As an iOS lover and Path champion, a number of folks have asked for my take on the Path address book situation of yesterday and today. I’ve avoided weighing in for two reasons: first, I wanted to talk to some other actual developers about the situation. Second, the fact that CrunchFund is an investor will render my take moot by some. But there are still a few things not being said that should be.
First, I agree with everyone that there should be a prompt to send your address book data to third-party servers. And with their newest version out today, Path is doing just that.
One thing overshadowed by this situation is that there’s a reason Path was doing this — and it was anything but nefarious: it makes the service more useful. Path is about your personal connections and the best way to establish those connections is for Path to find your true friends also on the network. What’s a great signal if someone is a true friend? If their information is in your address book and if you’re in their’s.
Path wasn’t trying to gain your address book to cold call all of your friends and bug them to join Path. Nor were they going to sell this data to marketers. They weren’t even auto-friending people (which way too many apps do). It was simply to ease the connection building process by giving users good recommendations.
Here’s the other key thing: a number of your favorite social apps do the exact same thing. And some have for a very long time — for years, actually.
The fact that there hasn’t been an issue in all these years as a result is a good sign. It shows that these apps, like Path, were simply using the access which iOS provides to strengthen social connections within apps.
Yes, it’s weird that Apple, which has the App Store approval process on lock-down and requires prompts for things like accessing location information doesn’t do the same for address book information. My understanding is that Apple has been looking at this issue and it will probably change in a future iOS update.
For what it’s worth, I’m told that Apple’s iOS developer agreement does contain some wording that may prohibit such actions, but the wording is too vague. And again, Apple screens all these apps and hasn’t rejected one as a result of this address book transfer yet.
Given Path’s mission to be your most personal and most private network, I think it’s fair to hold their feet to the fire about this issue simply because it wasn’t stated that it was happening. My CrunchFund partner Michael Arrington publicly called on Path to “nuke” this data collected before the prompt, and they have. Good call.
But if we’re going to freak out about this situation, it’s naive to freak out about it over one app. Again, this is happening all across the iOS ecosystem. And no one has said a thing. For years.
The good news: look for all of this to change. I’ve spoken to a number of developers planning to implement some sort of opt-in-to-address-book-data prompt, just as Path did today. Again, this wasn’t some sneaky attempt to steal your data and sell it off or whatnot, it simply utilizing an option that was put in front of these developers. And they all seem happy to do that in a more transparent way.