Except when we choose not to.
As pointed out by a friend, the above is from Path’s website (From the About page, at the time of writing). Everything on Path is private and you are always in control. Except when the “industry norm” is to steal your data, then everything is justifiable.
I am certain that Path had the best of the intentions when they were doing this, and I strongly believe they were not going to misuse the data. However the problem is that this never crossed their mind, that what they were doing was wrong, irrespective of the industry norms, or developer guidelines. Perhaps its our attitude to build products first, and privacy later? Or perhaps our casualness on the data we share?