Path Reaches Settlement with FTC Over Address Book Privacy Concerns - MacRumors Forums
Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Feb 1, 2013, 11:55 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Path Reaches Settlement with FTC Over Address Book Privacy Concerns




Early last year, the popular iOS app Path came under fire for uploading users' entire address books to company servers without alerting users or asking for authorization.

The scandal resulted in Apple locking down user data in iOS 6, requiring explicit permission before apps could access a users location, contacts, calendars, photos, and reminders.

Today, the U.S. Federal Trade Commission announced that it has reached a settlement with Path. The agreement requires Path to establish a new privacy program, obtain independent privacy assessments for 20 years, and pay an $800,000 fine.
Quote:
"Over the years the FTC has been vigilant in responding to a long list of threats to consumer privacy, whether it's mortgage applications thrown into open trash dumpsters, kids information culled by music fan websites, or unencrypted credit card information left vulnerable to hackers," said FTC Chairman Jon Leibowitz. "This settlement with Path shows that no matter what new technologies emerge, the agency will continue to safeguard the privacy of Americans."
The FTC alleged that Path's app was misleading and failed to offer the consumer any choice in whether his data was uploaded, and that Path violated the Children's Online Privacy Protection Act by collecting personal information from children without getting parents' consent.

Path has posted a response to the settlement on its blog.

Article Link: Path Reaches Settlement with FTC Over Address Book Privacy Concerns
MacRumors is offline   0 Reply With Quote
Old Feb 1, 2013, 11:58 AM   #2
designaholic
macrumors regular
 
Join Date: Nov 2007
Location: Bristol, UK
Quote:
Originally Posted by MacRumors View Post
$800,000 fine.
Ouch.
__________________
jamiebrightmore.com
designaholic is offline   4 Reply With Quote
Old Feb 1, 2013, 12:06 PM   #3
gnasher729
macrumors G5
 
gnasher729's Avatar
 
Join Date: Nov 2005
Very nice result. Now what we would like to know whether that idiot in their marketing department who thought stealing people's complete address book was a good idea got fired.
gnasher729 is offline   2 Reply With Quote
Old Feb 1, 2013, 12:07 PM   #4
bacaramac
macrumors 65816
 
bacaramac's Avatar
 
Join Date: Dec 2007
Didn't research the size of this company, but $800k is a ton of cash.
__________________
iMac 27" 3.06Ghz 2TB Time Capsule and AP Express Current Gen AppleTV x 3 iPhone 5s Space Gray 16Gb iPod Touch 4th Gen White iPad mini White/Silver 16GB WiFi
bacaramac is offline   5 Reply With Quote
Old Feb 1, 2013, 12:09 PM   #5
GoldenJoe
macrumors regular
 
Join Date: Apr 2011
Wait, so instead of making Path delete it's database of user address books, the Feds just took $800k for themselves? Am I missing something?
GoldenJoe is offline   10 Reply With Quote
Old Feb 1, 2013, 12:12 PM   #6
Sayer
macrumors 6502a
 
Sayer's Avatar
 
Join Date: Jan 2002
Location: Austin, TX
Independent privacy assessments for 20 years and an $800k fine. Good thing we have the Government to protect us from ourselves!
__________________
Obama is a true statesman whose experience as a state senator, half-term US Senator & guest lecturer in a Constitutional Law class has fully prepared him to take control of our nuclear arsenal.-Me
Sayer is offline   0 Reply With Quote
Old Feb 1, 2013, 12:20 PM   #7
mw360
macrumors 6502a
 
Join Date: Aug 2010
Quote:
Originally Posted by GoldenJoe View Post
Wait, so instead of making Path delete it's database of user address books, the Feds just took $800k for themselves? Am I missing something?
Didn't Path delete their database shortly after the story broke?
mw360 is offline   1 Reply With Quote
Old Feb 1, 2013, 12:24 PM   #8
jonnysods
macrumors 68030
 
Join Date: Sep 2006
Location: Aussie living in Canada
Who gets the $800k?
jonnysods is offline   5 Reply With Quote
Old Feb 1, 2013, 12:27 PM   #9
macsrcool1234
macrumors 6502a
 
Join Date: Oct 2010
This punishment is excessive, $800,000? I can think of some crimes far worse that our government has given less for....
I think it was a dumb thing to do but this will probably kill the company.

