I’m So, So Sorry. Here’s My Belly. Now Please Move On.

Don’t get mad at companies because they apologize so quickly. It’s the only way to survive in the Internet.

“All this social media nonsense is destroying our community,” a prominent venture capitalist told me on the phone a couple of weeks ago. It was a throw away comment in a larger conversation, but he was talking about how quickly startups are humbled by dramatic but ultimately superficial press stories that explode out of nowhere. Like a meth-fueled mob of millions tearing through a city and destroying anything that pisses it off.

That mob has incredible destructive power, but it peters out very quickly. If it gets fired up enough it can focus on a single issue like SOPA for a few days. But as soon as it senses defeat, as soon as the target rolls over and shows its unprotected belly, the mob declares victory, gets bored and moves on.*

So is it really so surprising that anyone who finds themselves the target of the mob just immediately rolls over and gives up? And the way to roll over is an unqualified apology, backed up with a short and easily understood explanation of how such a thing will never happen again. Don’t use any big words, and for the love of God don’t try to justify any part of what happened.

One example: Airbnb’s press fiasco last year went away only after an unqualified apology.

So you shouldn’t be surprised that Path went that route as well, issuing an unconditional apology last week for downloading your address book without permission. CEO Dave Morin’s attempts at first to explain what was going on made the mob murderous. Much better to simply say you’re sorry, back it up with the deletion of the offending data, and lay low for a couple days.

Nick Bilton at the NY Times doesn’t seem to get the big picture here. He writes about the Path situation, saying “Mr. Morin seemed unconcerned about how people could be harmed by his company’s carelessness” and “It seems the management philosophy of “ask for forgiveness, not permission” is becoming the “industry best practice.”

That’s not quite right. First, it’s more than a bit of a stretch to suggest that carelessness by Path could lead to “roundups and arrests” or dissidents in Egypt. My educated guess is Path is unlikely to sell, or give, any user data to the Egyptian authorities. Instead, they were using the data to make intelligent friend suggestions, which is significantly less evil.

But more importantly, Bilton seems to think that companies do this kind of thing for some nefarious purpose, thinking they’ll just apologize if they get caught and everything will be fine. That plays to the crowd but it isn’t accurate.

The truth is that startups are always in a hurry and always make mistakes. A good CEO knows that she must remain nimble and prepared to deal with the fallout of those rushed decisions. And the mob has taught those nimble CEOs that a nuanced discussion is not what the mob wants to hear. They want to see that belly.

So the belly is shown.

Bilton seems to think that these CEOs are pulling a fast one on us, getting away with bad behavior. But what he really should lament are the lost conversations that could be had. In the Path situation there was a fascinating conversation about why Apple allows this data to flow out without user consent that never happened. Or why, if address books are so important (dissidents in Egypt!) companies like Facebook are still allowed to use it as their own personal property in any way they wish.

So instead Bilton tries to stir the crowd again. Which is fine because he also noted the very real trend of startups to just apologize, and fast, when the mob looks their way. I’m not sure things will change, though. The mob just can’t stay mad when they see that belly.

Pretty soon all we’ll have is an Internet landscape of people who’ve laid down in submission, when those people should be proudly pushing forward, trying new things, and making us, even the Egyptian dissidents, all better off.

Instead of attacking the apologizers, Nick should use his platform to lament the fact that we’re all being trained to apologize because it’s pointless to have a conversation with a mob.

Just a couple of additional thoughts here. First, sometimes an unconditional apology is the only solution, and I’ve done it at least once. But I don’t apologize just because a mob is after me. That’s easier to do as an individual, harder when you have a startup with employees and investors. Second, I am always fascinated by Facebook, which has had to deal with so much criticism over the years. The one time I think they really did need to apologize to the community they didn’t, and the issue still went away quickly.

