The fact that you have to email Path to "revoke access" is still unacceptable.
This information should never be stored on Path's servers. Best case scenario they should be storing hashes of information and before people say there can be collisions so what? The number of people who would be presented with a friend that they don't know will so minuscule versus the number of people whose personal information is stored in plaintext in a database somewhere.
The idea that when someone signs up for Path and is instantly recommended to friend someone else because that person shared their personal information is scary.
Making this opt-in gives people the illusion of control when one of their tech illiterate friends who always clicks accept has already given out all of this information.
This information should never be stored on Path's servers. Best case scenario they should be storing hashes of information and before people say there can be collisions so what? The number of people who would be presented with a friend that they don't know will so minuscule versus the number of people whose personal information is stored in plaintext in a database somewhere.
The idea that when someone signs up for Path and is instantly recommended to friend someone else because that person shared their personal information is scary.
Making this opt-in gives people the illusion of control when one of their tech illiterate friends who always clicks accept has already given out all of this information.