Following yesterday's revelation that Path has been storing user address books without express permission, there has been general uproar over the perceived privacy breach.
After a back and forth in the comments on the original article, Dave Morin, Path CEO, announced that a somewhat corrected version of the app is awaiting approval in the iOS App Store and that the latest Android version has opt-in capability for address book uploads. Admirably accepting external input (from the likes of Matt Gemmell), Path has generally taken positive steps toward rectifying the problem.
Going further, Mike Arrington, an investor in Path, writes:
Path should just state that they’re nuking all collected address book data for all users right now. Remove it from their servers entirely.
It definitely sends the right message to users – you can trust this company with your data. They’ve apologized and they were already in the process of fixing the issue. It seems like the perfect last piece is to remove all that data from their servers. And I doubt it’ll take them all that much time to collect the data all over again, this time with user permission.
Seems like the right thing to do.
As an aside, what's funny to me is the sheer panic that follows the inevitable privacy breaches stemming from social network usage. Considering the fact that users signed up for a service designed for sociability and the sharing of private information, it's fairly amusing to watch as the collective consciousness devolves into rage and sanctimonious derision of social media following a borderline routine privacy intrusion. While I've certainly gone on the record against Google's motives with Search+, I tend to stay purposefully silent when it comes to the latest privacy uproar over Facebook and the like.
Simply put, your private information facilitates the existence of most social networks and, just like you, the creators of said networks are fallible human beings. There are inevitably going to be lapses and flaws and any belief to the contrary is unequivocally misguided. But with Path, Dave Morin has taken steps to address the problem quickly and effectively, and that says a lot. Perhaps, as Arrington suggests, Path could go further to correct the situation but, aside from that, the situation has been handled relatively impressively, in my eyes.
While I'm not an avid user of the service, it's certainly comforting to witness such a level of accountability from the CEO of a rapidly growing social network. The constructive conversation between Morin and Matt Gemmell in the comments characterizes the type of measured composure that should constitute the correction of a flaw. The hyperbole elsewhere is unwelcome.
I certainly don't condone the misleading use of private data but, at the same time, the apparent surprise that a social network took a privacy-related misstep is laughable. If you want to keep your private data private, don't use a social network. The solution is painfully simple.