Also, the “*” above – the whole rolling over on your belly thing reminds me of a scary day with my dog Laguna. I was taking her for a walk in a neighborhood. Up ahead I saw an unleashed pit bull laying in front of a house. We gave it a wide berth, walking in the middle of the street instead of the sidewalk. The pit bull rushed her anyway, silently, and hit her head on and knocked her over. Laguna, being the docile retriever she is, rolled on her back and submitted completely. But the pit bull didn’t stop, it was tearing into her stomach and Laguna screamed and it sounded like a human screaming. Without thinking I kicked the pit bull in the head as hard as I could, which was pretty hard. It became airborn but landed squarely and looked at me with emotionless eyes. For a moment I thought it was coming for me. But it turned and trotted off, and didn’t give us another thought. Laguna was shaken up but was ok.

Nick Bilton is like that pit bull (in the same way that Path is endangering those dissidents, which means not really). He didn’t weigh in and attack until his prey was on its back and showing its belly. A safe way to conduct business, but not very noble.

Disclosure: Both Path and Airbnb are CrunchFund portfolio companies. We don’t own any Facebook stock, but their privacy snafus have also failed to incense me.

Update: Wow, an epic rant by MG.

51 thoughts on “I’m So, So Sorry. Here’s My Belly. Now Please Move On.

  1. Dan Flanegan says:

    The missed opportunity for meaningful, constructive conversation around these issues negatively impacts entrepreneurs. As I design features intended to improve user experience it would be beneficial to all if we could participate in a discussion or debate… Instead we get a lesson in PR, and we think twice about pushing the envelope. Let’s stop apologizing and start conversing! Entrepreneurs, products and customers will be the beneficiaries.

  2. I think “showing their belly” is a bit of an overreaching metaphor here. These are smart guys… that’s why you fund them. They know as much about how the “mob” responds to privacy snafus in the industry as the tech pundits. Yes, they can make mistakes, but I don’t think they have the innocence of Laguna.

    The mob does their job. They focus their attention “long enough” and then move on like everyone else, but not before bringing a wave of pressure to keep these startups honest. If they were professional guardians of a particular company, charged with constant oversight, they’d be on your Board of Directors.

    If the startups don’t correct the issues identified, the 2nd and 3rd waves may be fatal, or simply more damaging to the brand, its financials, or its capital outlook.

    After the AirBNB debacle, some great new changes came as a result. That’s exactly the type of result we need. In fact, Kara Swisher tweeted back to me awhile back that it looked like just a “blip” on their radar… they were reporting growth in earnings. The mob giveth free advertising (and mission critical feedback).

    PS – We all know there is juicy data out there that we’d love to be able to slurp up and use at will! Luckily, we have the Social Web to keep us honest! Don’t bite the forbidden fruit.

    • Michael Arrington says:

      interesting point about the good that came out of airbnb. But there are countless counter points where no good comes at all, PR people take over and the message internally is to just weather the storm. The good that can come of this is if Apple gets its act together and forces developers to get user consent before downloading the data. The press doesn’t focus on that for a lot of reasons (Apple is powerful and vengeful against press, Path is not). We’ll see what happens.

      For the most part though I totally disagree. The mob destroys things and makes startups far less imaginative than they otherwise would be.

      • I just find it difficult to imagine top tier (VC backed) innovators and disruptors crumbling under outside pressure unless they agree with the criticism to some degree. They shake things up and then go back into safe mode after one snafu?

        I have a feeling the negative attention may cause more concern from the financial backers who get skittish during the period of biggest blowback.

        How much is that going to hold back someone like Zuck or the team at Uber?

  3. Steve says:

    Is damage control something investors usually throw into the deal for free?

    • Michael Arrington says:

      comments like this, when piled up, just destroy conversations. Oh, you’re an investor so you can’t talk about this or we’ll suggest you’re only doing it for financial reasons. I stand behind the entirety of my work, my overall themes don’t change radically (see my link above about fb privacy). But it’s oh so easy to just fire a sarcastic jab in a comment. which is destructive to the community as a whole.

      • Brentis says:

        It was a concise blow. You have not blogged a lot lately and now that a underling is under fire you come out to criticize the mobs.

        I have personally worked with several apps where we knew getting contacts were the holy grail for stickiness and made concious decisions ot to gleen. We literally joked about how easy we could get a contact list and text, “Hey, Mike Arrington just downloaded Path and we think you will love it too” to all of Mike’s contact list.

