February 8, 2012

So I have a Gmail account. But I still encounter folks who say, “Oh… I don’t trust Gmail… I heard Google reads your email to show you ads.” And that’s pretty much the end of the conversation, as arguing privacy is dead, an algorithm does the reading, or the product’s many good points can’t overcome the icky feeling that the service puts the needs of the company ahead of the user.

And now we have the iPhone app Path, some social thing, that uploads the contents of your Address Book for some friend-finding purpose that’s supposed to be really great.

Problem is, I’ve used my Mac’s Address Book for years locally, well before the iPhone with no expectation that its contents would be shared. If that’s really true, it would totally change how I currently use it. And so Path’s comment (in comments below that post) that contact sharing is a current “best practice” among iPhone apps is deeply disturbing. Really? Maybe among trendy social app developers, but certainly not to end-users. If so, the more accurate term should be “worst-practice.” I’ve long assumed the Address Book contents were private and would expect to be asked permission before sharing.

So the end result is bad for Path. I’ve yet to download the app and am now unlikely to ever do so. The damage is done; whatever coolness this app provides is now tainted by the “icky feeling” – they care more about that contact list or my data than me as a user, so the service they provide is a shady cover, really. And that ickyness extends to other social apps until this issue is resolved – hopefully Apple will lock the address book down like location and fire an alert asking for explicit permission – at least once.

And in the future, possibly years from now, I look forward to aged relatives saying, “oh… I don’t want to download those app things… I hear they steal your address book and spam all your friends.”

Thanks for nothing, Path. You just made everyone – justifiably – a little more paranoid.

Update: Path is fixing things. Still not motivated to try the app anytime soon, though.


  1. JC says:

    As far as I know, Apple does require getting a user’s permission to upload address book data like this to a server. I’m surprised this app was approved. Probably slipped past the reviewers. If Apple doesn’t require that, it should, and probably will, now that this has blown up.

    The disturbing part of this for me is the developer response. There are a growing number of startup types out here in Silicon Valley who believe that personal data is a commodity. I’ve heard Robert Scobble say something to the effect once that if I give you my business card, that gives you every right to publish my name, phone number and email address out to the web. There’s no sense that anyone has a responsibility to hold information given to them in confidence. Apple seems to be the lone dinosaur about this kind of thing. Which is why they’re the one company people trust with data.

    Of course, if any iPhone app can take that trusted data and give it away without asking, and without even telling, Apple is going to have a problem.

    I still think all of this nonsense would end if companies would just charge a fair price for services, and people stopped being so damn cheap about everything online. Free web services are starting to look more and more like marketing scams, rather than an equitable exchange of functionality for attention. We’re a long way from Gmail now.

    • Scoble is so far in early adopter land, he’s an edge case. If my address book contained folks like him, fine. But we have loads of aged relatives (for birthdays and holiday cards) that wouldn’t want their info shared, others who hardly use social media, plus some accounts set up purely for business / bills that have remained thankfully spam free. The onus shouldn’t be on me to prune the address book.

      I do expect an Apple response on the side of privacy and it’ll be the right move.

      Lastly, yeah, the whole “it’s free” thing bugs me more and more, as it comes with an attitude of “so you can’t complain” from developers and users alike. Maybe users are paying with data instead of cash, well, at least be up front about it and see if they’re okay with that price instead of these shady tactics?

      I’d love more services where you pay and in return get no ads / tracking / data mining. At least that would be a choice, vs. now in social network land there are just competing walled gardens where you’re the product.