Tracking is prevalent on the internet. During the previous year, a bombardment of tech-industry scandals has acclimatized individuals to the wide range of ways that personal information may be acquired and shared. As a result, it’s no surprise that emails can be utilized as tracking vectors as well. Email senders can keep track of who opens which emails, when they open them, and on what device. You’ve undoubtedly used tracking software before if you work for a firm or a non-profit that sends out mass emails. Even if you’ve used them previously, tracking is often enabled by default in email marketing software, so this may be the first time you’ve heard of them.

There are many various ways to track email, and different techniques can range from somewhat acceptable to downright obnoxious. Responsible tracking should collect a little amount of anonymous data, similar to page clicks, to allow the sender to gauge the success of their campaign without breaching users’ privacy. Email monitoring should always be mentioned up front, and users should be able to opt out in a clear and simple manner if they so desire. Finally, tracking firms should keep user data to a minimum and remove it as quickly as possible, based on an easy-to-understand data retention and privacy policy.

Unfortunately, this isn’t always the case. Many senders, including the US government, perform clumsy email tracking. Bad email tracking is all-pervasive, hidden, and leaky. It has the potential to reveal critical information to third parties, as well as others on your network. According to a 2017 survey, tracking resources are included in 70 percent of mailing list communications. To make matters worse, when you open mailing list emails, about 30% of them send your email address to third-party trackers. And, despite the fact that it wasn’t addressed in the research, a brief assessment of the same email dataset we used revealed that roughly 80% of these links were sent over unsafe, unencrypted HTTP.

How can users protect themselves?

Due to the fact that several popular email clients react differently and have different settings, security measures may differ. Here are some broad suggestions for bettering your email security and privacy.

Limit your email client’s image/resource loading.

Embedded links to “pixels” or other pieces of content maintained on a distant server are a typical tracking tactic. When you try to load the material, your client sends a request that permits you to be monitored. Email senders can’t trace when you read or open emails if you block third-party resources. It’s disabled by default in some clients, such as Thunderbird and Outlook, and you may turn it off in Gmail and Apple Mail. If you need to see images in a specific email, you can turn this feature on for that email only, but keep in mind that this allows email-open trackers to work.

Be careful when clicking links.

If you really must click a link in an email, try to view the link URL beforehand. In general, this is a smart practice to avoid security threats such as phishing and privacy-invading tracking.

Standard online hygiene measures also work effectively for email if you use a webmail client. Turn off third-party cookies in your browser and install a tracker-blocker like Privacy Badger to prevent email trackers from gathering even more information about you. Limit your HTTP exposure to prevent your email browsing behavior from being seen by ISPs and snoops on your network. To prevent HTTP resources from loading by default, you can use an extension like HTTPS Everywhere.

How can email clients do more to protect their users?

When users connect with the Internet, email clients should represent their users’ interests. This includes putting sensible precautions in place by default and providing strong privacy-protection options for users who are particularly concerned.

Clients, like Gmail, can proxy content embedded in emails if they have the resources. It isn’t flawless, but it provides certain security and privacy benefits, such as stopping HTTP requests from leaking into the network, disabling cookies, and masking the tracker’s IP address and User Agent information. There’s considerably more you can accomplish if you’re a client developer.

Tracking should be opt-in, not opt-out, thus switch off remote content loading for your users by default if you haven’t previously. You can at the very least provide your users the opportunity to do so. Give consumers the option to disable HTML email as well. The Email Privacy Tester can be used to check for any further leaks on your client.

Even if your users utilize end-to-end encryption on a regular basis, after decrypting the email, clients often portray it as a regular email, so you’ll still need to consider these tracking protections.