Thanks to a clever marketing strategy based on social media posting, Superhuman quickly gained the center of attention in Silicon Valley. The app – a $30 per month email service for power users looking to increase productivity– is a viable alternative to other popular but outdated email services, according to nearly all of its users.
However, it has been sharply criticized in a blog post published Tuesday by Mike Davidson, former vice-president of design at Twitter. In his post, Davidson details how one of Superhuman's features is a conventional, privacy-breaching tracking pixel. Users can see when recipients open emails, how many times they do that, what device they are using, and their location.
Superhuman is a surveillance tool that intentionally violates privacy by notifying senders every time their emails have been viewed by recipients. I would never trust this company. Only way to make sure your own privacy isn't violated is to disable images in your own email app. https://t.co/JZh2csd0ZB
Davidson writes: “It is disappointing then that one of the most hyped new email clients, Superhuman, has decided to embed hidden tracking pixels inside of the emails its customers send out. Superhuman calls this feature ‘Read Receipts' and turns it on by default for its customers, without the consent of its recipients.”
Tracking pixels are nothing new. They are tiny hidden images embedded in emails. The image then reports information such as when the email is read and the location in which the user is located at the time of opening the email. Clearly, they are hidden with the sole intention of keeping them unnoticeable.
In other words, someone could send an email and get a ton of information about the recipient – without his consent, just from him opening the email.
In his blog, Davidson sums it up this way:
“They've identified a feature that provides value to some of their customers (i.e. seeing if someone has opened your email yet) and they've trampled the privacy of every single person they send email to in order to achieve that. Superhuman never asks the person on the other end if they are OK with sending a read receipt (complete with timestamp and geolocation).
Superhuman never offers a way to opt-out. Just as troublingly, Superhuman teaches its user to surveil by default. I imagine many users sign up for this, see the feature, and say to themselves “Cool! Read receipts! I guess that's one of the things my $30 a month buys me.”
Tracking pixels are a well-established tool used by several companies. A newsletter email, for example, will probably contain a tracking pixel feeding some sort of data to its senders and several other third parties interested in collecting information. But since the public opinion's attention has been recently focused on other big privacy issues, tracking pixels have been so far mostly ignored despite criticisms.
A 2017 article published by Wired exposed the increasing use of email tracking across the web. Wired reports a study by OMC – an email-security firm that develops anti-tracking tools – conducted on emails sent and received daily around the world. According to OMC, of the 269 billion emails over 40% are tracked.
Surprisingly, an increasing number of tracked emails are not sent from corporations, but acquaintances. “We have been in touch with users that were tracked by their spouses, business partners, competitors,” said Florian Seroussi, OMC's founder. “It's the wild, wild west out there.”
OMC's data reports that 19 percent of all “conversational” emails are now tracked. All of this means that millions of users are being tracked without their consent, and Seroussi believes that some of them might even be in serious danger as a result.
Seroussi explained that it was Google to push email tracking to the next level. He points back to the days when sponsored links based on tracked data first started to appear in the inboxes. At the time it seemed intrusive of privacy. “Now,” he said, “it's common knowledge and everyone's fine with it.”
“Amazon has been using them a lot, Facebook has been using them. Facebook is the number one tracker besides MailChimp.” When Facebook sends you an email notifying you about new activity on your account, “it opens an app in the background, and now Facebook knows where you are, the device you're using, the last picture you've taken—they get everything.”
According to Seroussi, both Amazon and Facebook deep link all of the clickable links within the email to trigger actions on their apps. Depending on the permissions set by the user, Facebook will have access to Camera Roll, location, and many other hidden logs. “But even if a user has disabled location permission on his device, email tracking will bypass this restriction and still provide Facebook with the user's location,” continues Seroussi.
To combat the rise of inbox tracers, several firms like Ugly Mail, PixelBlock, and Senders, launched their anti-tracking services. Ugly Mail notifies when an email contains a tracking pixel, PixelBlock prevents it from being opened. But these services are not fail-proof. Tracking techniques are constantly evolving and improving, and are often able to find ways around the current track-blockers.
“It's a fight we're having over the last couple of years,” Seroussi said. “They can't counter all the methods that we know—so they get around the block by setting up new infrastructures. It's a chase, they're doing a job.”
To prevent third-parties from leaking your email, the only safe solution at the moment is to block images by default. So browse through your email app settings and turn on image-blocking by default to avoid receiving images at all.