/article-new/2012/02/path_address_book.jpg?lossy)
Early last year, the popular iOS app Path came under fire for uploading users' entire address books to company servers without alerting users or asking for authorization.
The scandal resulted in Apple locking down user data in iOS 6, requiring explicit permission before apps could access a users location, contacts, calendars, photos, and reminders.
Today, the U.S. Federal Trade Commission announced that it has reached a settlement with Path. The agreement requires Path to establish a new privacy program, obtain independent privacy assessments for 20 years, and pay an $800,000 fine.
"Over the years the FTC has been vigilant in responding to a long list of threats to consumer privacy, whether it’s mortgage applications thrown into open trash dumpsters, kids information culled by music fan websites, or unencrypted credit card information left vulnerable to hackers," said FTC Chairman Jon Leibowitz. “This settlement with Path shows that no matter what new technologies emerge, the agency will continue to safeguard the privacy of Americans."
The FTC alleged that Path's app was misleading and failed to offer the consumer any choice in whether his data was uploaded, and that Path violated the Children’s Online Privacy Protection Act by collecting personal information from children without getting parents' consent.
Path has posted a response to the settlement on its blog.
Top Rated Comments
(View all)This punishment is excessive, $800,000? I can think of some crimes far worse that our government has given less for....
I develop software for a living.I think it was a dumb thing to do but this will probably kill the company.
Ahhh sensationalism at its finest.
If my boss told me to write code that uploads a user's address book to our servers, I would politely ask him to contact our legal department. If he refused or said the legal department is Ok with this, I would ask him to give me the order to write this code in writing and signed, and the written response from legal as well.
And in my company, it would be _him_ losing his job over this, not me.
Didn't Path delete their database shortly after the story broke?
Do thieves stay out of jail if the police recovers the money that was stolen?Independent privacy assessments for 20 years and an $800k fine. Good thing we have the Government to protect us from ourselves!
Path can consider itself well-protected from itself.Wait, so instead of making Path delete it's database of user address books, the Feds just took $800k for themselves? Am I missing something?
No, you are not missing anything. The legal system is not about "justice" or setting things right. It is often a way for the state to enrich itself at the expense of others.Have you heard of the phrase "Don't steal, the government hates competition"?
Governments view the mafia as their competition in areas such as extortion, racketeering and outright theft. When the government does it, it is legal.
Riiiiiight...
Data mining by huge companies like Google, Apple, Facebook and others excepted of course.
I develop software for a living too. This is a bit unrelated but If I had an employee tell me something like that, I'd fire them on the spot. It's not your job to play lawyer, as you said "it would be _him_ losing his job over this, not me."
I wasn't raised in the USA. Maybe that makes a difference. Where I come from, you don't keep your mouth shut when you see unethical or illegal behaviour.Why are you so convinced this was done with malicious intent?
You sound like Nancy Grace spouting off on something with no facts or knowledge of the situation. :rolleyes:
I don't know who Nancy Grace is, but with professional developers this kind of thing doesn't happen by accident. So there was intent.