Feeds

Path runs screaming from privacy snafu

We meant to copy your address book but we didn’t think you’d mind

Beginner's guide to SSL certificates

After sparking an outcry – and arguably putting itself on the wrong side of privacy laws outside America – ex-Facebooker and now CEO of Path, Dave Morin, has blogged an apology.

The furor surrounding the application broke with this blog post, in which a Path fan analysed the app’s behavior and discovered that it copied a user’s entire address book to its servers – without permission and in the clear.

Morin originally responded that “friend finding & matching is important to the industry” (our emphasis), but said the upload of the address book was only used to help users connect to friends and family, and “notify them when friends and family join Path.”

His promise of an update to turn the feature into an opt-in didn’t mollify users, who demanded to know what would happen to data already held by the “personal network” company without their permission.

Those complainants now have their answer: the data has been deleted, according to Morin’s blog post. Morin adds a pint liter of mea culpa stirred in with a couple of spoonfuls of “deeply sorry” and a pinch of “complete transparency”.

While still claiming that users are “completely in control”, anybody who abandons their good senses and uploads their entire address book to the company – and then changes their minds – will have to rely on an e-mail to Path’s customer service to request deletion. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.