Path, a social networking mobile app, has agreed to enter into a settlement with the Federal Trade Commission (“FTC”) regarding charges that the company deceived consumers by collecting contact information from users’ mobile address books without notice and consent. The agreement also resolves charges that the company violated the Children’s Online Privacy Protection Act (“COPPA”) by collecting personal information from children under 13 years old without parental notice and consent. Path did not admit any liability by entering into the consent decree, which is for settlement purposes only.
The FTC alleged that the Path application included an “Add Friends” feature that allowed users to make new connections within the app. Users were given three options when using the “Add Friends” functionality: “Find friends from your contacts,” “Find Friends from Facebook,” or “Invite friends to join Path by email or SMS.” Regardless of which option was chosen, Path automatically collected and stored contact information from the address book on the user’s mobile phone. The FTC argued that this practice was contrary to representations made in the company’s privacy policy that only certain technical information, such as IP address, browser type, and site activity information, was automatically collected from the user. Under the settlement, Path agreed to implement a comprehensive privacy program and obtain biennial, independent privacy assessments for the next twenty years. Continue Reading FTC Settles Deception, COPPA Charges Against Social Networking App Path