        Why do you think google and fb try scare tactics to get users phone numbers? Not to help protect theit account… Keep in mind, this is done from the web or a 1.0 of getting user data.

  4. Victor says:

    I think Nick meant that when you transmit unencrypted data (eg. your address book) to PATH’s servers, the packets can be sniffed an easily interpreted. This way the government is able to easily gain access to your data. I don’t think Nick implied in any way that PATH was selling user data to governments.

    Anyhow, is it too much to ask that a company ask users for permission before collecting their entire address books?

  5. Raja Doddala says:

    Nick Belton wasnt suggesting Path will sell data to the Egyptian authorities. He was suggesting Egyptian secret police can pose as a friend to an activist and get access to his/her address list – not sure one could do that either on path, but just pointing it out. Either way, putting my phone address book on their servers without asking me is just plain wrong. Whether I care or not is a separate issue. Just taking my shit without asking is just douchee.

  6. Imran says:

    jeez! isn’t this your own dog. I can clearly see you are in violation of animal rights ;}

  7. All excellent points – especially the phenomenal way Facebook has been able to navigate these issues with 850MM users. However, NYT really couldn’t have written another story. This is general mainstream media – In print they are reporting on a “happening” in SiliconValley; not participating in the conversation. Hopefully the conversation continues on Bits Blog.

  8. Apple allowing this kind of access made it a baseline feature that social apps are competitively ‘required’ to take advantage of. How often was the early experience on Instagram lauded by users and the press? Access to the address book played a huge role in that first (and ongoing) user experience. I’d imagine there are investors out there who encouraged their portfolio companies to mimic the social experiences that users get from these apps. How could they not?

    I’m not saying it excuses the behavior, but the entrepreneurs are scapegoats here; Apple’s responsible for changing the playing field.

    • zato says:

      “Apple’s responsible for changing the playing field.”

      What exactly DOES Apple say in the SDK rules about the use of the address book? I don’t have the SDK, and have not seen any mention of what the rules, if any, are.

      • Good question. If I get a chance I’ll dig in and come back here with an answer.

        • zato says:

          The post near the bottom of this page by “ajf” sounds like the real story. He says:
          “There are numerous warnings against it in the SDK and the App Store Review Guidelines state, unequivocally, that any developer who collects private data without the users permission will be banned. The legitimate complaint against Apple in this case is that they failed to catch Path’s violation and have yet to take action against them. Perhaps the fact that the app got through was an oversight by the reviewer, but the failure to act now that Path has been exposed is more troubling, especially given the fact of Apple’s close relationship with KPCB.”

          Path has ended the D/L’ing and wiped the stored data. No doubt they have been in communication with Apple either directly or through KP over this incident. With thousands of apps a day to check, Apple can’t catch everything. They must be using automated systems to look at the code for problems. It may also be that apps from “trusted sources” do not go through the full screening process. I’m sure they will respond in some way to ensure this doesn’t happen again.

  9. Mike,

    I’ve always been a huge fan of your writing, because it’s ALWAYS honest, unvarnished, unfiltered, and crystal clear where you stand.

    But this article, I’m not really sure what you’re trying to say.

    Is it that Path SHOULD have apologized, and now that they’ve done so, it’s time to move on?

    Or, that they SHOULDN’T have apologized, but that mob mentality required this bit of Kabuki theater, even though though it didn’t deserve it?

    Or, that Path made a relatively minor, innocuous mistake, but their apology was more than necessary?

    I’m not sure where you stand on what Path did…

  10. jeffj says:

    Mike, don’t take this the wrong way, I just want to know because the pattern of posts on this blog may just be a coincidence. Does the content of your posts depend on whether the company is part of your crunchfund?

  11. David Abraham says:

    What you wrote reads well and is logical except for the fact that stealing private address book data is not pushing the envelope. It is evil incarnate.

  12. Si says:

    OK, Path were bad.

    However, why did Apple (seemingly) allow apps to access your address book without asking permission AND let these apps through onto the App store?

