Early last year, the popular iOS app Path came under fire for uploading users' entire address books to company servers without alerting users or asking for authorization.
The scandal resulted in Apple locking down user data in iOS 6, requiring explicit permission before apps could access a users location, contacts, calendars, photos, and reminders.
Today, the U.S. Federal Trade Commission announced that it has reached a settlement with Path. The agreement requires Path to establish a new privacy program, obtain independent privacy assessments for 20 years, and pay an $800,000 fine.
"Over the years the FTC has been vigilant in responding to a long list of threats to consumer privacy, whether it’s mortgage applications thrown into open trash dumpsters, kids information culled by music fan websites, or unencrypted credit card information left vulnerable to hackers," said FTC Chairman Jon Leibowitz. “This settlement with Path shows that no matter what new technologies emerge, the agency will continue to safeguard the privacy of Americans."
The FTC alleged that Path's app was misleading and failed to offer the consumer any choice in whether his data was uploaded, and that Path violated the Children’s Online Privacy Protection Act by collecting personal information from children without getting parents' consent.
Path has posted a response to the settlement on its blog.
Top Rated Comments
If my boss told me to write code that uploads a user's address book to our servers, I would politely ask him to contact our legal department. If he refused or said the legal department is Ok with this, I would ask him to give me the order to write this code in writing and signed, and the written response from legal as well.
And in my company, it would be _him_ losing his job over this, not me.
Do thieves stay out of jail if the police recovers the money that was stolen?
Path can consider itself well-protected from itself.
Have you heard of the phrase "Don't steal, the government hates competition"?
Governments view the mafia as their competition in areas such as extortion, racketeering and outright theft. When the government does it, it is legal.
Riiiiiight...
Data mining by huge companies like Google, Apple, Facebook and others excepted of course.
I don't know who Nancy Grace is, but with professional developers this kind of thing doesn't happen by accident. So there was intent.