Social networking startup Path has been ordered to pay an $800,000 fine to the Federal Trade Commission in addition to other measures to settle a controversial privacy issue. The service was accused of using deceitful tactics to collect personal information from members’ mobile device address books and storing it locally on their servers – even from children.
The FTC levied the fine against Path for collecting personal information from children without parental consent. Path allegedly collected information from around 3,000 kids under the age of 13, a move that violated the Children’s Online Privacy Protection act.
The company ultimately admitted that early on, they accepted signups from people under the age of 13 because their system wasn’t automatically rejecting people that didn’t meet the age requirement. Path said they discovered and fixed the error before being contacted by the FTC.
Furthermore, version 2.0 of Path’s iOS app offered users three different methods to add friends: find friends from contacts, find friends from Facebook or invite friends by e-mail or SMS. The problem was that Path would collect data like names, addresses, phone numbers, e-mail addresses and social media usernames from a user’s address book even if that option wasn’t selected.
In addition to the hefty (for a startup) fine, Path will be required to establish a comprehensive privacy program and submit to an independent privacy assessment every two years for the next 20 years. As CNET points out, Path raised roughly $30 million last year from investors but their business model moving forward isn’t entirely clear.