    It seems odd, especially as they make a massive deal out of guarding people’s location privacy and permissions around that.

    So it’s (seemingly) not OK for iOS to access your location without our your permission, but it’s (seemingly) fine to slurp up your address book’s names, emails, addresses behind your back and without your explicit permission?

    Is it just me, or does that seem to be less than ideal – and inconsistent – behaviour re. privacy?

  13. David Callahan says:

    … good article, measured, balanced, and politically correct. Admire your restrain when you compare Bilton to a pit bull… which is unfair to all dogs, noble animals.
    In my own experience with journalists, I firmly consider them worst than snakes: they have to produce bad news and crap [in order to "get ahead"] that would smear individuals’ as well as companies’ images — including start ups and of course entrepreneurs, particularly those who are successful and brave enough to work hard in their field…
    We are all just human and we all make mistakes. Apologizing for our mistakes is just the right thing to do… Most of us still believe in second chances — although for “journalists,” who believe that they are “above” us all, it would never be an option.
    I will just offer this “pearl” to you: I personally know two Washington Post journalists who at different times in the past two years, were credentialed before the White House — and in at least two occasions, attended White House press conferences stoned out of their heads…
    but of course, they would deny, deny, deny and deny it — One of these guys’ wife still bakes “funny brownies” for week-end social gatherings…

  14. Dan Farfan says:

    “get user consent”? User consent has been rendered close to meaningless by smartphone apps over-asking, under-informing and brushing off the user with the widest binary brush possible .. “approve all (though you understand none) or don’t download me.”

    “User consent” is a wildly broken model. And here’s how to fix it.
    First of all permissions must be presented in 2 groups: Mandatory and optional. Each optional permission can be selected yes/no by the user both before AND after download.

    Secondly (and this is the game changer), today “permissions” are merely functions that the software can do or not. This is purely the software point of view — which is to say it’s completely wrong-headed (relax, I’m a computer scientist. I can scold my brethren by donning the inalienable cloak of whatever that a rapper uses when peppering lyrics with the “n” word and the “b” word.)

    Functions are of the domain of software. Permission is of the domain of user, but simply calling functions permissions doesn’t make them that. Permissions come in 2 flavors as well (see how simple this is? 2 new rules. each with 1 distinction leading to 2 types of things.) As a user, there are functions I want the software to do ONLY WHEN I TELL IT TO and functions I want it to do SO I DON’T HAVE TO TELL IT TO. Before I explain with a real life example from my current startup, one more analogy. The biggest trouble with the state of the art “user consent” / “permissions” construct is that it’s modeled after “power of attorney” that *puts* all users in a comatose state to make it party time Weekend At Bermie’s style

    My startup (artcollectorgame.com) is a digital marketplace game you play with Facebook photos. You connect to the game via logging into your Facebook account and granting (old-fashioned) permissions to the game (or, sadly, moving on if you don’t grant all). One of the permissions allows the software to post messages to your wall (not your friends’ walls, just your wall). The game uses it (like many zillions of other games) to announce Achievement Levels have been reached, after the user clicks to invite a specific someone from their Friends list, etc. “Dan bought his 50th piece of Art. Congrats! Come join the fun .” Boom. Simple. But it’s not.

    I’m implementing as much of my consent/permission 2.0 proposal as I can right now (walking the walk) by building into my User Preferences feature every instance of when the software posts to the player’s Facebook wall … so the user can opt-out or opt-in to each. If the player has opt-ed out of posting Achievement Levels, they will see a link on THEIR announcement message that will left them override the opt-out manually, if they chose to click it. Get it? Context-aware Manual or Automatic. That’s the permission, not the function, “post to wall.” “Save me the extra click to brag about every level I achieve by doing it automatically.” That’s the voice of an empowered user deafeningly silent in consent/permission 1.0.

    Sure, this will cost some exposure to the game, but treating the Facebook “permission” beyond its function is what is most respectful to the user. Consent/permission 1.0 contains zero respect. Shouldn’t there be a measure of respect built into a system that involves asking, beyond “take it or leave it, bitches?” I think so, anyway. And in a few days, my software will make it so — as much of consent/permission 2.0 as it has control over, anyway.

