Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

While I still support Path, the best PR move they could do right now is to pro-actively wipe all non-members' contact info from their servers, and then fast-track approval of the new "opt-in" version to the App Store, so that users can re-upload.

Played right, this episode could actually give them free publicity. Companies like Facebook and Zynga have been embroiled in far worse controversies, and they've all blown over.



That's not a PR move, that's what you do while crossing your fingers that state attorney generals and the FTC doesn't come after you.


I've just:

  1) saved their Privacy Policy and Terms of Use
  2) requested a complete deletion of our family's account
  3) requested deletion of any/all stored information
  4) considering contacting our lawyer
As I emailed to Path's support, our 3-4 year old children's schools, bus companies, physicians, pharmacies and our family lawyer were in that contact list - that's an insane, willful, and quite unexpected violation of our privacy.

Worse, it could have easily been solved by adding an entry to their Privacy Policy (under the "What Personal Information Do We Collect?" section) and/or a simple dialog prompt.

Unbelievable.


As I emailed to Path's support, our 3-4 year old children's schools, bus companies, physicians, pharmacies and our family lawyer were in that contact list

Ok, I'm going to pick on you for a second.

Hold the downvotes everyone! Let me explain.

This seems like a bit of a knee-jerk reaction akin to "think of the children!" or the whole child porn scare-mongering that politicians engage in that we on HN are always criticizing. I recognize that Path screwed up, big-time, but I'm unclear on why them having the information you cited, along with dozens or hundreds of other contacts from your address book, for millions of users, constitutes some kind of terrible threat to your children. I mean, their schools, their bus companies? How is that even remotely useful information to anyone?

I think there's plenty to criticize here from just the high-level perspective of "they used my contacts without my permission", without use the children scare-mongering tactic. But maybe there's a specific threat in mind that I'm not thinking of?

Anyway, just thought your response was a little over the top, and more informed by emotion than reason.

Ok, now everyone can downvote :)


Having all that information (school, doctor, lawyer, pest control company, health insurer, employer, credit card company, ...) about one person or a family, together in one place, is a social-engineering / identity-theft cornucopia. Imagine if Path had a data breach resulting in this contacts database floating around the internet.

Now most people's response to that kind of threat is to think "I'm just nobody important, no one would ever go to the trouble of using this information to impersonate me or otherwise make my life difficult." Probably you are underestimating one or more of: (a) your importance, meaning how much money someone stands to gain by impersonating you, (b) the gullibility/apathy of customer service reps at the companies you interact with, or possibly (c) the amount of free time and/or perversity of someone who will fuck with you just for the lulz.


[deleted]


One of my kids has special needs. This means he rides a certain bus and goes to a certain school. It would be trivial to uniquely identify him for the rest of his LIFE with only the information contained in my contacts list.

So now, without consent, this "private" "friends and family"-based app I installed on my phone, plus it's company, plus any other company they choose to do business with, or any entity that acquires them in perpetuity, or any data mining, social profiling, credit bureau, can start building far-reaching and long-lasting profiles of a four year old little boy that needs a extra help.

What part of that confuses you?

p.s. this could have been avoided with a dozen lines of code via a dialog box.


Actually there is a simple solution for your problem. Don't use social apps. Especially not if they are free!

Do you also buy snake oil if it comes with a document using lots of difficult sounding words but ends saying it cures everything?


> I'm unclear on why them having the information you cited

First of all, my wife and I actually read and attempted to analyze Path's Terms and Privacy Policy before joining. They did not in ANY WAY have our permission, either implicitly or explicitly to collect private information about our children, who are, 3 and 4 years old.

> along with dozens or hundreds of other contacts from your address book

From path.com/about

  Path should be private by default. Forever. You should 
  always be in control of your information and experience.
I was never once asked, agreed to, or gave consent to allow anyone to collect sensitive information about where are children are schooled at, what buses they ride, where they receive medical treatment at, or OTHER PLACES I LEFT OUT OF THE ORIGINAL LIST BECAUSE THEY ARE PRIVATE TO MY FAMILY. :)

> for millions of users

"kill one, it's murder - kill 1,000,000 it's a statistic" - this isn't about your children - it's about mine. ;)

> constitutes some kind of terrible threat to your children

Where did I say this was a "terrible threat" to my children? Maybe it is, maybe it isn't - bottom line is we did not consent to it. And perhaps we just want to protect our underage children from having behaviorial profiles or credit risk assessments built up on them before they reach kindergarten.

Interestingly enough, according to Path it is VERY reasonable that I should protect my children's information:

  We take reasonable measures to protect your personal information 
  in an effort to prevent loss, misuse and unauthorized access, disclosure, 
  alteration and destruction. Please be aware, however, that despite our efforts, 
  no security measures are perfect or impenetrable and no method of data 
  transmission can be guaranteed against any interception or other type of misuse.
Combined with:

  (You)...accept all risks of unauthorized access to the Registration Data and any other information you provide to us.
My risk, right?

> But maybe there's a specific threat in mind that I'm not thinking of?

Yes, there is. And I acknowledge that you might live in a world where you have no problem allowing anyone in the world to know any detail they can illicitly sneak out of your phone about you, your family, and your friends - but most of the rest of us don't.

For fuck's sake a UIKit dialog box and handler code is less than a dozen lines of code and then NONE OF THIS WOULD BE AN ISSUE.

> Anyway, just thought your response was a little over the top, and more informed by emotion than reason.

