>If the device is configured to attach to the company network isn't it within the company's rights to know that a device is logged on at any given time even under GDPR? Or would it be the publication of that information - even internally - that would be the issue?
Logging anonymized MAC addresses is one thing, but converting the MAC addresses to employee names, revealing their location on premises that is shared with everyone in the organization without their consent is a completely different thing and is illegal under most EU privacy laws (at least in Austria and Germany).
Sure, in theory the company could already know when I come it at work from the logs of me swiping my access badge at the main security entrance door but any such logs are kept private and can only accessed by security and upper management if some act of theft or gross misconduct has occurred which warrants an investigation.
Sharing this information publicly with everyone in the org would be a privacy breach. If you want to know if I'm "at work" just look at my Slack/$CHAT_APP notification color.
Logging anonymized MAC addresses is one thing, but converting the MAC addresses to employee names, revealing their location on premises that is shared with everyone in the organization without their consent is a completely different thing and is illegal under most EU privacy laws (at least in Austria and Germany).
Sure, in theory the company could already know when I come it at work from the logs of me swiping my access badge at the main security entrance door but any such logs are kept private and can only accessed by security and upper management if some act of theft or gross misconduct has occurred which warrants an investigation.
Sharing this information publicly with everyone in the org would be a privacy breach. If you want to know if I'm "at work" just look at my Slack/$CHAT_APP notification color.