Path, Hipster and Developer Trust

When it first came out, I loved Path. I thought that the concept for having a simple and clean social network made up of the people that I truly call my friends was awesome, and I appreciated the 50-person limit. Then Path 2 came out, and I loved the interface, how it worked and everything about it. Path 2 changed the game.

Then we find out the other day that Path would upload the user’s entire address book to their servers, making what is my personal information now the property of someone I didn’t authorize to do so. Turns out that Hipster does the same thing. Although Path has since apologized and deleted all of that data from their servers, the damage is done. Fact is, if we’re going to work with an app, we need assurance that they developer will treat our data correctly. But why is it so important for us to believe a person who’s making an app?

It comes down to trust.

Trust Issues

I’m not a very paranoid person when it comes to working on the Internet, and I never have been. I’ve given my credit card information to multiple companies, and although it has bitten me back a few times, it’s never been such a dilemma that I wondered if I could pay the bills on Monday. That said, my personal information is sacred to me, and I take that pretty seriously.

Now I understand the hypocrisy here. Yes, I have a Facebook page and multiple Twitter accounts, and they have all my info and then some — how is it possible that I think my personal information is sacred? It comes down to trust. I trust that Facebook and Twitter will only use my information for good, and that I don’t have to worry about anything happening to it in the foreseeable future. Maybe my belief in them is misplaced, but if I want to use social networks than I have to trust someone sometime, right?

This trust needs to be curated. We, as customers, need to know that the people who we give this precious gift will use it for good, not for evil. That our information stays with us and only us. That’s the point.

Breaking the Bond

The thing with Path is a bit touchy. The CEO puts it like this:

We upload the address book to our servers in order to help the user find and connect to their friends and family on Path quickly and effeciently as well as to notify them when friends and family join Path. Nothing more.

OK, that makes sense. They wanted to create a simple and easy way to get your Path up and working — make it “just work” as it were.

Here’s the thing though: That information on there isn’t necessarily mine to give. Every friend, colleague and business associate that’s in my iPhone’s address book has some information recorded on my device that they entrusted to me. Maybe it’s a Facebook profile, Twitter handle or their personal email addresses, but that was given to me, not to Path. It’s not just my trust that’s been violated, it’s all of theirs as well.

Extrapolate that all out and you’ve got some major problems. That means that for every one person that’s on Path, there are probably 50-200 additional contacts whose information was sent to Path without their permission. I don’t know how many members they had in the system, but if it’s just 8000 members who each have an average of 125 contacts, then 1,000,000 people’s names, addresses and phone numbers have been compromised. That’s a lot.

Break someone’s trust, and they never know whether to trust you again or not.

How Do They Come Back?

Quite simply, they don’t.

I’ve started to write multiple posts for this site about the problems with social networks and the iPhone (and successfully published one), and it comes down to the numbers. A friend of mine told me recently that of the five minutes that people spend on social networking every day, on average four of those minutes were spent on Facebook. That means that everyone else is fighting for that remaining minute. Who could survive in that market?

Path was certainly on their way up there, but now that this has hit, I’m sure that lots of people have left the service (I’ve tried to leave myself, but right now leaving means emailing the company, and I’m sure they’re inundated with cancellation emails). Sure, there are many who haven’t heard this news yet, and since Path was quick to respond, some of the damage may have been quashed. But for me, I’m done. Beautiful app or not, if I can’t trust them not to screw me over, then I’m just not going to use their service. The same goes for anyone else too, be it Google, Facebook or Twitter.

But Wait …

You might be thinking to yourself, “Kevin, Google is much more evil than Path. They scan all of your emails, track your web activity and everything else. They sell your information and demographic. What’s so different from Path?”

Good question. The answer? I knew that going into things.

When I decided to sign up for Gmail the first time several years ago, I knew that Google made their money from ads, specifically targeted ads. My emails would be handled for free, but I’d get targeted ads popping up on the side of the screen. I knew that, accepted it and moved on.

Same with Facebook, frankly, and had Path been up front about it, I wouldn’t have a problem with them either. But they weren’t. That’s the problem.

What Others Should Take From This

Running a startup is hard work, and this can lead to taking risks that may seem right at the moment, but turn out to be huge deal breakers. For every Twitter, there’s a thousand failures who just aren’t performing to expectations no matter how much money VCs dump into them. What direction that Path decides to take from here is up to them. I hope they can make it out of this because their UI really is gorgeous and inspirational, even if the app wasn’t one of my most used. And yes, they did make right on this whole deal by fixing the mistake quickly. But now I don’t trust them.

Those that just to walk down the same path should know that trust is key. You have to work hard to earn it, and if you break it, you might as well close up shop and go home because you’ll never get it back. Fool me once, and all that.

End Results

Path made a mistake, and I’m sure there are some who don’t see it as a big deal while others react more like me and go over the edge. Maybe they can pull out of it, maybe they can’t. Whatever happens, developers should know that if they’re trying to create a personal experience for their users that they may need a certain amount of trust to pull it off. That’s a very delicate situation, and it has to be handled properly. If not, then just like that proverbial bull in a china shop, things will get broken.


  • DJ A

    Path made a mistake.

    Developers and startups need to be more transparent about how they use your data and always allow it to be opt-in.

    I seriously doubt this is going to hurt them as a company nor is there a mass exodus happening to leave their service. There’s are a lot more evil in the world than a company using your address book to improve the service for you and then being transparent about it. IMHO, its not that serious.

    As far as people who’ve given you their information, who have entrusted you with it, storing it in your iPhone that can easily be lost of stolen or lost makes you the single point of failure in protecting it.

    • http://www.whippsindustries.com/ Kevin Whipps

      I disagree. I can remote wipe my iPhone anytime it’s lost or stolen, removing all the data from it. With the exception of the iMessage bug, I’m still in control of my data at all times.

  • http://www.metzener.com/ Dave M.

    AMEN Brother! Wow, do I fully agree with everything said in this article!

    In this day and age, where information security seems to be low on developers radar’s, it’s refreshing to hear someone speak out about it and stick to their guns when it comes to showing those developers we mean business!

  • Pingback: What Path Needs to Do to Succeed | iPhone.AppStorm

  • Pingback: What Path Needs to Do to Succeed | Ipads Advisor

theatre-aglow
theatre-aglow
theatre-aglow
theatre-aglow