Nick Bilton writes:
Last week, Arun Thampi, a programmer in Singapore, discovered that the mobile social network Path was surreptitiously copying address book information from users’ iPhones without notifying them.
David Morin, Path’s voluble chief executive, quickly commented on Mr. Thampi’s blog that Path’s actions were an “industry best practice.” He then became uncharacteristically quiet as the Internet disagreed and erupted in outrage.
[…]
It seems the management philosophy of “ask for forgiveness, not permission” is becoming the “industry best practice.” And based on the response to Mr. Morin, tech executives are even lauded for it.
Read more on New York Times.
In my opinion, Path should not be getting positive press over this. I do understand that there are those who would suggest I’m being too tough, that mistakes happen, and we should give credit for appropriate responses when mistakes do happen or are detected. Indeed, I have occasionally complimented breached entities on their responses to breaches. But let’s never forget that some of these things should never happen in the first place and until businesses learn that such mistakes cost them dearly, “mistakes” like these will continue to happen all too frequently. And for dissidents living under oppressive regimes, a smartphone’s contact book could result in jail, torture, or death. For the rest of us, the consequences of a contact book breach may be less extreme, but still seriously problematic.