Quote:
Originally Posted by gnasher729 View Post
Very nice result. Now what we would like to know whether that idiot in their marketing department who thought stealing people's complete address book was a good idea got fired.
Ahhh sensationalism at its finest.

Quote:
Originally Posted by mw360 View Post
Didn't Path delete their database shortly after the story broke?
Yeah
macsrcool1234 is offline   3 Reply With Quote
Old Feb 1, 2013, 12:32 PM   #10
aristotle
macrumors 68000
 
Join Date: Mar 2007
Location: Canada
Quote:
Originally Posted by GoldenJoe View Post
Wait, so instead of making Path delete it's database of user address books, the Feds just took $800k for themselves? Am I missing something?
No, you are not missing anything. The legal system is not about "justice" or setting things right. It is often a way for the state to enrich itself at the expense of others.

Have you heard of the phrase "Don't steal, the government hates competition"?

Governments view the mafia as their competition in areas such as extortion, racketeering and outright theft. When the government does it, it is legal.
__________________
15" Retina MBP, 2.7 Ghz Quad Core i7, 16 GB RAM, 768 GB SSD (10.9.2)
24" iMac, 2.8 GHz, 4GB RAM, 320 GB HD; 128 GB iPad Air LTE (iOS 7.0.4); 64 GB iPhone 5S (iOS 7.1.1)
aristotle is offline   6 Reply With Quote
Old Feb 1, 2013, 12:32 PM   #11
gnasher729
macrumors G5
 
gnasher729's Avatar
 
Join Date: Nov 2005
Quote:
Originally Posted by macsrcool1234 View Post
This punishment is excessive, $800,000? I can think of some crimes far worse that our government has given less for....
I think it was a dumb thing to do but this will probably kill the company.

Ahhh sensationalism at its finest.
I develop software for a living.

If my boss told me to write code that uploads a user's address book to our servers, I would politely ask him to contact our legal department. If he refused or said the legal department is Ok with this, I would ask him to give me the order to write this code in writing and signed, and the written response from legal as well.

And in my company, it would be _him_ losing his job over this, not me.


Quote:
Originally Posted by mw360 View Post
Didn't Path delete their database shortly after the story broke?
Do thieves stay out of jail if the police recovers the money that was stolen?


Quote:
Originally Posted by Sayer View Post
Independent privacy assessments for 20 years and an $800k fine. Good thing we have the Government to protect us from ourselves!
Path can consider itself well-protected from itself.
gnasher729 is offline   7 Reply With Quote
Old Feb 1, 2013, 12:33 PM   #12
Slow Programmer
macrumors regular
 
Join Date: Jun 2011
Interesting that the companies response does not say anything about the misuse of user data, but only that a computer issue let underage users sign up. Apparently, they still don't get it. Maybe a larger fine or a class action lawsuit is in order to make them see the error of their ways.
Slow Programmer is offline   4 Reply With Quote
Old Feb 1, 2013, 12:38 PM   #13
Westyfield2
macrumors 6502a
 
Join Date: Jun 2009
Location: Bath, UK.
Where does the cash go? To the users affected?
__________________
iPhone 5 64GB on 4GEE
iPad 3G+WiFi 64GB
13" MacBook Air (2.13GHz, 4GB, 256GB) - 15" MacBook Pro (2.4GHz, 4GB)
Mac Mini (2.6GHz quad i7, 16GB, 256GB SSD)
Westyfield2 is offline   0 Reply With Quote
Old Feb 1, 2013, 12:49 PM   #14
nepalisherpa
macrumors 65816
 
Join Date: Aug 2011
Location: USA
Quote:
Originally Posted by Westyfield2 View Post
Where does the cash go? To the users affected?
It would be nice if all the users, whose data were part of the breach, got some kind of settlement.
__________________
Macbook Air 11" 2013/i7/8GB RAM/250GB SSD
iPhone 5 32GB Black
nepalisherpa is offline   0 Reply With Quote
Old Feb 1, 2013, 12:51 PM   #15
SmileyBlast!
macrumors 6502a
 
SmileyBlast!'s Avatar
 
Join Date: Mar 2011
People were hoping to profit somehow from all of that contact info.
I think the fine is meant to show Path and other Mobile developers that you have to pay a heavy fine for helping yourself to this data without asking permission and havinga EULA.
SmileyBlast! is offline   1 Reply With Quote
Old Feb 1, 2013, 12:54 PM   #16
macsrcool1234
macrumors 6502a
 
Join Date: Oct 2010
Quote:
Originally Posted by gnasher729 View Post
I develop software for a living.

