Developer Arun Thampi encountered the back-end feature while attempting to hack the application to run on Mac OS X. After he went public with the news, it sparked a backlash from users who viewed the address book upload as a violation of their privacy.
Path CEO Dave Morin quickly responded to Thampi by clarifying that the upload was meant to help users find their friends. The Android version of Path recently switched to opt-in, and Morin said that an update to the iPhone version would also switched to opt-in and was awaiting approval from Apple.
The address book upload feature would appear to violate Apple's own App Store guidelines. The iPhone maker specifically states that "apps cannot transmit data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used."
AppleInsider has contacted Apple for comment, but it has yet to hear back from the company.
Apple has in the past taken a strong and vocal stance on protecting its customers' privacy on the App Store. When the company unveiled its in-app subscriptions feature for the storefront last year, it stated that privacy is "a key feature of all App Store transactions." Publishers initially balked at Apple's insistence that subscriber details not be automatically forwarded on to them.
The application in question is not alone in implementing this feature, as several developers reportedly told The Next Web's Brad McCarty that other apps do the "exact same thing."
Path launched in 2010 as a social journal that was meant to be more private than other broader social networking services like Facebook or Twitter. Though the application received warm reviews, it failed to gain much traction until it relaunched last November. The app's user base grew from 10,000 to 300,000 in just two and a half weeks after its 2.0 version was released.
19 Comments
Slimy people. Even after they change the app, Path will not be on my phone.
There's no direct way to delete your account from the Path app nor their website.
I requested them to do so earlier today, but I have yet to hear back from them. In any case, I am done using their services. They have lost my trust.
Someone else who cares more about user data, privacy and disclosure will replace Path.
Summon the firing squad!
Apple should enforce the rule and ban the developer from the app store to make an example of them.
Apple should enforce the rule and ban the developer from the app store to make an example of them.
Absolutely!
Who knows what other data they may have managed to extract from users' phones? bank info? credit card info? SS info?
about the data they stole from users' phones - have they sold it to any 3rd parties yet?
Anyone in his right mind will dump the app and never deal with the company again. Apple should do the same, but likely will not.