Think for a second. What’s the most private, intimate information on your phone? Well, ok you got your photos from last night’s wild ragin’ party (I won’t go there ;-) but other than that? For me, it’s my address book, a compilation of phone numbers and email addresses of cherished loved ones (parents, family, close friends) and folks who have information of a deeply intimate nature (my primary care doctor, tax accountant, insurance agent for starters…). That is, people with whom I have a veritable trust-worthy relationship of varying degrees of familiarity, including valued co-workers and maybe a few acquaintances via conferences. That’s the key word here: trust. There is a presumptive 2-way street of confidence, reliability, assurance, and social agreement that we “trust each other” with our information and the relationship that info suggests and implies, from a fun Sunday 9 am chat in our pajamas, to that urgent midnight call about a health or financial emergency.
Now imagine a social networking company, with a beautiful slick whimsical interface that breathes a sigh of relief from the confusions of Facebook, but it’s snarfing up that very trust-based information without your knowledge. Without your consent. You don’t have to imagine, because it’s real and was accidentally discovered by a curious developer as reported on The Verge here. The culprit is Path. A startup whose v1 garnered lots of inside-the-Valley interest but didn’t really explode onto the scene until v2 with a nicely redone interface and modified focus, becoming a personal diary for sharing with your “real friends” (as a presumably nice subset of the hundreds via other networks…ok, THE network, aka Facebook :-). Now it seems the wonderful user experience and brand affiliation of Path have been utterly tarnished, with a supreme violation of trust of the very intimate information on my personal device, by uploading the ENTIRE address book of my iPhone to their servers. Why? For what purpose? Who knows. They clearly don’t need to do so, as the app can simply “view” into my contacts list (aka Address Book) to identify “friends” that I can add to my Path for sharing. But why copy that info it to their servers? Seems unnecessary and…frankly arrogant, or perhaps just flat out stupid.
Ultimately, it just makes me wonder who was the fucking douchebag(s) that decided that copying this kind of sensitive information was a) necessary b) justifiable and c) unimportant to let users know it was even happening. I don’t mean the actual names of the people, but the roles and positions. What was the nature of the conversation tucked away in some conference room? Or maybe there was no discussion–even scarier! Yikes. Just a set of silent consensual assumptions that this was all permissible …This is the glaring arrogance of young eager feisty start-ups driven to impress and “get to the market”. To believe that whatever they think (or not-think) and decide is somehow good for everyone…oh, and by the way, it’s not an issue anyway, so just keep using our app, right?
Trust is an absolutely fundamental element of a user’s experience and core to the creation of a viable customer relationship, even the business model itself, embedded in the value proposition. Yes, trust is a cornerstone of the business. It ensures a healthy customer – provider connection with positive multiplier and viral effects. Trust is infectious as “good word of mouth” spreads, and transactions increase, usage grows, value is augmented. It’s a virtuous cycle.
But just as infectious is distrust. A violation of the customer’s sense of identify, privacy, and of their own dignity. But especially their sense of pride in a brand they enjoyed and believed in and defended, trying to persuade friends to participate and join in. All of that gets eradicated in a few seconds. The “path” from success to disaster is a quick and easy route. And this saddens everyone, including it’s fan base of faithful users.
It’s high time such hungry young firms pause for a minute, take a breath from their “barbarians at the gate” mentality rushing out the door, and carefully reflect upon the principles and values that enable a good design, product, and experience: trust, dignity, respect, and pride. Recall Dieter Rams, the pursuit of what is ethical and aesthetic. What’s the balance between using a customer’s data versus preserving a sense of caution and judiciousness. Where’s the line between rushing to do bold things and wariness of the risks against people’s privacy and security. Because once you go over that edge, there’s no coming back, period. That’s when the company’s true values are exposed for what they really are. That’s when users know who you are, and trust me, it won’t be forgotten.
I think you hit the nail on the head..
There is a fine line between trust and distrust. And any service, especially a service like Path – a social network which calls itself “the home” of social networks – can’t afford to make a mistake like that.
“Facebook is building cities, LinkedIn is building workplaces and Path is building homes”
Now, was Path doing anything wrong by uploading personal contacts to their servers?
hmm..maybe I can see a few people getting uncomfortable with the idea of it
But, did Path commit suicide by uploading contacts *without letting users know what was happening*?
Absolutely, yes! I know Dave Morin came out with an apology saying that the company is using this information only to better friend suggestions..but its still enough to throw users off their network (look at you Uday! :)
—
I think there is a bigger problem in this address-gate.
If I recall correctly, Path is not the only app to push address book details to their servers. Foursquare, Foodspotting, Whatsapp, Beluga were all guilty of it too (Facebook and Twitter too, if I’m not wrong)
I think the fundamental problem lies on Apple’s end.
If Apple can have permission dialogue boxes for location services and push notifications, why not have one for contacts? Contacts are obviously very private to the user, and so often being misused by companies (haha.. i like how you call those startup dudes, douchebags – a very apt description) . I know Android has a similar implementation. I hate dialogue boxes myself, but recent trends for this scenario justify the use of one?
To be honest, I’ve stopped caring where, when and how my information is being shared on all these channels. I am so heavily invested in google, apple, facebook, mint, simple, dropbox – that it is too late now to back out. As we speak, I’m uploading all my previous year’s tax documents to dropbox :) fml
So it would affect me the least (mentally) if my contact’s details were shared on Path’s server.
However, shit would hit the fan if my pictures from Sat night were publicly shared on Facebook! :)
(btw, did you see the new Facebook mobile auto-uploader?!?! scarrry! )