TechTaffy

tech:

taffy

Path Pays FTC $800,000 Fine To Settle Privacy Charges

By TechTaffy Desk

Path

[Techtaffy Newsdesk]

Path has agreed to settle Federal Trade Commission charges that collected personal information users’ mobile device address books without their knowledge and consent.  The settlement requires Path to establish a comprehensive privacy program, and to obtain independent privacy assessments every other year for the next 20 years.  The company also will pay $800,000 to settle charges that it illegally collected personal information from children without their parents’ consent.  

In its complaint, the FTC charged that the user interface in Path’s iOS app was misleading and provided consumers no meaningful choice regarding the collection of their personal information.

In version 2.0 of its app for iOS, Path offered an “Add Friends” feature to help users add new connections to their networks.  The feature provided users with three options: “Find friends from your contacts;” “Find friends from Facebook;” or “Invite friends to join Path by email or SMS.”  However, Path automatically collected and stored personal information from the user’s mobile device address book even if the user had not selected the “Find friends from your contacts” option.  For each contact in the user’s mobile device address book, Path automatically collected and stored any available first and last names, addresses, phone numbers, email addresses, Facebook and Twitter usernames, and dates of birth.

The FTC also alleged that Path’s privacy policy deceived consumers by claiming that it automatically collected only certain user information such as IP address, operating system, browser type, address of referring site, and site activity information.  In fact, version 2.0 of the Path app for iOS automatically collected and stored personal information from the user’s mobile device address book when the user first launched version 2.0 of the app and each time the user signed back into the account.

The agency also charged that Path, which collects birth date information during user registration, violated the Children’s Online Privacy Protection Act (COPPA) Rule by collecting personal information from approximately 3,000 children under the age of 13 without first getting parents’ consent.

Through its apps for both iOS and Android, as well as its website, Path enabled children to create personal journals and upload, store and share photos, written “thoughts,” their precise location, and the names of songs to which the child was listening.  Path version 2.0 also collected personal information from a child’s address book, including full names, addresses, phone numbers, email addresses, dates of birth and other information, where available.

Just in

IT

IBM to acquire HashiCorp for $6.4B

IBM and HashiCorp have entered into an agreement for IBM to acquire HashiCorp, a provider of infrastructure and security management products, for $6.4 billion.
AI

OpenAI introduces new enterprise features

OpenAI announced new features aimed at enterprise users on Tuesday, at the wake of Meta's recent LLama 3 announcement.
Around the web

Oracle is moving its world headquarters to Nashville to be closer to health-care industry — CNBC

Oracle Chairman Larry Ellison said Tuesday that the company is moving its world headquarters to Nashville, Tennessee, to be closer to a major health-care epicenter, writes Ashley Capoot.
Industry

Square expands offline payments globally

Payment processing company Square has announced the expansion of its offline payments feature to all hardware devices and countries.
Around the web

U.S. bans noncompete agreements for nearly all jobs — NPR

The Federal Trade Commission narrowly voted Tuesday to ban nearly all noncompetes, employment agreements that typically prevent workers from joining competing businesses or launching ones of their own, writes Andrea Hsu.