Jul 3, 2019 - Technology

Email app's tracking tool raises privacy alarm

Email management app Superhuman made headlines last week for raising new venture capital, but now the by-invitation-only service has come under fire for its privacy practices around the use of pixel tracking.

The big picture: Pixel tracking allows senders to track emails by forcing a recipient to download a tiny, invisible graphic file when they open the message, explains Axios’ Joe Uchill. Once the image file is downloaded, the sender knows their email was opened — and can also harvest a slew of additional information about the reader. 

  • In the case of Superhuman, which aims to streamline inbox work for heavy email users, that includes location data about each time a recipient opened a message. (Update: Superhuman has removed location data following the controversy. More below.)
  • As Mike Davidson, former VP of design for Twitter, put it in a widely read critique, "Superhuman teaches its user to surveil by default."

The controversy centers on a persistent question that faces technology users: Are you okay with trading some (or all) of your privacy in exchange for services that are more convenient, better personalized, and less expensive? 

  • Per an IBM survey, 71% of people said it’s worth giving up privacy for the benefits of tech. And while 81% said they’re concerned about how their data is used, only 45% have actually changed settings in an app, and a mere 16% have stopped using a tool because of data misuse. 

Yes, but: In the case of Superhuman and email pixel tracking, the privacy equation is different. 

  • Pixel tracking is common in some apps, but it's usually a feature that users have to turn on.
  • With Superhuman, users are collecting information by default on the people to whom they're sending email messages, without alerting or warning those people.

Between the lines: Email has evolved its own cultural expectations, and Superhuman looks like it's pushing beyond some people's comfort zone.

  • Subscribers to email content and newsletters (even from Axios), particularly those containing ads, may be aware that the sender is tracking them for business purposes.
  • Many understand that sales inquiries are carefully monitored, too — pixel tracking is a basic feature in virtually all email tools for sales and marketing. 
  • But what about messages from friends, family, acquaintances, former romantic partners? Arguably, that’s where the expectation is different.
  • “Read receipt” functions in apps like iMessage are turned off by default, and it’s up to the recipient to decide whether to enable them.
  • Yes, email recipients can disable image downloading, which foils pixel tracking, but that also strips much of the look and feel of modern email use.

The bottom line: If Superhuman's aggressive push to spread pixel-tracking into new spheres doesn't spark significant public outcry, it could establish a new norm.

Go deeper: How email open tracking quietly took over the web (Wired)

Update: Following the controversy, Superhuman CEO Rahul Vohra announced that the company was immediately removing location tracking (and deleting the data), turning off the email tracking feature by default, and will build a feature to disable remote images.

Go deeper