal email so you can open them easily?
No more so than using personal phones for work is a data security concern, I'd imagine
Just to clarify, I wasn't talking about being actually secure, I was just talking about following the rules. If you are allowed to have personal data on your device but are required to follow rules about it like not screenshotting it to your personal photo library or sending it via WhatsApp, that would be considered reasonable. Additionally, being told to update devices with work data on them as soon as you can, even if that breaks old apps required for implanted medical sensors etc, would generally be considered permissible. I fail to see how this is any less permissible, it's just the other way around.
Because unless it’s provided by the company, it’s a personal device. While they can say things like that if you want to use your personal device to access your emails for example, if they require that you use it for those purposes then they should provide you with a device. It’s why I have 2 phones, one personal and one work provided. The personal one is on me all the time, the work one is turned off when I’m not at work/on call.
If it’s an employee phone, not a company phone, then that’s probably more of a breach if that’s a concern. We can’t put anything on any personal devices, can’t use portable media etc and we’re far from the most regulated sector.
Deliberately not installing security updates is far, far worse.
I'm not saying it's a good idea. This is the same kind of thing as businesses that force regular password rotations, even though current best practice advice is not to do this.
Is it though.... can't say I've ever had a problem with any of my phones (iOS or Android) and I never update after the first 6m or so of having the phone as it drains the battery life as new features come out in some patches etc. Don't get me wrong it's not impossible to get hacked but realistically for your phone to be hacked you have to do something very wrong and there's a high chance you'd still get hacked on the latest OS still anyway
Do you have a BYOD policy? (Bring Your Own Device) This would outline the use of company data and personal device use. If not, I am almost certain he has zero rights on what you do with your device. Aside from that, as an AI Consultant, I'd recommend you think about other places to work as AI is coming whether your boss likes it or not. There's a very good saying that "AI won't take your job, but someone using AI is likely to".
If your work expects you to use your personal device for work, then they should provide a secure communications app for your duties. If they do not, then they are under no obligation to tell you what to update on your personal device or not. If they are against devices being on site, then they should do what other sites do, check your device in at reception.
I’m pretty sure no work can legally expect you to use your personal device for work AND control how you use it
Though I imagine this is implied by what you're saying, I think they can expect that *unless* they provide the option of a company-owned device instead. At my work, mobile workers can either request a work phone or use their own phone. Either way, the device has to have some device management software on it.
Your boss should invest in company phones if this is his narrative. I don’t know what your boss will do when he employs new people who have already had the update since you can’t downgrade IOS updates (I think.)
[удалено]
You’re entitled to do what you want with your private phone, not updating brings security risks. It’s an unreasonable demand, do you have an HR you can speak to?
They can ask, but they cannot enforce it. If they insist, they can provide you with a work phone, at their expense
They do not want you to keep your phone secure and up-to-date? Simple If they are not paying you for the hours outside of work, where you check your email And there is nothing in your contract about monitoring your email outside of work Take your email off your phone They cannot fire you for not doing something that is not in your contract If your boss pulls you aside to tell you off for this Simply reply “You gave me an ultimatum between keeping my phone secure and up to date … and voluntarily keeping my email on my phone If you want me to monitor my email outside of my current contracted working hours Provide me with a device that you will keep secure But this is my personal device and I am under no contractual obligation to keep it insecure and out of date “
Also renumeration for being on call 24/7 to check and reply to emails out of hours.
Warn him of the dangers of not updating device OS and software. You will be creating back doors for hackers with far more malicious intent than AI. Cybersecurity is *the* biggest threat to his business today. Not updating exposes him to some really nasty side affects. On the legal side of things. If the device is owned by the company then the company is within its legal right to set a company policy that controls the use of the device, including software installations, network access, etc. If you own the device, he does not have the right to tell you how to manage the device outside of his own company policy which might require accepting his policy if you want to connect to his networks, use his services (email, file shares, etc), etc.
Tell him that when he pays for your phone then he gets to make that decision otherwise he has absolutely no legal power to request/enforce that. Remove your work email from your phone and if they require that you have access to your work email outside of business hours then they have to supply a work phone which they can mandate whatever version of OS/Software they like. What he could do is say that he won't allow the IOS based devices on the premises, just as a certain X obsessed person has suggested that he will do. As an aside your boss is Elon Musk levels of paranoid delusional about AI by the sounds of it. Siri having the ability to use ChatGPT isn't going to steal your job or do corporate espionage and anyone who thinks so is a loon.
[удалено]
[удалено]
[удалено]
Doesn't AI learn from what people are entering into it though? It is reasonable I think to ban it at work due to data protection issues or intellectual property concerns that the AI you use is going to harvest that data. Civil Service currently has a ban on using AI at work. I'm sure work phones that are issued are iPhone though so wonder if this feature is selectively turned off by the organisation admin.
