Almost 10 years after its launch, about 200,000 people still use a Xiaomi Mi 2

What are 'spy pixels', the tracking system that includes more and more e-mail messages

Those responsible for the email management application HEY recently released a report on the tracking techniques used in the email industry, concluding that the use of 'spy pixels' had become "endemic" within it.

Specifically, according to HEY, up to two-thirds of the emails sent to your users' personal accounts they contained a "spy pixel" ... and that after excluding spam messages.

The companies that use them claim that it is a common marketing tactic, which they usually include in their privacy policies. However, in the eyes of HEY founder David Heinemeier Hansson, constitute a "grotesque invasion of privacy".

So ... what exactly are spy pixels and how do they work?

What are the 'supercookies', the new systems for monitoring our navigation for which there is no delete button

Invisible. And snitches.

Spy pixels or tracking pixels are small images (often in GIF or PNG format and 1x1 px dimensions) that are inserted in the body of HTML emails that we receive in such a way that they are impossible to recognize with the naked eye.

But, since these images are hosted on web servers, every time we view an email with a spy pixel (yes, just view, we don't have to click on anything), our team carries out an HTTP access to access it.

And these accesses are what allow the server owner to know:

  • If an email has it been opened or not, in what Schedule opens and how often it has done in total.

  • Since devices) and by what e-mail clients it opens.

  • The physical location Approximate number of the recipient at the time of access (based on the IP address).

This kind of data can be used to provide statistics on the success of a massive commercial email campaign, for example ... but it also allows track individual user and / or message activity, because we can create a different spy pixel for each of them.

Of course, this potential ultra-personalized tracking It marries badly with the promises of anonymization a posteriori brandished by many Internet companies.

Remote Content

Some email clients (in the example, Protonmail) already block the loading of images and other HTML elements hosted on web servers by default.

Hansson himself gives the example of salespeople and consultants who use this kind of monitoring to send emails like the following:

"I saw that you opened my email yesterday, but you still haven't responded. Can I call you?"

Via | BBC