- Is Trump defiling the U.S. flag in this MAGA dude’s artwork? Sunday 4:41 PM
- White woman claims she invented sleep bonnets, selling them for $100 Sunday 4:03 PM
- Even real cats are transfixed by the enigma that is the ‘Cats’ trailer Sunday 3:04 PM
- Wait, how tall is Peppa Pig? Sunday 1:55 PM
- Twitter suspends Iranian state media outlets for harassing members of a religious minority Sunday 1:06 PM
- Pro-MAGA pageant queen stripped of title over ‘offensive’ tweets Sunday 11:52 AM
- Marvel unveiled its Phase 4 plans at San Diego Comic-Con Sunday 9:16 AM
- How a queer Instagram is helping fight the opioid epidemic in Appalachia Sunday 6:30 AM
- Philadelphia to fire 13 officers for racist, violent Facebook posts Saturday 6:12 PM
- Nick Offerman is so down to play every single role in ‘Cats’ Saturday 4:27 PM
- Woman documents how airport staff broke her wheelchair Saturday 3:04 PM
- Funeral home allegedly posted photos of woman’s dead body on social media Saturday 1:56 PM
- Alinity Divine is being investigated after throwing her cat during stream (updated) Saturday 12:04 PM
- ‘Comedians In Cars Getting Coffee’ returns with Seinfeld making a racist joke about China Saturday 10:26 AM
- YouTubers Eugenia Cooney and Shane Dawson make a joint comeback Saturday 9:06 AM
Needpix (Public Domain)
Why the company’s fixes are still not enough and what you can do to stop email tracking.
The popular email startup Superhuman landed in hot water after it was discovered that the company was using tracking pixels to let users know when and where recipients opened their emails.
The invite-only service, which charges users $30 per month, received widespread attention for its promise of being “the fastest email experience ever made.” Superhuman offers everything from an “Undo Send” option to an “A.I. Triage” feature to automatically sort users’ most important emails.
One of the features, however, has raised eyebrows among privacy advocates. Specifically, Superhuman’s use of tracking pixels is drawing criticism from some of the biggest names in the tech industry.
Tracking pixels are near-invisible images embedded in emails and many websites that record everything from your IP address to the type of device you are using.
In a blog post written late last month, Mike Davidson, Twitter’s former vice president of design, warned that Superhuman was using tracking pixels by default. Those tracking pixels, which enable Superhuman’s “read status” feature, would not only let an email sender know every time a recipient opened their message, but reveal their computer’s location as well.
Superhuman is an email surveillance app that encourages its users to spy on friends and co-workers without their consent. Why the ethics of this matter and what it says about Superhuman as a company. New post on Mike Industries: https://t.co/97LPwhWI7Z— Mike Davidson (@mikeindustries) July 2, 2019
“That’s right. A running log of every single time you have opened my email, including your location when you opened it,” Davidson wrote. “Before we continue, ask yourself if you expect this information to be collected on you and relayed back to your parent, your child, your spouse, your co-worker, a salesperson, an ex, a random stranger, or a stalker every time you read an email.”
Since Davidson tweeted about the issue last week, news of the tracking issue quickly spread and prompted Superhuman CEO Rahul Vohra to respond. In a blog post, Superhuman vowed to not only stop logging location information, but to delete all the historical location data it had collected. Vohra also stated Superhuman would make the read status feature disabled by default.
“I am so very sorry for this,” Vohra wrote. “When we built Superhuman, we focused only on the needs of our customers. We did not consider potential bad actors. I wholeheartedly apologize for not thinking through this more fully.”
While Superhuman’s response seemed like a win for privacy, Davidson argued on Monday that the changes aren’t enough.
Davidson notes that those who choose to enable the read status feature will still violate the privacy of email recipients because anyone receiving an email from a Superhuman user won’t be informed that the email contains a tracking pixel.
“At the very least, Superhuman should display a message when you flip that switch saying something like ‘by turning on Read Receipts, you are monitoring your recipients’ actions without their knowledge or permission. Are you sure you want to do this?'” Davidson suggests.
Vohra defended the decision to keep the read status feature by arguing that it has become a “must-have” for email businesses.
“We are still keeping the feature, as Superhuman is business software for email power users,” Vohra said. “In the prosumer email market, read statuses have been ‘must-have’ for many years.”
So what option do privacy-conscious users have? For starters, those who are using something like Superhuman and take issue with these practices should stop. For those who are worried about being the recipient of emails that use this type of tracking, encrypted email service ProtonMail automatically blocks all remote content and trackers in emails sent to its users. Those who check their email in a web browser can also download add-ons such as PixelBlock and Ugly Email to block trackers.
- New Dems aren’t much better at email security than the previous ones, report finds
- Can you spot an email from a hacker?
- What you need to know about the data breach involving 773 email addresses
Got five minutes? We’d love to hear from you. Help shape our journalism and be entered to win an Amazon gift card by filling out our 2019 reader survey.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.