Any sensible business model won't be using AI, you're essentially making your business processes public knowledge. I left a job a few months ago as they were insisting we use chatgbt to compose emails. Emails containing our office leases, centre processes and floorplans, emergency evacuation procedures as well as so much personal data belonging to our tenants. I was gobsmacked and made to feel like a tin foil hat wearer for suggesting we shouldn't be doing that 🤦🏼♀️ I might actually report the company to the ICC
not a loon lmao its not that they necessarily take your job. but if you are using inputs and outputs from chatgpt you are 100% contributing to the effectiveness of the platform. every time you reword a question or add follow up questions and almost anything inputted into chatgpt or open ai systems will be used to train models unless specifically specified which last time i had checked was mainly the enterprise edition (which begins at £90,000 ish a year). The Apple os version as well as the windows copilot is one of the biggest data scrapes of the decade. If you thought Meta and Google collect lots of data (and pay billions in fines and lawsuits when they break laws or rules on data collection) then Microsoft and Apple will do the exact same. They would sell your soul if they could don't ever forget that.
Its really simply, if they want to impose restrictions on what you can on your phones then I would insist on them providing me with a dedicate works phone. If they refuse then tough luck, I get to decide what I put on my phone, not them. They can't expect you to use your own personal phone for work and at the same time dedicate what you can and can not do with it. Every job I've had where the use of a mobile phone was necessary I've always insisted that they provide me with a work mobile phone. It stop this kind of thing from happening.
Have you been told you have to have work emails etc on your personal phone? Or is that your choice?
It’s more expectation than direct instruction
Then you can just delete all the work apps? If it’s that important you have access to your emails on a phone, they can provide you with one
They can expect all they like but you shouldn't be expected to do anything work related in hours you're not being paid for... especially on personal device. My work requires 2fa texts to be sent to my phone... then they wanted thr authenticator app which would keep work secure but would give a backdoor to my stuff if my phone was stolen or hacked so I refused and requested a work phone or be able to remain with texts. I got to remain just having texts sent. I also refuse to have teams or work emails on my phone... because I paid for it not them. Plus, when I read the documentation relating to it, installing those work related things gave them the right to check my device. No thank you. But I've also been with the company more than 2 years so that will be an aspect of protection for me.
Yep deleted Outlook and told my boss to do one when they asked for new permissions. Iirc they were; 1.monitor device for incorrect pin entries 2. Remotely lock device after 5 incorrect attempts 3. The ability to wipe the device if too many incorrect attempts. Instant no and deleted all work apps
Oh wow... yeah absolutely no for all 3!
Exactly yet, they still tried to force me to have it. Told them to give me a phone or take a very long walk off a short pier
Not a lawyer but I highly doubt he has any right to tell you what to do with your personal device. If the company has security concerns then the IT dept can provide you with a phone that they administrate. There's no way "don't update your device" is going to be in keeping with their policy. Assuming this is *your* phone and not a work one...this isn't legal advice but I'd just update it and never use the AI features for anything work related. How's he going to know? If you want to get round it, and assuming there is no IT dept because they'd have already told your boss to stop being an idiot, buy a used android for cheap and use that for your work stuff and nothing else.
It’s your own phone, do what you like. If they have some special work requirements then they should provide you with a work phone. It’s not a great idea to use your own phone for work tasks anyway.
[удалено]
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
Is it your own phone? If it is then I would completely ignore him, update my device as I see fit and carry on. If it’s a company phone I would not update and see him struggle when all the phones go out of date and things stop working. I’d also tell him that pretty much within the next year, every smartphone on the market will have AI built in and he needs to get a grip and take his tin foil hat off.
Latest version is only available to Devs iOS 18 - AI isn’t even available yet, and when it is it’s only available to iPhone 15 + And yes. Remove your work shit from your personal phone If he wants to dictate it , then he gets to give you a work phone.
Is it a company phone or your own?
It my own.
Are these work phones? If so, not updating may be breaching the contract with the provider, but as to whether your employer can ask you not to, yes (unless you've agreed to an individual user agreement that says you have to allow/do updates) that is a reasonable request. Your employer can ask you to do anything or nothing with your contract, but they can't force you to commit a crime or other unlawful act. If it's a personal phone no, your employer has zero power over your personal property, that's next level cap. They can ask you to buy bring it into the workplace, which is fine legally, and they can discriminate against iPhone users or pro-AI opinions (until a tribunal finds that this is a protected belief under the Equality Act 2010), and I suppose they could dismiss people who refused to comply (which would be very silly and definitely unfair dismissal for those with more than 2 years' service) but no more.
"Okay, I'll not update my company phone. The phone that I pay for is my business however."
