I've had a handful of staff throughout the years disagree with the terms when enrolling their personal phones through Company Portal. This stops them from being able to answer urgent work emails, since our policies are set in a way that only enrolled phones can view work emails and Microsoft Teams. Here is a more recent screen that pops up when staff enroll their phone (iPhone example):
My biggest problem here, is the access we have when a user enrolls their personal phone. We have the ability to view all personal apps (if we change the ownership from "Personal" to "Corporate" in Azure Active Directory), we also have the ability to completely factory reset their phones. How do you explain to people that we have the ability, but we don't do it? Anyone can easily look up an article to find out what we actually can and can't do, so lying...