The case for the prosecution further states that Path is somehow evil for doing this, that this runs rough shot over privacy, how they are becoming like Facebook.
Here stands the case for the defence.
1. The outcry has come from the tech community. This is an important point. We understand security & privacy. We care about this stuff. Here’s the reality. In the user research I’ve seen it time and again: simply people don’t care. Upload my address book to a server somewhere? This is not in most people’s concept of technology – they aren’t bothered.
2. Which brings me to the next point. In highlighting this has happened, we are making our users concerned. This is our fault as an industry. We design password systems that require uppercase, digits & other complexity to access stuff as simple as a newspaper. My newsagent doesn’t ask for my mother’s maiden name to buy a copy of my daily paper.
The paradox is this. In warning people about security we worry them about security. It’s called Privacy Salience.  In asking for a password for something trivial we devalue privacy when it does count.  Is this same for security?
The solution suggested is we offer a security message that Apple set in iOS. Rather like Facebook’s.
But how many of us just click through these messages without seeing them? It seems quite a lot of us. 
The solution is not to warn people – it’s to be responsible in using that data.
I think a great many users will feel that Path hasn’t broken their trust, Instagram have been doing the same for some time. Trust would be broken if they sold the data, didn’t implement super security, or somehow added a feature where they sent your Mum a text message if you checked into one-to-many bars.
Yes we should be able to opt-out of these features but at the same time in warning about security or using some standard, shitty dialogue that Apple or Facebook have designed we end up making something more difficult to use. After all Path has be praised for it’s great UX.