Long before Snowden came along and blew the lid off PRISM, my brother would sit at my parents dinner table on those occasions that a family gets together, and start lecturing us all on internet surveillance conspiracy speak. Facebook is analyzing all our messages, he would explain, all of our emails are being monitored and tracked – digital privacy is imagined not real.
Now, of course, he and his conspiracy affiliates have been proven right, and information about how and why we are being monitored – and by whom – saturates the media. What is most interesting about how our communications are being hijacked, however – and which is something that you might not be aware of yet – is that there is plenty of evidence around which reveals that it is not just the NSA and GCHQ that are muscling in on the act.
After one of those meals with my brother, I would inevitably find myselfself logging in to my email account with my personal password, wondering, ‘is someone really in here with me? Am I alone?’, and evidence now shows that there is plenty of invasive corporate action happening in our email accounts – which is completely separate from the action of government intelligence agencies.
What I am talking about is email tracking, and although you may well not have heard about companies like Yesware, Streak and Bananatag, the fact is that they almost definitely know something about you. That is because an email tracking companies’ job is to collect information for their clients that reveals to them when you opened a particular email, where you were when you opened that email, what sort of device you used when you opened the email, and whether you clicked on the link in the email, all without your knowledge – and perhaps more importantly – without any previous consent.
This sort of email tagging is much more common than you would expect, so next time you open an email you will be perfectly justified in asking yourself the question: who is here with me, and are they monitoring me as I open these emails? Paranoia.
All those times that you told someone, ‘I am sorry, I just haven’t had a chance to open my inbox because I have been run off my feet,’ were you unwittingly made a fool of and shown to be a liar? Thanks to one of these tracking companies… Troublesome!
Now, thanks to a Chrome extension called UglyEmail, you will never need to worry about such a scenario again, because its developer Sonny Tulyaganov has already been through this particular privacy hacking revelation, and has already written what he refers to as a ‘tiny script’ which allows you to check which companies are monitoring your inbox.
For Tulyaganov it all started when his friend told him about Streak – an email tracking service that has over 300,000 users, and which on investigation both outraged and unnerved him, and inspired him to design UglyEmail. Tulyaganov says that once he had the idea, it actually only took him a few hours to design UglyEmail. Mainly because the kind of tracking which it monitors when emails are opened is of-itself very simple.
Usually marketing companies (but also anyone who feels like being a backdoor snooper) simply insert a transparent 1×1 image into an email, whose sole purpose is to ping the server it originated from with all the desired information, just like getting a ‘received and read’ status for a sent text message on your mobile phone – only more detailed and entirely covert.
This method is a type of web bug commonly referred to as pixel-tracking, and it is a completely legal procedure that has been around for quite some time – Google has a support page for advertisers who need advice on how to set up the process, and it is even possible to pixel-tag Twitter messages in order to get a detailed picture of where your efforts are getting through to your followers, and where they are falling short.
UglyEmail makes taking the power back remarkably easy – after installing the software it immediately starts identifying malicious emails (from any of the three aforementioned tracking companies) with a handy little eye icon that appears next to the subject heading, and UglyEmail’s developer confirms that it does so without storing, saving or transmitting any data of its own. Unfortunately, although the software is completely successful at doing its job, the truth is that it also has quite a few limitations…
Firstly, UglyEmail is designed to work with Gmail and only in Chrome, so if you use a different email company, and are worried about this issue then it may be advisable to sign up for a Google account so that you can make use of UglyEmail.
Your choice of web browser, on the other hand, may not need to change for long, because Tulyaganov says there are Firefox and Safari versions around the corner, (although no date is set in stone for those extensions and so it will be up to you to keep an eye on developments at UglyEmail, to find out when the software becomes available for those browsers).
Also, although UglyEmail is effective at spotting web bugs placed in emails by Bananatag, Streak and Yesware, those are not the only companies putting pixel-tags in emails – so UglyEmail can not completely protect you from the marketing technique yet. Tulyaganov, however, is determined to keep adding more trackers to his software, and with his program getting a lot of acclaim very quickly, one would imagine he will be inspired to do so soon.
Of course, if you don’t feel comfortable with anyone pixel-tagging emails that arrive in your inbox, then your best option is probably going to be the Chrome extension PixelBlock – which goes a step further than UglyEmail by preventing such tracking, rather than just informing you that an email has a web bug in it.
PixelBlock therefore, offers a different kind of protection to UglyEmail, by effectively stopping the tracking efforts of a larger cross-section of Marketing companies (including Sidekick).
With pixel-tagging unlikely to go away anytime soon, its nice to see new and innovative ways to monitor these nefarious email tags hitting the market, and although UglyEmail is hardly a comprehensive solution, it does at least allow you to get a healthy insight into the machinations of the marketing world.
Finally, a piece of advice for Microsoft Outlook users, because while some email providers automatically download images as default (meaning that you will definitely need PixelBlock to put an end to the marketing technique [or UglyEmail to monitor the situation]), Outlook gives users a prompt which asks them if they want to download the images contained within the email.
If you do use Outlook and have reason to believe that an email might have a pixel sized image web bug in it – just say no – and take the email in its image-less form, saving yourself any possible worry by stopping the tracker yourself.