Privacy Case May Come Down To Whether It Costs $12k To Uninstall An iPhone App
from the two-swipes dept
For many years, we’ve noted that courts have been very, very reluctant to allow lawsuits against companies who leak private data, when there’s no evidence that the leaked data was used to create harm. The courts have more or less said, no harm, no broken laws. So it seemed likely that the class action lawsuit against software startup Path, for uploading a user’s address book, wasn’t likely to have much of a chance in court. As you may recall, earlier this year, there was a tremendous hubbub when some people realized that in order to use a “find your friends” feature, it uploaded a user’s entire address book to a server. The reality is that many apps did exactly the same thing, because it made the process much easier. However, you can see why people would be quite annoyed and upset about a service grabbing their entire address book, without making it explicit that was about to happen.
Regardless, the lawsuits against Path and others didn’t seem likely to have much of a chance — but in one of the main cases against Path, the plaintiff who is trying to do a class action lawsuit came up with a way to try to show “harm,” claiming that it would cost him $12,250 to hire someone to remove the Path app (though he never claimed to have actually paid that). Path responded by noting that deleting its app is “a simple act requiring no more than two swipes of his finger on his phone,” and suggesting that the $12,250 is completely and totally bogus. The judge, however, is letting the case proceed, noting that at this stage of the game, it has to accept the $12,250 as true, and Path can push back on the validity of the statement later in the process.
The ruling does dismiss (while leaving open the possibility of amendment) a bunch of the claims, showing that the plaintiff, Oscar Hernandez, really tried to throw the kitchen sink at Path — with a bunch of claims that made no sense at all. So it throws out the claim of wiretapping (no communications intercepted), the “Stored Communications Act” claim (no communications service or electronic storage as defined in the act is present), “Invasion of Privacy” under California state law (fails again for a lack of interception), “public disclosure of private facts” (nothing was publicly disclosed, so…), and trespass (he failed to show “significant impairment” as required by the law). On other points the motion to dismiss was denied, but on the whole, it seems likely that Path is going to win this case in the end. I’m just amazed at the $12,250 claim as an attempt to show “harm.” They may have gotten away with it so far, but would a court really allow such a bogus claim to stand? Eventually, it’s going to be shown that removing Path from an iPhone is ridiculously simple.
Filed Under: addressbook, apps, privacy
Companies: path
Comments on “Privacy Case May Come Down To Whether It Costs $12k To Uninstall An iPhone App”
Economics
For those lawyers who may be inept/faithful enough to believe such tripe: I will perform the process in question for the bargain price of only $5000.
For non-lawyers, $20.
Re: Economics
$20 to uninstall an app?
Re: Re: Economics
I’ll do it for $19! Arbitrage is awesome.
For twelve grand he could buy thirty six brand spankin’ new iPhones without ANY apps installed. What a crock.
Re: Re:
The real crock is that companies are allowed to siphon off and use your personal data wholesale without telling you, and there’s not a thing you can do about it.
Re: Re: Mirrors
Let’s just state that in reverse:
The real crock is people choose to install an app which has the permissions clearly defined and then they complain/sue about it.
Re: Re: Re: Mirrors
It’s a good point, but…
The permission disclosure thing is poorly done and leads people to ignore them. Apps often require permissions for things that imply they do things they don’t really do, and so people are encouraged to basically ignore them. It’s a bit like EULAs.
Not saying that’s right or wise (I assume that all apps are going to try to access everything, so I firewall them off anyway), but it is understandable.
So, it seems to me like it’s a crock all around.
It’s a tough position. Apps should have an obligation to tell you what data they’re accessing and what they’re going to do with it, and we should have some sort of recourse when they do other than what they said. But if wishes were ponies…
Re: Re: Re:2 Mirrors
…we’d be eating steaks.
Yeah. I’m not even arguing either side, the blame clearly lay in all directions. It’s sad, but likely it’s not going to be uncommon.
Re: Re: Re: Mirrors
I would say the real crock is that you can’t sue a company without showing real harm, but the same cannot be said in reverse.
Take for example copyright lawsuits.
Plaintiff estimated the wrong cost
The real cost item would be in ensuring that once the app had been removed, the address book information was also removed from Path’s possession.
Hiring the people necessary to sift through their electronic and paper storage systems as well as ensuring that no off-site backups contained the information would cost far more than $12,250.
Re: Plaintiff estimated the wrong cost
also: making sure that removing it actually REMOVED it. never really having bothered with Apple’s stuff, i don’t know how big of a deal this is, but i know Windows is absolutely Terrible about leaving random fragments of things behind when they’ve supposedly been ‘removed’ (and they’re often in all sorts of strange places, so kind of hard to kill.) … so, you know, there’s that.
Be interesting to see how he avoids perjury & frivolous.
I’d bet that’s why the judge let it proceed, to hang the fool what makes such claims. As way over cost of replacing entire phone and service contract, it’s insupportable.
However, this is part of MIke’s “where’s the harm?” series. Where’s the harm, of, oh, corporate survey people walking into your house at random hours and just looking around to inventory what products you use? — It’s simply not consistent with privacy and peace of mind, and corporations don’t have ANY rights to your personal data, should be required to get explicit permission. (Yeah, maybe not so much here, but Google? You betcha. Even their “opt-out” just marks you as a trouble-maker.)
Re: Be interesting to see how he avoids perjury & frivolous.
You do understand that it’s the courts, not Mike, who claim there’s no harm. I suspect because to a court harm == material or financial damages, but to real people harm means being harmed.
I’m getting pretty tired reading legal documents whose sole purpose is to elicit the question “How much is it going to cost me to make you go away?”
Know what I like about muggers? They’re terse. “Give me your fucking money.” Simple, concise and they don’t make me read 50 pages of crap before taking my money.
Re: Re:
slightly more likely to stab and/or shoot you, mind you.
What if they were claiming it would cost them $12k to verify that this company had no remaining copies of their data?
Depends...
The real question is, if an app is installed on your machine, and the creator of the app is crazy enough to do this… how, as a user do you know that the app is really gone? And the answer is… hire a $12,000 consultant to scan your phone and make certain. There’s really no other way to know. I would use the word “bogus” with care.
Re: Depends...
Actually I can already tell you that if an app is removed (deleted) from an iPhone/Pod/Pad from version 4 onwards the app executable code could be deleted but the underlying links, logs, user specific database, are very very rarely deleted (and logs never).
In fact some apps NEVER delete themselves instead they disable themselves. Then you have the iTunes backup system where the app you deleted is most likely still residing in your backup (and other places) in your PC so that it is easy to re-install or be installed at the whim of Apple’s weird “the user always makes mistakes about what they do or don’t want to do” recovery engine.
For someone to forensically go through all the devices above that this app might have infected..oops been installed on… would be a lot more than $12000US, especially if that analysis was to be for purposes of evidence in a court case.
Re: Re: Depends...
Yes, because we all know that if the user saves a backup of an app, it’s the software developers fault. Get a grip. Shit like this makes me not even want to develop anymore, way too much lawsuits getting in the way of innovation.
How much will it cost to remove the address book from the servers it was uploaded to?
SIGH, nobody cares, at all.. This site blows..