If my boss told me to write code that uploads a user's address book to our servers, I would politely ask him to contact our legal department. If he refused or said the legal department is Ok with this, I would ask him to give me the order to write this code in writing and signed, and the written response from legal as well.

And in my company, it would be _him_ losing his job over this, not me.
I develop software for a living too. This is a bit unrelated but If I had an employee tell me something like that, I'd fire them on the spot. It's not your job to play lawyer, as you said "it would be _him_ losing his job over this, not me."

Quote:
Originally Posted by gnasher729 View Post
Do thieves stay out of jail if the police recovers the money that was stolen?
Path can consider itself well-protected from itself.
Why are you so convinced this was done with malicious intent?

You sound like Nancy Grace spouting off on something with no facts or knowledge of the situation.
macsrcool1234 is offline   0 Reply With Quote
Old Feb 1, 2013, 01:03 PM   #17
wjlafrance
macrumors 6502
 
Join Date: Dec 2009
Location: Madison, WI
The $.8m fine was for allowing children under 13 to sign up. It was collateral damage to the investigation.
__________________
Early 2011 MacBook Pro 17", 2.3GHz i7 (8MB L3), 16GB RAM, 1.25TB Fusion Drive
Mid 2010 Mac Pro, 6 x 3.33GHz Xeon, 16GB RAM, 2 x 1TB HDD
Mac Plus, Mac Classic II, PowerMac G5, and more
wjlafrance is offline   0 Reply With Quote
Old Feb 1, 2013, 01:03 PM   #18
iphone495
macrumors member
 
Join Date: Sep 2012
Quote:
Originally Posted by MacRumors View Post
Image


Early last year, the popular iOS app Path came under fire for uploading users' entire address books to company servers without alerting users or asking for authorization.

The scandal resulted in Apple locking down user data in iOS 6, requiring explicit permission before apps could access a users location, contacts, calendars, photos, and reminders.

Today, the U.S. Federal Trade Commission announced that it has reached a settlement with Path. The agreement requires Path to establish a new privacy program, obtain independent privacy assessments for 20 years, and pay an $800,000 fine.
The FTC alleged that Path's app was misleading and failed to offer the consumer any choice in whether his data was uploaded, and that Path violated the Children's Online Privacy Protection Act by collecting personal information from children without getting parents' consent.

Path has posted a response to the settlement on its blog.

Article Link: Path Reaches Settlement with FTC Over Address Book Privacy Concerns
"$800,000 fine"? Does the users get part of that?
iphone495 is offline   0 Reply With Quote
Old Feb 1, 2013, 01:05 PM   #19
Me1000
macrumors 68000
 
Me1000's Avatar
 
Join Date: Jul 2006
I'm really disappointed by the quality of the reporting here.
The $800K fine was for allowing 12 year olds the create accounts (a bug which was fixed long before the FTC got involved), but the entire post makes it sound like it's all about addressbook gate.

The FTC conducted an investigation because of the address book scandal, but the $800K had nothing to do with that.
Me1000 is offline   2 Reply With Quote
Old Feb 1, 2013, 01:05 PM   #20
writingdevil
macrumors regular
 
Join Date: Feb 2010
[QUOTE=macsrcool1234;16767844]I develop software for a living too. This is a bit unrelated but If I had an employee tell me something like that, I'd fire them on the spot. It's not your job to play lawyer..."


And they'd be lucky to be fired before you dragged them into your web. In your kind of thinking, whistle blowers should be fired before they get in the way of your goals. Path is NOT naive if you study their background and level of expertise. It is possible that your approach might be naive rather than malicious.
writingdevil is offline   2 Reply With Quote
Old Feb 1, 2013, 01:12 PM   #21
orangebluedevil
macrumors 6502
 
Join Date: Jun 2010
Path's response is embarrassing

Their response is a total straw man about the children under the age of 13. It doesn't ONCE mention automatically uploading mycontacts to their servers.