    Who knows, perhaps a mob can get Android and iOS folks to “belly up” to implement a solution, not just issue an apology. Perhaps?

    @DanFarfan

    • R says:

      Hi Dan, as a non-developer I’m afraid I didn’t always track what you’re saying, but what I’m looking for as a user is “Yes, I permit Bongo Fury to post to my wall, so long as it asks each time before doing so.” Is that what you’re up to with consent/permission 2.0?

      I tried just now to use Facebook and Twitter to sign on for this reply, but the list of things WordPress can do goes beyond what I want to let it do–for me that’s almost every time I try to use Facebook or Twitter for identity.

  15. Adam says:

    Right on, Mike. I’m glad someone with a big megaphone has said what needs to be said: the mob “justice” that has been so frequently and recently lauded as of late has quite a dark side to it. We’ve seen it with the cheering on of Anonymous idiotic stunts (“WE WANT FREEDOM! Oh, hey, let’s threaten and silence people we disagree with!”), and we’ve seen it with so many other often pointless or even just-wrong pile-ons.

    Yes, in some cases I’m pleased with outcomes favored by the mob (as in the defeat of SOPA/PIPA), but the ends often don’t justify the means, IMHO.

    As you rightly noted, we’ve lost the willingness to hold nuanced conversations. Actually, I’m wondering if many folks even have the ability to engage in such discourse.

    The move away from blogs and towards length-constrained soundbites certainly isn’t helping, either.

    But what’s the answer? You’ve identified the problem, you’ve noted the increasingly common “solution” (rolling over), but what are some ways in which we can reverse this situation and have social media used to enlighten rather than enrage?

  16. Geoff says:

    I don’t think it would have been that hard for Path to have made the right decision in the first place, even ‘in a hurry’.

    If it was obvious to so many users how wrong taking without permission and store an entire address book, it should have been doubly obvious to a developer.

  17. Vizslas are the best dogs. I have two myself.

  18. Personally, I find kottke.org’s analysis a little more relevant : http://kottke.org/12/02/more-on-iphone-address-book-privacy

  19. ajf says:

    “We are deeply sorry if you were uncomfortable with how our application used your phone contacts.” – http://blog.path.com/post/17274932484/we-are-sorry

    That is not an unconditional apology, exactly the opposite. And it doesn’t address the the fact that Path brazenly violated the terms of their own privacy policy.

    Though I think Apple should implement an API level modal permission for contact data as they do for location, it is completely disingenuous to claim that they allow the surreptitious collection of this data. There are numerous warnings against it in the SDK and the App Store Review Guidelines state, unequivocally, that any developer who collects private data without the users permission will be banned. The legitimate complaint against Apple in this case is that they failed to catch Path’s violation and have yet to take action against them. Perhaps the fact that the app got through was an oversight by the reviewer, but the failure to act now that Path has been exposed is more troubling, especially given the fact of Apple’s close relationship with KPCB.

  20. The third sentence of Path’s apology is an advertisement for the service. It’s difficult to take this apology seriously.

  21. Mike, I respect your forthrightness in calling things as you see them. I took issue with Nick Bilton’s overblown piece in a Twitter exchange with Mathew Ingram earlier today. Path early adopters and Syrian protesters are apples and oranges. That said, I have to call bullshit on the whole “gee-we’re-really-sorry” ask-forgiveness-not-permission attitude of Zuckerbergian entitlement to the universe of user data. This is not a frivolous witch hunt conjured up by alarmist wingnuts. It was a foolish mistake that made for terrible PR (making it into mainstream media from the WaPo to Forbes), could land the company in legal hot water in EU member countries at a minimum, and could have been easily avoided with a few minutes’ work drafting simple (but “inconvenient”) disclosure and/or adding links. (I wrote more about lessons learned for social startups at http://gust.com/angel-investing/startup-blogs/2012/02/09/veering-off-the-beaten-path .)