I'm curious, do you have a spouse or children?


> They did not in ANY WAY have our permission, either implicitly or explicitly to collect private information about our children, who are, 3 and 4 years old.

What are you talking about? Do you expect them to perform complex data analysis to figure out that certain contacts are young children, and then explicitly ask permission to share those? Or do you expect them to preemptively ask for any potential sensitive contact information? "Can we use your children's information?" "Can we use your in-laws' information?" "Can we use the address of the President's safehouse?" Etc.


> What are you talking about? Do you expect them to perform complex data analysis to figure out that certain contacts are young children, and then explicitly ask permission to share those? Or do you expect them to preemptively ask for any potential sensitive contact information? "Can we use your children's information?" "Can we use your in-laws' information?" "Can we use the address of the President's safehouse?" Etc.

Just a "Can we upload your entire address book?" would have worked. Or perhaps listing "Your entire address book" in the "What personal information do we collect?" section of their Privacy Policy.


That still wouldn't be specific permission to share children's information specifically, which is what it seemed like your were requesting.


No, but giving him the information would have informed him sufficiently so that he could have decide whether he wanted to (a) not use the app (b) delete sensitive contacts before using).


I think you're spot on here mash but I have a disconcerting question. How do you intend to handle this situation with every other app you, and presumably your wife, have ever downloaded? Specifically those that may not be as 'transparent' as Path?

I ask because we would be foolish to think the developers of some less then typical quality apps have, or will, certainly exploit this for their own monetary gain.


> How do you intend to handle this situation with every other app you, and presumably your wife, have ever downloaded?

Not sure yet. Path is actually the first (and will certainly be the last) social network I've ever joined - and it was precisely because it was supposed to be private and they had a pretty reasonable privacy policy. I remember something of this nature after the App Store was first released but had honestly thought it was a fixed issue.

On our lap/desktops we use prompting firewalls and on occasion will even watch suspicious apps or behaviors, if you will, where on iOS this is much harder.

I have an idle FreeBSD box and may start mitm'ing like OP did, but seriously pouring through the kind of output a home network produces doesn't sound like fun at all and I already know that going back to a dumb phone would probably be just as easy.


I was worried that would be the response. Not that I think it's a bad idea, its just such substantial shift from what I'm used to.

I would be curious for someone to do this with other apps. Even those that aren't social networks. I have a strong inkling that most of the top free apps are doing this without any of us knowing.


> I'm curious, do you have a spouse or children?

What for an argument is this. So if he doesn't have a spouse or children he can't be right. What kind of populist are you?


Seems to be an ad misericordiam argument. It's bad they share private information of people in your contact list without your or their permission. But adding children in the mix is just used to add effect to your argument.

Don't really like this kind of argumentation.


considering contacting our lawyer

What do you expect to achieve with this step?


To get his money back, of course.


To get perspective, actually. Most lawyers are wicked smart and it sucks you aren't in a position to have such a valuable resource available in your own life. HTH.


Lawyer? God, get a fucking grip. No wonder companies treat their users like morons.


Because asking for advice from those wiser than oneself clearly makes one a moron.


Yes, good point. And regarding state attorney generals, how is this not data theft? It seems to go far beyond privacy issues, the program is in every way that matters a trojan that steals personal data. I can't see how it could not be considered so given the details of what was discovered.


If I were an evil-state-attorney-general, I'd be calling up Path and saying "Here's a list of names (unsaid - of suspected drug dealers), please forward all of their details and contacts, and the details and contacts of anyone who lists them as a contact. Thanks"


Yeah - or I hire a private eye to spy on my wife and he pays off a path DBA. Don't people always complain on HN that they don't get enough kaching?


If I were involved in this (and I'm not, I just think transparency - not privacy - matters) I would want the CEO and CTO of Path to create a video that is displayed to all relevant users in their mobile app. The first thing they do is apologise, they explain in plain words what people are up in arms about, the CTO reiterates that a) this was dumb and a poor choice but we are all human, b) what this means (eg: we did this not for our value but to deliver the best experience by matching you to your friends effortlessly) and c) why this matters on a macro scale for the industry.

I would respect a company that did this because they are not only addressing users that are aware of it but also users that are not aware (but are affected.)

Wiping data is fine but it feels like it doesn't solve the crux of this problem -- communication and transparency. Companies make mistakes and they can fix them, sure, but communicating about them? that's much cooler. (I suspect this is overkill unless mainstream news catches on this - which seems unlikely)


I wouldn't be surprised if there is an engineer there who voiced concerns, but whether they still work there or not would be an open question. Wherever they are, they should be found and put in charge of development.


Ethical engineer: "I've got a problem with doing this, we're storing personal info without permission. Shouldn't we at least have something that lets our users know?"

Ambivalent boss: "I don't think it's a problem, who's going to notice anyway?"

Not that the ethical engineer will get anything more than personal vindication for actually giving a shit.


I would want the CEO to:

1) Immediately delete all of the non-user data

2) Send an apology e-mail to each Path user explaining the situation

3) Write, by hand, a corresponding apology letter for each Path user

4) Hold a townhall-style meeting in which members of the public can ask him questions

5) Pay, out of pocket, the travel expenses of anyone who attends the townhall meeting

6) Wear an indicator of shame (large necklace or a sign) for as long as he is CEO of the company


Seppuku basically


7) Commit seppuku




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: