Employees who use their own electronic devices at work under a Bring Your Own Device (BYOD) arrangement may have unwittingly authorised their employer to remotely wipe their device when they leave the company, reports the WSJ.

In early October, Michael Irvin stood up to leave a New York City restaurant when he glanced at his iPhone and noticed it was powering off. When he turned it back on again, all of his information—email programs, contacts, family photos, apps and music he had downloaded—had vanished […]

It wasn’t a malfunction. The device had been wiped clean by AlphaCare of New York, the client he had been working for full-time since April. Mr. Irvin received an email from his AlphaCare address that day confirming the phone had been remotely erased.

A survey found that 21 percent of companies perform a remote wipe of employee-owned devices registered on the company network, with employees ostensibly agreeing to this when they connect to the company network.

Many employers have a pro forma user agreement that pops up when employees connect to an email or network server via a personal device, he added. But even if these documents explicitly state that the company may perform remote wipes, workers often don’t take the time to read it before clicking the “I agree” button.

The legality of the practice has reportedly not yet been tested in court.

In principle, backup should allow wiped Android devices to be restored, but you may want to pay a little more attention to the small-print next time one of those corporate messages pops up on your screen, to find out what it is you’ve been agreeing to …