

Path gets a pass? Why? - arepb
http://edwardaten.posterous.com/path-gets-a-pass-why-we-shouldnt-let-them-of

======
baddox
In what way did Path "get a pass?" They got a lot of negative press, and it
brought attention to this issue (hence blog posts like this one). Sure, people
got vocally angry and then quickly forgot about it, but that's just what
people do. It even happens with far worse things, like police brutality or
even unwise invasions of countries.

What specifically do you want to happen? You say you want "Silicon Valley" to
"publicly and vocally [condemn] this type of activity," but what would that
actually mean? Last I checked, "Silicon Valley" doesn't exist as some unified
entity that can issue public statements. Heck, Hacker News is some
approximation of the culture of Silicon Valley, and the front page was filled
with rage.

Also, incidentally, I find it interesting that you cite a dictionary
definition for a word that in no way corroborates your usage of the word, even
though I think I agree with your underlying point. Path didn't "take and carry
away" anything, and the contacts on your phone hardly constitute "personal
goods or property."

~~~
oo7jeep
Thanks for the question Baddox.

Do a search on Twitter for the top tweets that link to Path's blog apology.
Nearly every major figure in tech (99% in "The Valley") just accepted their
apology and moved on.

Wouldnt have happened with other companies like Google or Facebook and
shouldnt have happened here.

~~~
baddox
What's the alternative to accepting their apology and moving on? Short of
organizing a mass exodus from Path, or pushing for legal action (which the
author doesn't seem to be proposing), what can be done? The only alternative I
can think of is for the community to keep repeating itself over and over
again, like "We're still outraged."

> Wouldnt have happened with other companies like Google or Facebook and
> shouldnt have happened here.

People move on quickly after Google or Facebook screw up. There have been
several times where people were enraged at Facebook's default privacy
settings, and I never saw much discussion 24 hours after each story broke. The
same goes with Apple: I can't recall any privacy-related issues other than the
coordinates being stored on the phone, but a similar issue was all of the
weird app rejections and fuzzy rules surrounding the App Store. Each time,
people were outraged, and then the discussion cools down. I think this is
inevitable, and I don't think it necessarily means that no good came out of
the situation.

------
anateus
Path's error was not the uploading of your address book, but rather making it
not be a user choice. The data was used directly in the functionality of the
product. The level of actual usefulness this would be to the user is debatable
but it isn't a direct utilization of your data for benefit, the benefit to
Path is an indirect one (but then, everything any company does is primarily
for their benefit, just indirectly through providing utility to the
customers).

If Path was taking your address book and selling it to spammers, and forgot to
make that opt-in or out (as many services do), then after being confronted
with this apologized and made that optional. That would NOT BE OK. That's what
Facebook and Google would have likely done (since that's basically their
business model), and likely why you have the impression that they wouldn't be
let off the hook as easily.

What Path was actually doing with the address book is crucial here to whether
the apology and quick response to amend their ways (FB and G tend to seriously
drag their feet on responses) should result in forgiveness and caution towards
them in the future, or the harsher response you advocate.

Do not misconstrue this as Path apologism, because I do think what Path did
was very wrong--hence the requirement for them to apologize in a way that I
thought was sincere and comprehending of the source of the outrage (many
similar apologies are tone deaf and come off like "I am sorry you are having a
problem" vs. "I'm sorry we caused a problem")--I just think they haven't made
a deep ethical mistake, but rather an unfortunate oversight well deserving of
castigation that they've begun to atone for.

~~~
SimHacker
Path may have not sold your personal data to third party advertisers to target
you with, but Path wanted and used your address book for the same reason those
third party advertisers would have wanted it: to promote their own product to
you and your friends.

------
jeffchuber
This is sensationalist crap.

------
sp332
They spent some social capital, but they're still in the black.

~~~
oo7jeep
Since when did stealing become 'spending social capital'?

Its this type of perspective that encourages our community to condone
activities that we would frown upon in other circumstances.

"Did I gain more than I lost?" isn't the type of hacker we should be striving
to be.

~~~
sp332
After they took people's contact info without asking, they had to make it up
to their customers. They deleted the info immediately, updated the app, and
issued a sincere apology. This is the opposite of "condoning" their actions.

------
darylteo
I wonder what are their usage statistics...

If its in the low numbers, probably not enough people use it to cause a mob
riot.

I personally don't use it at all.

~~~
damptrousers
It's going to be low, because of the app itself. Seriously, if you've never
used the app you might want to educate yourself before making such statements.

Limiting the number of possible friends means a smaller network, and a smaller
user base.

That you "personally" don't use it means nothing.

------
pbreit
Maybe because it has earned it?

------
jsavimbi
Path is dead in the water and nobody cares. Those who expressed sympathy over
their handling of the nerd pressure were doing so more to signal for future
times that the correct action was taken by Path's management. It means
something to the industry that not everyone is a Curebit or similar, even
though what they did was a premeditated act of douchebaggery.

Which brings me to another topic: it's hard out there to be successful and
always do the right thing. Sometimes you'll have to cut corners in the attempt
to gain an edge, however meaningless an inconsequential to the big picture it
may seem at the time, because big strong companies are built on a stream of
small, repetitive successes, not big wins.

~~~
damptrousers
Dead in the water? I sure wish we could make a bet on that.

~~~
jsavimbi
Let me know when they hit the all too critical mass.

------
malloreon
If Path has violated the UK's Data Protection Act like some stories have
mentioned, people from the company should go to jail.

~~~
iloveponies
Path is a US registered company with an office in San Francisco. Path is
hosted by Amazon out of the US.

At what point does UK law have jurisdiction?

~~~
noobiscus
IANAL - but with the DPA and other EU data/privacy laws: at the point that the
data was collected inside but transmitted outside the EU. Its treated somewhat
like an export, or a border control. (this is why Apple allow you to preclude
your app from certain local markets; enter the market, and you ARE bound by
its laws for your actions in that market)

On the other hand; DPA violation doesn't result in prison, just a (potentially
large) fine.

On the third hand, its quite possible that Path did not violate the DPA
(although its possible they did). The DPA, in short states that you have to
gather personal info for a specific, consensual purpose, and not use it for
any other, and also store it in a way that protects it from loss/theft/misuse
- where misuse includes deciding 6 months down the line to use it for another
purpose. It also means that if your 'purpose' for holding that information
ceases, you are legally obligated to purge the data - your legal permission to
hold ends.

So; was there consent - almost certainly not, hence possible DPA violation.
But once it was clear they had no broad public consent - they immediately
purged the data, so possibly no _deliberate_ violation, and certainly a
demonstration of willingness to correct the situation.