    Personally, I’m an active user of many forms of social media, including Path (which I really like), and I’m generally open with my own contact information. That said, I’m also a lawyer for social Web and mobile startups; I helped eHarmony leverage and safeguard 20 million people’s private data as GC; and I know what disclosure and consent look like. Path neither disclosed nor sought consent to copy my unencrypted contact information from iPhone to remote servers. If they had sought it — as social APIs like Facebook Connect *always* do when seeking permission to install a new app — I most likely would have granted it, because I trust the guys at Path not to do anything crazy with it. (I might have had to pause to review client confidentiality issues under state bar rules, but that’s an esoteric tangent.)

    To add insult to injury, nowhere in the app are there any links to TOU or a Privacy Policy to read about what Path does or doesn’t do; they’re hard to find even on the full website; and when you find and read them, as I did, both documents are silent on this subject. Those are basic CYA measures for the Company itself as well as disclosure to end users. In 2012, this is Social Startup 101, not a pimply-faced college freshman calling his users “dumb fucks” for trusting him. We’re talking about a well-funded startup run by a very smart guy who can include “created Facebook Connect” on his resume. Path should know better and its apologists should stop patting it on the back for grudgingly doing the right thing after leveraging all that data as unfettered as possible for early viral growth.

  22. Oliver Starr says:

    Mike and Laguna, just one point about the pit bull… While I don’t disagree with your quick action that may have saved Laguna’s life (one I would have taken myself in a similar situation) the animal that attacked your dog should not be blamed – the owner of that dog is clearly at fault and should at a minimum be cited and if they continue to behave in such an irresponsible manner with respect to a dog that is clearly dangerous to other dogs and possible to people, they should have the dog removed from their possession and placed with someone capable of providing appropriate containment and care.

    Oliver

    PS: great to see you blogging again. you have always been one of my favorite bloggers both before a worked with you, during and ever since.

    • Michael Arrington says:

      I’m with you on the dog, Oliver. I think I know most dogs and what they intend to do, but pit bulls and some other dogs are hard for me to read (some of them at least). But yes, I agree, the owners are to blame. I still would have murdered that dog happily though, the protective instinct just took over.

      • Oliver Starr says:

        In a related story, a friend of mine related this to me: Seems a guy that had a wolf-hybrid was walking the animal (on leash) past his neighbor’s property. Said neighbor had two pitbulls, both apparently dog aggressive, neither contained. As wolfdog guy passed both pits charged across the yard towards wolfdog guy and wolfdog.

        The pitbull owner comes charging out of the house and screams at wolfdog guy “if your wolf attacks my pitbulls I’ll kill him”.

        Pitbulls, luckily for all, decide it’s not in their best interest to attack a wolfdog and stop short.

        Wolfdog guy then calmly says to pitbull owner. It’s a good thing you didn’t harm my animal. If you had I would have been forced to spend the rest of my life figuring out a way to kill you and get away with it.

        Apparently this was convincing. Pitbull guy moved away three weeks later.

  23. Privacy and Web Innovation can go hand in hand and need to go hand in hand. We should not compromise one for the other. That’s all that Nick Bilton was trying to say in the article.

    Path was just a recent example. The fact that other startups are doing it does not make the issue less relevant or less important.

    It is very surprising to see Michael Arrington and MG Siegler become so defensive in their blog posts. Both posts lack objectivity about the fact that Privacy Infringement is a major issue in the digital world.

    Since when did investors become so defensive and protective about the unethical practices of their startups?

  24. Lamai Sihanouk says:

    I am really surprised and frankly saddened to see this post. Honestly, I think you’re doing more harm than good to your portfolio company with the defense you present here. By attempting to suggest that the main problem in this situation is not the company that took people’s data without permission, but the folks that had their data stolen and had the nerve to complain is just incomprehensible to me. I used to really like your old Techcrunch articles, especially the ones where you held bad-acting parties feet to the fire. It seems that your new role is quite the opposite – defending the indefensible while insulting the intelligence of your readership by suggesting that your opinion remains unbiased. After reading this post, Path is not the only one who is “so so sorry”, and after seeing their underbelly, I’m more than ready to move on.

