Path app again accused of unacceptable address book access
Social networking app Path is under a negative spotlight again, as a new user complaint has highlighted the service's tendency to dig into users' data in order to encourage adoption by their contacts.
Path was in the news again on Tuesday when digital marketer Stephen Kenwright briefly tried out the app and wrote about his experience on his blog. Passing on the app, Kenwright uninstalled it, but not before Path contacted his entire contact list, encouraging them to download the app for their own use.
Path representatives told The Verge that the app does so automatically because it "is really best with friends," but the incident highlights the aggressive tactics the service relies on to attract users. By default, Path selects a user's entire Facebook contact list to receive invitations to download the app. Users must tap "Unselect All" in order to avoid sending out the invitations.
Tuesday's incident marks the second time in as many months that Path has garnered negative attention over the way it handles user data. In February it was revealed that Path's iOS app was geotagging uploaded some user photos without asking permission. The app was subsequently updated to remove the feature.
Path has come under fire for its aggressive tactics in the past. In February of last year, the Federal Trade Commission fined the company $800,000 for illegally collecting personal information from children without their parents' consent. That fine stemmed from a Path policy that saw the app automatically uploading user address books to its servers without asking for permission.
Apple CEO Tim Cook reportedly grilled Path co-founder Dave Morin on the privacy issue, and Apple instituted a policy that requires apps to acquire explicit user approval before they can access user contact data.
Path apologized for the privacy violation, saying it was meant to streamline the app's "Add Friends" feature. The company erased all user-uploaded contact information thereafter.
Path was in the news again on Tuesday when digital marketer Stephen Kenwright briefly tried out the app and wrote about his experience on his blog. Passing on the app, Kenwright uninstalled it, but not before Path contacted his entire contact list, encouraging them to download the app for their own use.
Path representatives told The Verge that the app does so automatically because it "is really best with friends," but the incident highlights the aggressive tactics the service relies on to attract users. By default, Path selects a user's entire Facebook contact list to receive invitations to download the app. Users must tap "Unselect All" in order to avoid sending out the invitations.
Tuesday's incident marks the second time in as many months that Path has garnered negative attention over the way it handles user data. In February it was revealed that Path's iOS app was geotagging uploaded some user photos without asking permission. The app was subsequently updated to remove the feature.
Path has come under fire for its aggressive tactics in the past. In February of last year, the Federal Trade Commission fined the company $800,000 for illegally collecting personal information from children without their parents' consent. That fine stemmed from a Path policy that saw the app automatically uploading user address books to its servers without asking for permission.
Apple CEO Tim Cook reportedly grilled Path co-founder Dave Morin on the privacy issue, and Apple instituted a policy that requires apps to acquire explicit user approval before they can access user contact data.
Path apologized for the privacy violation, saying it was meant to streamline the app's "Add Friends" feature. The company erased all user-uploaded contact information thereafter.
Comments
Doesnt Apple review each software in the app store for violations such as this?
They are [B]path[/B]ological.
[B]Path[/B]etic.
Psycho[B]path[/B]s.
Aaaaaaand... I'm spent.
Quote:
Originally Posted by Just_Me
Doesnt Apple review each software in the app store for violations such as this?
If I am not mistaken, the issue is related to Android not iOS.
Accept no where in the article does it say that it is the Android version. Neither does the article about the same thing on CNET.
Quote:
Originally Posted by NasserAE
If I am not mistaken, the issue is related to Android not iOS.
I checked all the sub-articles. I couldn't find a reference to which OS it was pertaining too. However, given the demographics of the folks discussing it, I'm leaning more towards it being on Android. Not sure though... Anyone else able to determine that?
The reference to Android is in the original article here (linked to in the AI article through the word "wrote":
http://www.branded3.com/blogs/the-antisocial-network-path-texts-my-entire-phonebook-at-6am/
The screens pictured are Android screens and the author mentions it in this paragraph:
Quote:
When I was asked about inviting people to Path as I installed the app I said no, and without entering much in the way of personal information Path decided to text my entire phone book for me the day AFTER I uninstalled it from my Android.
I've been on Path for over a year (14 months) and have never experienced this spam issue. It may only be affecting new Andriod users. It needs to be looked into and Path should be held accountable if there's something nefarious going on.
I've certainly heard before that new users have inadvertently invited everyone in their contacts but that has always been chalked up to people quickly clicking through screens without reading. Maybe this is a similar issue?
The spam calling is certainly specific to non US areas. Regardless, that shouldn't be happening if a user opted out of sending invites.
The confusion probably arose because of the previous problems Path has had with iOS.
As noted in the lead article:
Quote:
Path has come under fire for its aggressive tactics in the past. In February of last year, the Federal Trade Commission fined the company $800,000 for illegally collecting personal information from children without their parents' consent. That fine stemmed from a Path policy that saw the app automatically uploading user address books to its servers without asking for permission.
Going to the article reference link (here), we find:
Quote:
"In its complaint, the FTC charged that the user interface in Path's iOS app was misleading and provided consumers no meaningful choice regarding the collection of their personal information.
In version 2.0 of its app for iOS, Path offered an “Add Friends” feature to help users add new connections to their networks. The feature provided users with three options: “Find friends from your contacts;” “Find friends from Facebook;” or “Invite friends to join Path by email or SMS.”
