LESS than a week after social network Path settled with the US Federal Trade Commission for collecting childrens' private information to the tune of $800,000 it has once again been caught publishing users' private information.

The social network and photo sharing mobile app has been automatically geotagging users' photos even when they have completely disabled location services.

The bug was discovered by security researcher and hacker Jeffrey Paul who found that Path had geotagged a photo he published from his phone even though his location services had been disabled.

It turns out that the social network had taken the metadata from the photo (information embedded within the photo file that specifies the time it was taken, the location, the device it was taken on etc) and used it to geotag the post.

EXIF data can be removed from images but it's a bit of a pain, especially considering that users' have already asked for their location information not to be published.

The discovery comes about a year after Path was caught publishing users' entire address books and just days after Path paid an $800,000 fine for collecting information on its underage users without parental consent.

"This is surely terrible form on Path’s part (and, after the previous contact-stealing, a pretty clear indication that they don’t give two f**s about four f**s about your personal privacy)," Mr Paul wrote on his blog.

"But the real question here is shown to be: Should Apple’s iOS allow applications for which Location Services are explicitly disabled to access location information embedded (by the iOS Camera app) in photos stored in the Camera Roll (when access to photos is granted)?

"I think the answer here is very clearly no."

Path responded to Mr Paul on his blog claiming they were unaware of the issue.

"We take user privacy very seriously here at Path," the company wrote.

"Here is what we have discovered and how we are responding:

1. We were unaware of this issue and have implemented a code change to ignore the EXIF tag location.

2. We have submitted a new version with this fix to the App Store for approval.

3. We have alerted Apple about the concerns you’ve outlined here and will be following up with them.

One note to clarify: If a Path user had location turned off and an image was taken with the Path camera, Path does not have the location data. This only affected photos taken with the Apple Camera and imported into Path."

News.com.au recommends staying away from Path for the time being.

