I suspect, if you probe more deeply, that some of the Path developers where familiar with how this problem is normally solved and just copied a common design pattern. A large number of IOS applications supposedly upload the contact list to make it easier to find friends server side - I further suspect that many, many of the popular social apps do this.
Hopefully at least Five good things will come out of this:
1) Social Apps immediately remove the "upload contact list code from their
apps"
2) Social Apps come up with a more privacy clueful way of searching for
your friends.
3) Social Apps (all apps, ideally) focus more on user privacy.
4) Apple requires permission to be granted before allowing an app to read
your contact list.
5) Apple is more explicit about what app developers are _not_ allowed to do
when transmitting information off the IOS Device
6) The App review process adds a check to see if certain user private fields
are accessed, (Contact, Photos) - and ensures (through audit, or
confirming with the developers) that private information is not
being uploaded without opt-in.
If some or more of these things happen, then I'm actually happy what Path did was publicized. They've deleted 100% of the contact information off their servers - people now have to opt-in to add it back in.
It seems to me to be more a case of developers taking the easiest option, rather than spending some time considering a more secure, less creepy way of doing what they wanted to do.
Hopefully at least Five good things will come out of this:
If some or more of these things happen, then I'm actually happy what Path did was publicized. They've deleted 100% of the contact information off their servers - people now have to opt-in to add it back in.