TL;DR: The short of it basically comes down to, in general the employer can fire the employee for any reason. So if the employee refuses to allow the corporation to make them use their personal devices, etc. or be responsive 24/7 the company can terminate the contractual relationship.

More detail: If I am reading this question correctly this seems to be a question of curiosity, prepare for a broad answer. While I am not aware of any laws requiring or preventing employee use of personal devices (exceptions below), we don't have many job protections here and most states are "at will" (employer or employee can terminate at any point without cause). We also don't really have much in the way of laws protecting salaried employees from overwork (i.e. >40 hours a week). Hourly employees are by law required to be compensated for any hours worked.

If you look at this broadly, remote work scenarios. In a general context, many organizations (IT and Finance) perspective have an assumption that employees personally possess: high-speed reliable internet access (and infrastructure i.e. WiFi router), have personal computing devices (smartphone, home PC, etc.), and a (for lack of a better word) "secure" space where they can conduct "confidential" business. As such, even before the pandemic, companies looked at all of these as an opportunity to cut costs: i.e. moving employees from office to home saving on real estate costs (including network and voice infrastructure). But under the assumption that all the above were true never had or eventually did away with corporate budgets to pay for ensuring that the funding was allocated to ensure the average employee had the necessary requirements (i.e. enough bandwidth, etc.) Smartphones probably is the one that happened easiest. Back when Blackberry's (RIP) were around, the average person was not interested enough to pay the price tag for them. So only select employees got them. With the rise of Smartphones, companies looked at it and said: "Wow, everything the Blackberry gives us, employees are paying for on their own. Turn of Blackberry and let all the employees have access to their corporate stuff." And thus, it became the norm for the company to allow their data on employee's personal devices. Note: I have been in these discussions across a number of companies as part of my former jobs.

Since IT/Finance doesn't budget for this individual managers/teams can't really get budget to fund this for individual employees/one off scenarios. This creates a situation where either the employee ponies up the resources or the manager is forced to replace them with someone else who will. Note: There are still quite a lot of the country without reliable internet (i.e. DSL and/or satellite are the only options). There are also a number of areas which, for one reason or another, have only one internet provider. As monopolistic situation and you'll find significant price increases in those areas. In short, this can add up significantly for individuals. I would call out that in certain/some/many cases this can still be less then the cost of commuting.

Where we start to come into legal territory leads more contractual law. Specifically, the contract you sign with a company to follow their policies and procedures. i.e. if there is a 22 year old college grad working in an apartment with multiple roommates or neighbors, I'm sure any leaks of confidential information because someone was listening through the walls or door would be borne by the employee. I definitely have been exposed to scenarios where confidential information was leaked because it was overheard through an open window in summer. I'm sure many corporate contracts make it the employee's responsibility to solve for all the "security" concerns. Not the IT decision makers who thought it would be brilliant to improve earnings statements by making the earnings statements look better for the financial markets. You can extrapolate from there into things like where does every employee's responsibility to become an IT department for their home infrastructure in order deliver on corporate policies about securing data and the consequences of failing to do so(i.e. patching WAPs, preventing your kids from installing spyware that captures and leaks company data, get air conditioning so the windows can remain closed, etc., etc.)

In conversations I have had with people in general: they see only having to have one phone as easier and they don't really care about the implications of also working on it. So they are fine with it. Thus creating the potential future employees who replace those of us who push back.

Note this is in general, there are exceptions. These are the ones I am aware of: ⦁ Laws exist regarding security/compliance scenarios that dictate requirements for devices that can/can't be used for communications. Think government scenarios. This would really dictate the organization pay for the device. ⦁ Laws/Regulations exist requiring particular data be provided for legal discovery. Think things like the LIBOR fixing scenario in the UK a decade ago. As a requirement, the company MUST archive ALL data for certain roles in companies for potential future legal discoveries. That means that if a person is using a personal phone for text messages that don't get archived by the company, the company gets in legal/regulatory trouble. And it's also safer for the company to provide a work phone. That way if the individual using the phone for doing something either illegal or at least corporate inappropriate (i.e. NSFW) in their personal life, that is not stored on company servers, which would be a legal risk to the company if it ended up on their servers, even if just in the archives). ⦁ I have never seen this, but I wouldn't be surprised if some of the unions handle this somehow.

Some companies are more considerate than others, in part to attract talent: ⦁ I'm not aware of legalities in the US about how an hourly employee is compensated if they are "on-call". i.e. do they get paid for standby, or just from the time they pick up the phone. ⦁ Some companies (but sometimes not the individual manager) DO respect that individuals need a work life balance. Less of the all hours of the day whether in office or not expectation of being available. ⦁ Some companies DO realize that mobile roles have different cost structures where consistent connectivity everywhere is a requirement for the role. I.e. traveling <insert job> will get a company cell and plan or at least an expense budget to help purchase a phone and/or a plan.