Arun Thampi:
Upon inspecting closer, I noticed that my entire address book (including full names, emails and phone numbers) was being sent as a plist to Path. Now I don’t remember having given permission to Path to access my address book and send its contents to its servers, so I created a completely new “Path” and repeated the experiment and I got the same result – my address book was in Path’s hands.
In short, Path has been uploading the entire contents of your Address Book to its servers. They did this without your permission.
The CEO, Dave Morin, actually responded in the comments section:
We upload the address book to our servers in order to help the user find and connect to their friends and family on Path quickly and efficiently as well as to notify them when friends and family join Path. Nothing more.
Actual use or intentions are irrelevant. The company took data without asking for it.
This is currently the industry best practice and the App Store guidelines do not specifically discuss contact information. However, as mentioned, we believe users need further transparency on how this works, so we’ve been proactively addressing this.
The following is from the App Store guidelines:
17 Privacy
17.1 Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used
17.2 Apps that require users to share personal information, such as email address and date of birth, in order to function will be rejected
While the wording may be vague enough for Mr. Morin’s conscience, it is clear that Apple intends for any personal data transmission to require opt-in permission. It is disingenuous at best to claim proactive involvement. Had they truly been proactive, such behavior never would have existed.
Users can ask for this data to be deleted, which I intend to do. It isn’t that I am worried about Path’s use of my data, rather, it is their blatant disregard of my ownership that bothers me. That is a shame, because the app itself is wonderful.
Trust is a major component to convince customers to use a particular social media service. Path blew it.