Android shows the permissions each app is requesting before you install, and even lets you know if they change their permissions between updates. While what Path did is crappy, they didn't subvert the Android permissions system.
The thing that burnt the poster is that while a social app asking for access to their contacts might not rise a brow, the user has no way to know what they are going to do with that data without looking at the reviews or around the internet for complaints/testimonials.
"Android shows the permissions each app is requesting before you install"
Yes and no. Google often hides the most offensive permission requests under that "see more" arrow. And the permission requests (and accompanying explanations) are too vague and ambiguous. For example: Does "request access to network" mean they're able to sniff all my incoming/outgoing data, granting the app access to everything?
That, and the page is designed so most people will click the "Accept & Download" button without even reading the top-level permission requests.
It's got the title and button at the top, taking up a large chunk of space (1/3rd on my Nexus 4), and then a vague list of - to most users - technical-sounding "stuff".
My guess is a large majority of users never look past the button.
But Android also doesn't allow you to deny specific permissions. It's all or nothing at time of install - if it ever gets location, it always gets location. This is one of the reasons I like iOS.
The thing that burnt the poster is that while a social app asking for access to their contacts might not rise a brow, the user has no way to know what they are going to do with that data without looking at the reviews or around the internet for complaints/testimonials.