However, Path automatically collected and stored personal information from the user’s mobile device address book even if the user had not selected the “Find friends from your contacts” option. For each contact in the user’s mobile device address book, Path automatically collected and stored any available first and last names, addresses, phone numbers, email addresses, Facebook and Twitter usernames, and dates of birth."
So Path had been fined for uploading iOS contact info.
As to what happened with this blogger on Android, Path claims it was some kind of server delay error, and should've stopped texting his friends after he opt'd out of the app.
They also claim that they no longer upload anyone's contact info to their servers. Instead, their app uses the info within the device itself if a new user chooses the Find option as noted above.
Nope. Although given the folks screwing around so much they might start. Or at least those with a previous violation.
Quote:
Originally Posted by sflocal
I checked all the sub-articles. I couldn't find a reference to which OS it was pertaining too. However, given the demographics of the folks discussing it, I'm leaning more towards it being on Android. Not sure though... Anyone else able to determine that?
It was mentioned that the app was used on Android phone. But given this is AI you will only get half the facts. You have to fish for the other half yourself.
In other words, they generated spam using his contact list (and probably making it sound like he gave the app a personal endorsement), and all that without implicit permission?
Isn't that how typical viruses, malware and traditional "spammers" work?
This is one app developer that will never, ever find a place on my iOS devices...
Path is just a plain bad company. They originally did this on the iPhone without the users consent. It is actually the app that prompted Apple to put similar protections in iOS as are available on Android. Those protections are pretty limited. Many legitimate apps will need access to your contact info in order to be usable, many will need to access your GPS location to be usable. The user has to give the app permission to do so (in both Android and iOS). Once you give the app permission it really is carte blanche up to the app developer what they are going to do with that info.
Path repeatedly does more with user info than users intended. If you're okay with that- use Path. If not, steer clear. They also had another infraction last month where they were caught sending peoples pictures along with their location info. That one happened to be on iOS but could just as easily have been Android.
In all cases (except the original iPhone fiasco), there isn't really loose coding or buggy software at fault. The software in both cases requires the users give the app permission to use their contact lists or else they can't download the software. The blame for all of these lies with Path itself.
Quote:
Originally Posted by sflocal
I checked all the sub-articles. I couldn't find a reference to which OS it was pertaining too.
Huh? It was stated right in the article this posting is about. He specifically refers to using Android.
Quote:
Originally Posted by kevinpeterson
I've been a loyal path user for almost two years, it's my favorite social networking app by far, and you'd have to be an idiot who has never used any technology before to allow the app to contact your contacts. It's CLEARLY labeled. Thank you.
So Kevin Peterson who signed up here the day the article was posted and has exactly one post, in defence of Path, may I humbly suggest that referring to someone who has had trouble with an app as "an idiot" is not exactly the way to win converts to your... um, 'path."
Fool me once, shame on you; fool me twice, shame on me.
That sounds like a copout. Someone at Path is consistently making bad decisions. I have to go with the CEO, and Path comes off looking desperate for users. I dropped Path like a lead balloon after the first offense. Clearly, the company can't be trusted.
The problem with all these "social" companies, is that their business concept fails if you don't give them easy access to your contacts data. They require rapid growth to catch on with the public and quickly reach a critical mass. Address book mining is essential -- and too ripe a target.
As an example, I've been resisting Google+ overtures since it was first released, but they keep pestering me to sign up (because I have a g-mail account and a Google Voice phone number. When it first launched a few years ago, g-mail took my Contacts without permission. At the time, I was able to delete them all from the server, but I learned Google wasn't trustworthy either. I've also had a similar problems with LinkedIn and Facebook.
Google never takes "no" for an answer though, and incessantly presents Google+ "join" dialog boxes, which I always bypass. But just this week, I finally hit the wrong button and inadvertently joined. So far, it doesn't appear that Google has hijacked my Contacts list, but I'm waiting for the bad news while trying to figure out how to cancel damn Google+ membership, which I want nothing to do with.
Even with just g-mail and Google Voice, my regular iPhone number is bombarded with obnoxious robot calls from Google "partners" trying to sell stuff.
I hate these companies that assume we want their services. These modern social network companies have be one the scourge of the mobile world. They have become just like the hated "opt out" magazine subscription houses of the 1970s, which shared mailing lists, bombarded the public with trial subscriptions that couldn't be easily cancelled and literally stuffed real world mailboxes with unsolicited junk mail too.
Leave us alone! If we're interested in your services, we'll seek you out.
KDarling
As to what happened with this blogger on Android, Path claims it was some kind of server delay error, and should've stopped texting his friends after he opt'd out of the app.
We have processed your unsubscribe request. Please allow 4-12 weeks for spam to actually stop.
tribalogical
"Path contacted his entire contact list, encouraging them to download the app for their own use."
In other words, they generated spam using his contact list (and probably making it sound like he gave the app a personal endorsement), and all that without implicit permission?
Isn't that how typical viruses, malware and traditional "spammers" work?
Using images of you in ads, making it look like your personal endorsement, is what Facebook does.
Path looks at Facebook and says, "We're not so different, you and I."
Dunks
Just deleted. Downloaded it on the verbal recommendation of a friend but never used.
Was it really your friend? Did he sound oddly... robotic that day?