A second class-action lawsuit was filed against Path Inc. claiming the company's mobile app collected more infromation than just users' address books. The suit also calimed that users of the Path app were:
"... victims of unfair, deceptive, and unlawful business practices; wherein their property, privacy, and security rights were violated..."
The additional data allegedly collected without notice and without consent included find GPS locations, users' personally identifiable information, and the personal information of minor children.
The suit claims that the information collected was distributed to other companies with notice or consent, and that tracking methods were added to users digital information:
"Affix to Plaintiff's and Class members' digital content, referencing photos, videos, and audio files, without notice or authorization tracking mechanisms and information... "filtering" of digital content by installation of geo-tags for tracking, interception and monitoring of social network interactions... that third-party social network interactions would be monitored and then transmitted, used, disclosed, and stored on path's servers..."
The suit claims that Path stored address book information is an insecure manner. By February 2012, Path reportedly had about 2 million users.
The suit was filed in Northern District Court of California by attorneys Strange & Carpenter of Los Angeles, and Joseph Malley of Dallas. Readers of this blog recognize Malley, often referred to as a "Privacy Crusader." Malley was involved with class-action suits against Adzilla, NebuAd, Quantcast ("zombie cookies"), Hulu.com and KISSmetrics ("zombie E-Tags"), Ringleader, Facebook, and Apple. In 2010, Facebook settled its suit for $9.5 million. So, Malley has plenty of experience with online privacy and tracking issues.
You can download the Hernandez et al v Path Inc. complaint from Courthouse News (Adobe PDF).