Social app company Path apologizes for importing customer address books without asking

This week, there was a big to-do over the discovery that social-media startup Path had been uploading customers' address books without permission. The latest turn of events is an apology from CEO Dave Morin. It says, in part:

We are sorry.

We made a mistake. Over the last couple of days users brought to light an issue concerning how we handle your personal information on Path, specifically the transmission and storage of your phone contacts.

As our mission is to build the world’s first personal network, a trusted place for you to journal and share life with close friends and family, we take the storage and transmission of your personal information very, very seriously.

Through the feedback we’ve received from all of you, we now understand that the way we had designed our ‘Add Friends’ feature was wrong. We are deeply sorry if you were uncomfortable with how our application used your phone contacts.

In the interest of complete transparency we want to clarify that the use of this information is limited to improving the quality of friend suggestions when you use the ‘Add Friends’ feature and to notify you when one of your contacts joins Path––nothing else. We always transmit this and any other information you share on Path to our servers over an encrypted connection. It is also stored securely on our servers using industry standard firewall technology.

Now, I much prefer the straightforward "We Are Sorry" at the top of the post, as opposed to "we are sorry if you were uncomfortable..." that comes later. Imagine that I insulted you, and you pushed back, and I said, "I'm sorry if you took my comments the wrong way." You would not consider that much of an apology.

Morin's apology sounds like that. A straightforward statement such as, "We are sorry that we used your contacts without permission" would have been more to the point.

This "sorry you were uncomfortable" apology reveals that the company thinks what it did was correct and justified, and only because it garnered bad publicity did they do anything about it. This says something about social web services like Path. They feel that they deserve access to your information, and would prefer to do it without asking, unless people find out about it. I'll try to remember that when I get the next signup request for a new service.

What do you think? Is this a heartfelt apology? Does Path even feel they made a mistake?