Path’s Big Mistake (Updated)

Path got caught uploading users' entire address books to its servers. It wouldn't have been a big deal if this was an opt-in action. But it wasn't. It happened in the background without most users' permission or even knowledge. This was a big surprise to a lot of people (even if Dave Winer did warn about it peeking at our address books in November of 2010.) It illustrates a huge point about privacy: Don't surprise people.

The worst thing a company can do with private data is something unexpected. Unexpected is almost always bad.

Typically, when a company has a privacy problem it's not because it has done something horrible, it is because it has done something surprising. People are often quite willing to share personal information—addresses, contact information, location, financial data, and the like. But they also want to have control over it. They want to be able to choose what is shared, and how it is shared.

When companies do surprising, unexpected things with our personal data, it leaves us feeling like we don't have control over our own data. Worse, it often leaves us feeling cheated, or deceived. And that makes people very angry. Doing something unforeseen with somebody's privacy is a surefire good-will extinction mechanism.

When it comes to Path, what we expect is privacy. The entire point of it is that it's a more private, intimate social network. In fact, privacy is among its key values. It even promises that "Path should be private by default. Forever. You should always be in control of your information and experience."

The thing is, there's nothing inherently wrong with Path using address book data had it given us that control that it promised. But Path took data without asking or notifying us what it was doing. It took away our control over our information and experience. That was unexpected.

There is an easy way out of this for Path. Mike Arrington is dead right: It should nuke all of the address book data that it has gathered. It should not wait for people to ask, forcing them to send an email. It should not wait for another version of the app to ship, it should do it now. Today.

That would be the kind of surprise people like.

UPDATE: And it's done just that. From a contrite blog post by company CEO Dave Morin:

We believe you should have control when it comes to sharing your personal information. We also believe that actions speak louder than words. So, as a clear signal of our commitment to your privacy, we've deleted the entire collection of user uploaded contact information from our servers. Your trust matters to us and we want you to feel completely in control of your information on Path.