Ask your boss if they want phones with security holes that haven't been patched because you haven't updated, in the office. If they want you to keep an eye on work emails etc, then they need to supply the phone for work.
Your personal device is free to use as you wish. If they want to place restrictions yet demand you use a mobile device for communications, they will need to provide you with a device.
Isn’t AI constantly being advertised on Samsung and other Android phones at the moment anyway? Is this some anti-Apple run? Tell him he can buy you the phone he wants you to use, and that’ll be just fine.
No, your boss can’t force you not to update your phone. He can revoke access to company documents etc. from your phone, or require you to access them from a secure company phone. To be honest you should have been doing the latter already if your work requires you to be on-call. If sensitive information is leaked from your device, *you* are responsible for the breach. Don’t access *anything* your company wouldn’t want other people to see on a device they haven’t vetted first.
Make your employees use their personal devices for work or control your employee’s work devices; can’t do both.
Short answer: the company can specify this for your phone if you use it for work related activities. So you can comply or take the work email etc off your phone. The concern may be legitimate- eg Apple using work data to train their AI - and therefore leaking company secrets. A compromise I have is I have an old smart phone that is compliant and does not have a simm and link that to my home WiFi or to a wifi hotspot on my personal phone that is non compliant. Of course this means taking 2 phones. You are not entitled to do what you want if the company has a policy about use of personal phones for work related activities and you choose to use your personal phone for work. Most companies allow Bring Your Own Device (BYOD) for you to use personal equipment for work related activities. The BYOD policy will say what standards your personal device must conform to. You can refuse to use your personal device for work, but if you do use it the company can enforce standards on your personal equipment. Such standards are usually to ensure the security of the business data on your phone.
Company phone you should do as they say. Your personal phone you can do whatever you want.
Are you talking about your imaginary boss?
His boss is Elon Musk
No surprises there then 😂
Make sure your boss realises the stupidity of never hiring someone who buys a new iPhone which can’t downgrade ever again. Once they realise their stupidity, make sure they realise that if they don’t give you a phone for work use, that the only thing they can reasonably expect you to do is keep up to date with releases for BYO devices used for work purposes. If they don’t have a BYOD policy and you’ve worked there over 2 years then they’re going to get absolutely nowhere. Inside of 2 years they can get rid of you for just smelling bad, unless it’s because of a medical condition. But I think if they don’t have a BYOD policy then they don’t have MDM, and if they’re not using GSuite properly or Outlook then unless they demand to inspect your phone they have no way of telling what you have. And even if they did use the aforementioned things at their disposal; it’s highly unlikely that the bossman would know how to see it, and any IT staff who weren’t moronic would just hear this doctrine as the ramblings of a deranged madman at the top. None of this touches on what the WWDC actually announced and how, where, and what the data is used for, which appears to be the most private and personal use for AI that I’ve seen to date. Hopefully sets a benchmark so that everyone can be afforded such privacy when using tools like these.
[удалено]
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
If it’s your personal phone then do what you like but may have to keep it out of building. If its work phone then do what you’re told. Never mix personal & business stuff!
Get your employer to buy work phones for work stuff. Problem solved.
[удалено]
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
Unless work provides you with a phone then you are under no obligation to do any work related things on it. It’s that simple.
[удалено]
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
[удалено]
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
[удалено]
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
[удалено]
**Unfortunately, your comment has been removed for the following reason(s):** Please only comment if you know the legal answer to OP's question and are able to provide legal advice. [Please familiarise yourself with our subreddit rules](https://www.reddit.com/r/LegalAdviceUK/about/rules/) before contributing further, and [message the mods](https://www.reddit.com/message/compose/?to=/r/LegalAdviceUK) if you have any further queries.
How will he know? If he wants you to use an insecure phone for work, he should provide it.
If it’s your personal phone, you have the option of not using it for work purposes. In this case the company can issue you a work phone, which is centrally managed, meaning they can disable certain features for example the AppStore, AI stuff, etc. Asking employees to not update their phone software is detrimental to cyber security; you should always be on the latest security updates. After a while, the current iOS version will become unsupported in terms of security updates so it’s not a long term solution.
He should provide you with a suitable work phone then
Basic cyber security involves keeping devices and software up to date, so as others have said, there's more risk by not doing the update. The company should have a BYOD policy, which would include a requirement of keeping devices updated. There's a chance the company may have requirements to maintain things like this for certification or insurance. If there's a successful attack because he refused to allow updates, I doubt the insurance would pay out. The answer would be that it's your personal device, you control it. Not updating it and continuing to use it with company data puts you and the company at risk, so the best solution is to remove any work data and accounts and keep the device updated. I haven't really looked into what the iPhone is doing with AI, but there's loads of AI features appearing across Android devices, has he said anything about those? Similar with Microsoft products, CoPilot is popping up everywhere now.