    • Dan Schuh says:

      Yes. Arrington’s post really bothered me, and reading MG Siegler’s reiteration at http://parislemon.com/post/17527312140/content-everywhere-but-not-a-drop-to-drink bothered me enough more to right in here. Siegler is much less fun to read outside on his personal blog, where his pomposity and Apple-to-the-core bias isn’t lightened by irreverent viewer mail. But Arrington, who I had a lot more respect for, went off the deep end comparing Bilton to a pit bull attaching his defenseless dog. Or not comparing Bilton to a pit bull, Arrington sort of wimped out in his pissy little conclusion with the “or not really” line.

      The implication that Arrington and Siegler are “journalists”, and Nick Bilton isn’t, is laughable. Yes, Arrington and Siegler acknowledge their more-than-obvious conflict of interest with their investments, but then they go off on these long tirades about how they understand and Bilton doesn’t. Whatever, it all would have been standard self indulgent “I’m so smart and and wired-in and regular journalists are stupid” blogger claptrap, and I’d expect this kind of BS from Siegler because of the Apple angle. But then Arrington threw in the pit bull crap, which was offensive and just plain ridiculous at the same time. Hell with him. Hope he has fun with his fund, and I wouldn’t wish him ill there, but he’s just not worth reading.

  25. At what stage in the project planning, before the code had been written, did anyone think that taking someone’s address book without their permission, against the AppStore’s TOS was a good idea?

    Did nobody around that table when it was put in the project plan to be implemented ask whether that would be a good idea or a bad idea. Did nobody mention that if it was a good idea, it would be an equally good idea to encrypt it?

    Did nobody suggest a splash screen asking permission and giving the reasons for giving up the info.

    Asking us to move on is just plain wrong. Ask the project team you partly fund to read the T&Cs they signed up for and stick by them, especially where MY data is concerned. i’m afraid “We are deeply sorry if you were uncomfortable with how our application used your phone contacts.” is just not good enough – If they were deeply sorry it wouldn’t only been for the ‘theft’ of data but also the multitude of sins that led to it.

  26. riskpundit says:

    Your post reminds me of the old cliche, “Better to ask for forgiveness than permission.” “Apologize and move on” may get it done, but playing fast and loose with people’s privacy is inviting more government regulation. I am fully expecting a draconian privacy law that will result in fines and possibly jail for executives, a la Sarbanes-Oxley. And it will be your fault for accepting senior management’s total lack of attention to security and privacy.

  27. neil says:

    This is now a thread about pit bulls

  28. ed says:

    Sorry if you’re offended by my theft of your stuff but what part of sorry don’t you get?

  29. Voidious says:

    Are you sure it was a pit bull? http://www.pitbullsontheweb.com/petbull/findpit.html

    Glad your dog’s ok.

  30. Ravi says:

    I agree with Dan Lyons. Mike, take a look at the mirror and then tell us honestly that you are not defending Path just because you have a stake in it.

    Also, why this rabid animosity towards people who are critical of one of your investments ? You of all people have given as good as you got. Your over-the-top defense of Path seems to be a sign that it was indeed doing something wrong, and do you think that shouting loudly back at the people who pointed out its mistakes will somehow make it right ? Path was in the wrong, it apologized, got hit by a few journalists, and that’s that. Not much different than how you have treated many other companies before.

    So why the holier-than-thou attitude towards journos ? You are no better (or worse).

  31. David Wo says:

    You and MG Siegler are such hypocrites, Mike Arrington. You have lost perspective and long lost any moral high ground. You should stop straddling the fence as “journalist” and investor.

    Really, you guys are shameful with your lack of ethical balance and measured understanding. Actually, you have neither.

    Look up “karma” in Wikipedia. It’s going to come around to you. Long overdue.

  32. “The truth is that startups are always in a hurry and always make mistakes. A good CEO knows that she must remain nimble and prepared to deal with the fallout of those rushed decisions.”

    Rushed decisions? That implies Path deliberately decided to access the user’s address book without asking permission. If this is the case it isn’t a mistake but a determined attempt to go behind user’s backs. And I love you to explain how on any planet that makes sense?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 14,242 other followers

%d bloggers like this: