The Exchange admin doesn't own the data, I do. He owns the server. If he doesn't want my data on his server, then he can disable my account and delete whatever data I've left on the server, and I'll keep my data elsewhere. Same goes for the phone. The phone is owned by my employer (at least officially), but the data on it is mine. If he wants to, he can take the phone back, and I'll keep my data elsewhere. I don't think a sandbox will be enough. Microsoft will never consider the phone as provisionable as long as the user has unlimited root on it.