On Tuesday, Developer Arun Thampi discovered that the Path app was uploading user contacts in an unseen background task, which triggered a subsequent deluge of criticism from those who viewed the action as a privacy violation.
Path claims that the data upload was meant to streamline the app's "Add Friends" feature, not to horde sensitive information:
We are sorry.
We made a mistake. Over the last couple of days users brought to light an issue concerning how we handle your personal information on Path, specifically the transmission and storage of your phone contacts.
As our mission is to build the worldâs first personal network, a trusted place for you to journal and share life with close friends and family, we take the storage and transmission of your personal information very very seriously.
Through the feedback weâve received from all of you, we now understand that the way we had designed our âAdd Friendsâ feature was wrong. We are deeply sorry if you were uncomfortable with how our application used your phone contacts.
The letter goes on to explain that the information gathered is used to improve the quality of friend suggestions and to notify users when a contact joins Path. The data transfers are also encrypted and stored on "servers using industry-standard firewall technology."
In response to the public outcry, Path has erased all user-uploaded contact information in concert with the release of an updated version of the software that prompts users to select whether they want to opt in to sharing contacts.
Path has released an updated version to fix privacy issue. | Source: Path
Path 2.0.6 is currently available in the App Store.
26 Comments
That would be the perfect gesture if they had ACCIDENTALLY collected the data and never realized it was happening.
But this “mistake” was not some accident or technical glitch, and just because they chose the right PR move after they got busted, that doesn’t make them a company I can trust.
That would be the perfect gesture if they had ACCIDENTALLY collected the data and never realized it was happening.
But this ?mistake? was not some accident or technical glitch, and just because they chose the right PR move after they got busted, that doesn?t make them a company I can trust.
Doesnt apple screen apps?
Apple needs to add more bricks to that wall garden. Maybe a dome?
If they really want us to trust them, shouldn't they make this an opt-IN service, rather than opt-out? I shouldn't have to hunt for a setting inside the app to turn something like this off, it should explicitly ask me to turn it on.
If they really want us to trust them, shouldn't they make this an opt-IN service, rather than opt-out? I shouldn't have to hunt for a setting inside the app to turn something like this off, it should explicitly ask me to turn it on.
It was probably in their EULA
It was probably in their EULA
Doesn't matter. Apple doesn't allow it at all.