EDIT: Apparently, it's Macrumors that should embarrassed, this entire story makes it sound like the problem was the contacts, when in actuality, the FTC fined them only because of underage accounts.
orangebluedevil is offline   2 Reply With Quote
Old Feb 1, 2013, 01:17 PM   #22
manu chao
macrumors 68020
 
Join Date: Jul 2003
Quote:
Originally Posted by GoldenJoe View Post
Wait, so instead of making Path delete it's database of user address books, the Feds just took $800k for themselves? Am I missing something?
Since government spending is controlled by a budget that is passed by parliament, any extra income should go towards paying back the debt.

----------

Quote:
Originally Posted by orangebluedevil View Post
Their response is a total straw man about the children under the age of 13. It doesn't ONCE mention automatically uploading mycontacts to their servers.


EDIT: Apparently, it's Macrumors that should embarrassed, this entire story makes it sound like the problem was the contacts, when in actuality, the FTC fined them only because of underage accounts.
Yes, but what Path did with these underage accounts (ie, uploading the address book) likely influenced the size of the fine.
manu chao is offline   0 Reply With Quote
Old Feb 1, 2013, 01:28 PM   #23
Me1000
macrumors 68000
 
Me1000's Avatar
 
Join Date: Jul 2006
Quote:
Originally Posted by manu chao View Post
Yes, but what Path did with these underage accounts (ie, uploading the address book) likely influenced the size of the fine.
That's entirely unsupported speculation. You don't even know that at the time 12 year olds were allowed to sign up, addressbooks were being uploaded. Path 1.0 and 2.0 are vastly different products.
Me1000 is offline   0 Reply With Quote
Old Feb 1, 2013, 01:32 PM   #24
macsrcool1234
macrumors 6502a
 
Join Date: Oct 2010
Quote:
Originally Posted by writingdevil View Post
And they'd be lucky to be fired before you dragged them into your web. In your kind of thinking, whistle blowers should be fired before they get in the way of your goals.
This makes no sense. You have no idea what you're saying.

Quote:
Originally Posted by writingdevil View Post
Path is NOT naive if you study their background and level of expertise. It is possible that your approach might be naive rather than malicious.

How about enlightening us, Nancy Grace?
macsrcool1234 is offline   0 Reply With Quote
Old Feb 1, 2013, 01:42 PM   #25
BiigBiscuit
macrumors member
 
Join Date: Aug 2011
Quote:
Originally Posted by gnasher729 View Post
I develop software for a living.

If my boss told me to write code that uploads a user's address book to our servers, I would politely ask him to contact our legal department. If he refused or said the legal department is Ok with this, I would ask him to give me the order to write this code in writing and signed, and the written response from legal as well.

And in my company, it would be _him_ losing his job over this, not me.
I would think that he'd fire you first.




Quote:
Originally Posted by gnasher729 View Post
Do thieves stay out of jail if the police recovers the money that was stolen?
I think you mean: "Do thieves stay out of jail if they return the money that was stolen?"
BiigBiscuit is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Amazon and Other Book Retailers Issuing Refunds in E-Book Publisher Settlement MacRumors Mac Blog Discussion 54 Mar 29, 2014 08:19 PM
Apple Agrees to FTC Terms Over In-App Purchases With $32 Million Settlement MacRumors MacRumors.com News Discussion 245 Mar 24, 2014 01:37 AM
Proposed E-Book Publisher Settlement Could See Customers Receiving Up to $3 Per Book Purchased MacRumors MacRumors.com News Discussion 124 Sep 4, 2013 06:30 AM
FTC Investigating Kids Apps Over Privacy Concerns MacRumors MacRumors.com News Discussion 100 Jan 30, 2013 11:19 AM
Google and FTC Near Deal for Record $22.5 Million Fine over Safari Privacy Circumvention MacRumors MacRumors.com News Discussion 90 Aug 7, 2012 10:48 PM

Forum Jump

All times are GMT -5. The time now is 03:59 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC