Nearly every email marketing platform does this for every email they send already, and that’s part of why thunderbird has had images off by default in email since a really long time. (Or maybe I set it that way years ago, but at least it’s an easy setting.) Is it weirder because it’s mail from an individual? I guess so.
1. I do not expect emails from my friends and family to include tracking pixels. So yes, this is not just "weird," but also social-engineering: It exploits people who are not Superhuman users, who do not opt into being tracked, and do not expect to be tracked by emails from friends and family.
2. If there is a tracker, the second thing I expect is that it tells people whether I read the email. I do not expect it to also track location. Well, being an HN user I do. But the typical email recipient (who I repeat is NOT a Superhuman user) does not expect to be geotagged when they open an email from friends/family.
3. If I do figure out that I'm being geotagged, I am going to think it's like Google, some sort of thing that goes into the cloud and is sold to optimize my advertising or what-not. Nobody opens an email and thinks that the person who sent it to them will be told where they were when they opened the email.
In my opinion, "weird" is not the word for any of the three things I've listed. It is not nearly strong enough to describe taking advantage of people's (possibly flawed) model for how email and tracking works.
Every time you reply to an email it includes your location, and almost no one knows this either.
Everyone who uses email is basically agreeing to a contract that they haven't read, and wouldn't understand even if they had read. Usually this doesn't matter, but occasionally weird things happen as a result.
That's not to say that anything goes, but it's also important to look at this in context.
"Every time you reply to an email it includes your location, and almost no one knows this either."
No it doesn't.
If you're talking about leaking client IPs in received headers, some providers (including gmail) have excluded this information for some time.
If you're talking about the timezone in the Date header. Fair enough. Someone can figure out what timezone you're in. Unless you change it to just be UTC or whatever.
> If you're talking about leaking client IPs in received headers, some providers (including gmail) have excluded this information for some time.
Sure, in the same way that some mail clients (like Thunderbird) don’t load tracking pixels by default. But if we’re going to talk about ethics and user expectations, I think that’s a reasonably fair comparison.
I don't think it's like that at all. I just sent my self an email from a gmail account, yahoo account and outlook live account. Not one of them included my IP address in the headers. I think your information is a bit out of date.
I mean in that case these services are just sending the email on your behalf, so it's their IP address that is included. But if you're sending the email yourself then it will be your IP address.
That might have been a valid argument in 1999, but in 2019 it's difficult to send an email yourself from a consumer IP address and actually have anybody on a major provider receive it. Major email infrastructure doesn't support those users any more; they're mostly irrelevant to the discussion.
I don't think he meant sending the mail yourself to the destination domain directly (which would indeed be blocked due to plenty of reasons), I think he meant connecting to your email provider's SMTP (over the 587 "submission" port so it's not blocked by ISPs), authenticating and then sending the email. The provider will relay the email to its final destination, but your original IP would still appear in headers.
Gmail et al. still add the headers if you send the message through an actual email client though, just not if you send it through the web client. And I'm guessing that the vast majority of email users still use email clients at least some of the time, given that they work much better on your phone and they're the easiest way for consumers to have a backup of their email.
It shows your IP address to the machine you submit your message, and that SMTP server doesn't add the IP address in a Received: header, as mine does not, nobody else will know what IP address you used.
I think the problem is person on receiving end doesn't know that. also, at marketing level it happens with all mailchimp and other campaigns, but this is so explicit at the individual level.
Superhuman isn't an email marketing platform. From the article:
> Superhuman’s competitors are Apple Mail, Gmail, and Outlook. Exactly zero of those companies insert a tracking pixel into their emails. Furthermore, both Outlook and iMessage use Read Receipts that are turned off by default and controlled completely by the receiving user. In other words, when you buy a new iPhone or start using Outlook, no one requesting an Outlook or iMessage read receipt can receive one without your explicit permission. Furthermore, even if you do turn those on, it’s a simple one-time receipt… not a log of times and geolocations every time the recipient views the message.
And those are opt-in, I hope. Otherwise it's unsolicited commercial email, in other words, spam.
Superhuman is an email client based on Gmail, so it's not only to send commercial emails to people that have agreed to receive commercial emails from you (and you've hopefully gotten them to opt-in to your privacy terms as well).
Yep - I work on an email platform and tracking pixels are common.
However, the ones I work on only record the time that a given email was opened ... BY DESIGN they do not include WHERE that email was opened, the IP address of the reader or anything else, because a) that's just creepy and b) it's not necessary to measure the impact of a given campaign.
But frequently requested/demanded/wanted by email marketers? Yep.
And, perhaps surprisingly, open tracking (when used effectively) serves to reduce unwanted email.
Say you run a really popular store--tons of loyal customers who genuinely want to know about your sales/specials/coupons/whatever, tons of different marketing channels. When you send an email campaign, you want to be able to tell whether increased traffic is due to that campaign versus some other marketing, so you track link clicks (fingerprinting each link in the email). Presumably this isn't generally considered unethical (if it is, is server-side request logging problematic as well?).
You, the hypothetical marketer, want to know which category your campaign falls into for your recipients: "hate it" (marked as spam, you usually get notification of that from the mailbox provider), "don't care about it" (never opened it/filtered it into purgatory/deleted it), "maybe care about it" (opened it but didn't click), or "actually want it" (opened it, clicked on something).
Open tracking is important to disambiguate "don't care about it (and might start marking as spam if they get another email from me)" from "was interested, but not enough to click on a link". If there are no clicks, and really low open rates, it's a sign to stop emailing those people immediately, or else they might start marking the email as spam and get your sender reputation penalized, which is very bad for business. If there are no clicks and good open rates, it's a sign that people are interested, but your content might suck/have display issues/be poorly put together and need to be improved.
Because of this dynamic, being able to track opens with reasonable fidelity (sure, people can block images or spoof opens if they want) is key to reducing spam and low-quality marketing content in many cases. Businesses suffer pretty directly and immediately if they don't back off from sending tons of crap to non-openers.
I know this probably seems alien to a lot of the HN email-using demographic, but there are large swaths of people that very much do use marketing email heavily to stay informed and buy things, and they willingly agree to receive a lot of it.
This isn't a blanket statement that "all activity tracking is inherently ethical" or anything, just that, in this case (and given that email marketing and facilitators thereof aren't going anywhere) this particular kind of tracking, while sometimes ethically dubious, has a bright side.
Sending email has a cost, however small, and it's better to send things people engage in and enjoy ... which is why knowing click through and open rates is useful.
The people you're sending these tracking pixels to should be the final arbitrators. So are you willing to have them reply yes/no to a form that says: "Do you wish to transmit the time at which you opened this email to $marketing_company". If not, why not?
You broke the site guidelines repeatedly in this thread. We ban accounts that do that, regardless of how right you are or how wrong other people are or you feel they are. Would you mind reviewing the site guidelines and sticking to the rules when posting here?
Probably... maybe? Certainly I'd be weirded out if an online catalogue employee had found my name, decided to look at the geolocation data on the tracking pixel and was devotedly interested in where and when I decided to admire the latest in chinese tech.
But I think the point is that this is much less likely than on a personal email, and if you don't know the person then it's a little less creepy because it has no emotional meaning to the "stalker"
I mean, yeah I am weirded out by that, and don't like it. And I'm not trying to be (too) snarky, but seriously, what did you think people would do with this technology?
HTML email + IP to location + simple automation has driven the multi-billion dollar Martech (marketing technology) market for years. The feature set you are describing has been standard for a years now:
- They all use tracking pixels/logos-in-signatures for read receipts
- Read receipts aren't boolean "someone read this!" but instead track when, how many times you opened it.
- IP to location is used to understand location and route the lead/opportunity to the appropriate sales rep.
- Email User-Agent fingerprinting is done to track device type
- Most have automation, that allow you to automatically re-mail or even phone dial someone who has just opened an email after certain conditions are met.
This is fairly basic technology, glued to together, creating powerful platforms for marketing and direct sales. On a site like HN, how could any of this come as a surprise?
It's strange that we put more faith and trust in sociopathic-by-design corporations (which are just large groups of people you don't know, but who have some interest in you) than in humans we willingly correspond with.
I think you answered your own question. Email marketing platform? Yes they do track emails, but only providing the data for open rates, not a list of timestamps and locations where you opened the email.