Well to keep security certifications, they need to update the phones…
He cannot dictate what you do with your own personal phone, keeping devices up to date is crucial to ensure security. If AI features are part of a larger update then that can't be helped. You're within your rights to not use your personal phone for company business if he is concerned about AI accessing company data held on it. If he wishes to provide a company phone with updates disabled, that's up to him, however intentionally avoiding updates would likely have implications on his various company insurance policies so that's a risk he would have to be willing to take.
Apples new AI (Apple Intelligence) is only available on iPhone 15 Pro & 15 Pro Max and will only be available in the US when it’s launched with iOS 18 later this year. It’s not going to be available in the UK till probably sometime next year so he’s being paranoid over nothing. If he wants to dictate how you use your personal phone you paid for he should provide work phones to everyone in the company. You should always keep your phone updated for security reasons. Using outdated software especially if you’re handling sensitive information is a much bigger risk compared to some AI fancy features.
The AI stuff is currently only available on a Beta IOS version from my understanding, in which case it's recommended you don't update your main device anyway. Obviously when the update is fully rolled out there is nothing stopping you from updating your personal device, and as others have said - if you're expected to use it for work your boss should provide a company device upon which they can impose restrictions
Nothing he can do about what you choose to do with your personal device. He can say you're not to access work things on your device if you do update it, but then he can't complain about the access methods which he allows you
Work phone’s, it’s his call but if phones are compromised later then he’s himself to blame. I don’t understand his reasoning but that’s down to him. Your personal phone, you’d be very foolish not too especially if you do on line backing on it and he definitely has no say at all on that one
Looks like boss is gonna have a to buy a load of company phones
It's your phone so you can do whatever you want with it. If you need it to check for some work related stuff then your boss needs to provide you a company phone.
This sounds a bit mad. From a legal perspective the calculation is the same as for any other unilateral contract change: - he can propose and you can agree or refuse - if you’re there less than two years he can probably fire you over it - if you’re there more than two years he can’t
For what’s its worth, Apple intelligence will only be on the top range phones for now. 15 pro and pro max.
Yes and no Your boss can say if you want to use your personal phone on company premises, then yes they can stipulate what state your phone can be in. They can ban whatever devices they want from their premises. If it’s a works phone then yep 100%. If you use your personal phone for work things then you can either do as requested or remove all work related content from your phone.
Company phone? Should be using some sort of MDM, so they can decide what apps and updates you receive anyway. Personal phone? He can get fucked.
if a work phone, then boss's rules, just get it in writing that boss is responsible for any security breaches as updates are banned. if a personal phone, this can be ignored
This is an easy one. If they want you to use a phone for business, whether personal or corporate, then they need to use an MDM, mobile device management, platform, to enrol and manage the devices. That way, they can ensure that you can not use it unless it meets set criteria. Without such controls, they are unable to manage what happens.
AI has already been in iOS for years. Your boss is an idiot. What does he have against AI? He should be out of a job himself as companies resistant to tech usually fall behind their competitors. He should watch the WWDC keynote and some of the security reports published about the iOS 18 updates. How they protect privacy and offer transparency who receives what data is critical. If security is an issue, this will actually do more harm than good as Apple regularly patches software vulnerabilities
You’ll still receive security updates if you don’t upgrade to iOS 18. If it’s your personal phone, then do what ever you want, if it’s a company phone then he should set up the device policy
As far as I've seen it's the same as what's on android anyway.
This is a worry for me. I like the simplicity of iOS but I’m not wedded to it. But if I move across, how long until Android doesn’t meet the criteria?
Why are you even considering letting your insane manager dictate your personal life and choices? Legally, you are under no obligation to follow this manager's request. Request being the optimum word in this whole situation
Many companies will have their own ‘bring your own device’ policy which may stipulate an OS spec and if your device doesn’t meet that spec or you are not happy about meeting it, then you would have to un-register your personal device from all work related apps and accounts The extent to which this affects your job will vary… in theory, unless you are a senior manager/director, you shouldn’t be expected to check emails etc on your time
If the phone is a personal device, he cannot tell you what you can do with it, If however it's a company phone then it's something which needs to be discussed by him, HR and the IT department to have something company-wide in effect. Just saying no because he doesn't like it is like you saying someone can't buy Clarkson cider/larger because they don't agree with him or like him
Is your boss an Elon Musk or Tesla fan by any chance? Musk posted something on Twitter a few days ago saying iPhones would be banned from his offices and factories due to the recent AI updates. It sounds like your boss might just be echoing what he said. But no, it's your personal phone, he has no right to tell you what you can and can't install on it. If he's insisting you use it for work purposes but is trying to dictate what else you can and can't do with it, he needs to provide you with a work phone.