Can someone explain to me exactly how I could be harmed by this? My contact list is just a list of names and phone numbers of people I contact. Even if I had an escort service in there or something, I don't think anyone on Path's end is individually looking through the data.
An employee at Path might very well decide to start looking through that data. There have been other cases where employees gave in to temptation to access someone's data. Imagine for example if a celebrity is involved and someone decides to leak their address book.
Now one would hope that employees wouldn't have unrestricted data to this access, but one would also hope Path wouldn't do this in the first place. The fact that they collect all this information in the first place, unnecessarily and without consent does not inspire much confidence in their internal safeguards for access to this data.
Also, if anything were to happen to the company, it's hard to know what hands all that data will end up in.
Maybe not you personally, but think of the NOW scandal going on right now. Information about people's mobile contact info is valuable to a number of organizations in ways not immediately apparent.
Also, for apps with private messaging systems like Path, I'd be far more concerned about rogue employees looking through the messages I send than contact list data. I'm far more likely to have sensitive information in there.
Don't forget about the possibility of Path's data being stolen. Your contacts probably contain enough info for a criminal to carry outa pretty good phishing expedition, for example.
My Facebook friends list is already public. Seems like a motivated criminal already has more than enough info to carry out a phishing expedition. I've never really seen targeted, personalized phishing though, most phishing seems to be broad and generic "enter your bank info here" style.
