How to Stop Emails From Spying on You

Companies have been hiding read receipts in your emails for decades. Now everyone's doing it. Here's how to shut that down.

Go to the profile of Fast Company
Fast Company BlockedUnblockFollowFollowing Apr 2

Photo: Adonyi Gábor/
/ pxhere

By Michael Grothaus

Make no mistake about it: Companies want to know everything you do online, whether it's when you post to social media, or what subject you're reading about on Wikipedia. Shadowy data brokers, big tech giants, your ISP, even your local car dealer can
毫无疑问:公司希望了解您在网上所做的一切,无论是您在社交媒体上发布的内容,还是您在维基百科上阅读的主题。阴暗的数据经纪人,大型科技巨头,您的ISP,甚至您当地的汽车经销商都可以tap extensive data on you based on your digital footprint.

As tracking techniques get more advanced each year, so do the methods to thwart such attempts. There are literally dozens of browser extensions built to help protect users from tracking --- and
随着跟踪技术每年变得更加先进,阻止此类尝试的方法也是如此。实际上有几十个浏览器扩展来帮助保护用户免受跟踪---和entire browsers themselves. But while it's generally known by most people that our online activities --- where and what we browse --- are being tracked in some way, not many people realize that companies have been using a sneaky hidden trick for decades that allows them to snoop on your email activity.
。但是,尽管大多数人普遍知道我们的在线活动 - 我们浏览的地点和内容 - 正在以某种方式进行跟踪,但并不是很多人意识到公司几十年来一直在使用偷偷摸摸的隐藏技巧,这使他们能够窥探在您的电子邮件活动。

This email tracking allows a company --- or virtually anyone --- to see when and where you've opened an email they've sent you, how long it took for you to read it, and how often you've returned to read the email again. They do this through a snooping trick called a tracking pixel.
这种电子邮件跟踪功能允许公司 - 或几乎任何人 - 查看您何时何地打开了他们发送给您的电子邮件,您需要多长时间阅读它,以及您多久返回一次再次阅读电子邮件。他们通过称为跟踪像素的窥探技巧来做到这一点。

How tracking pixels work

Tracking pixels are usually an invisible image file that measures 1 pixel high by 1 pixel wide that is inserted without your knowledge into an email sent to you. The tracking pixel contains code that, when the email is opened, will send data back to the company's server that tells them exactly what time you read the email, how long you spent reading it, and, many times, even the location you were at when you read the email.

Tracking pixels work by leveraging basic HTML technology. While most emails we send to and receive from friends are usually sent in plain text, emails from marketers and other companies generally have HTML-based images in them, such as the company logo or a picture of the company's products.

The images aren't actually embedded in the email itself; instead, they are displayed in the email once the email is opened and the HTML code tells your computer to retrieve the images from the sender's servers. It's this retrieval of the image files from the sender's servers that allow the sender to see exactly what time you opened the email.

A tracking pixel in an email sent to subscribers of the Whitehouse.gov email list in October 2018 by Granicus, a government contractor that provides email services to 4,000 government agencies, identified by the Electronic Frontier Foundation. Image:

Needless to say, tracking pixels are a boon to marketers, because when they send you an email (spam or otherwise), tracking pixels allow the marketer to see how many people have opened the email (and thus, that your email address is valid), and how long people have spent reading their messages.
毋庸置疑,跟踪像素对营销人员来说是一个福音,因为当他们向您发送电子邮件(垃圾邮件或其他)时,跟踪像素允许营销人员查看有多少人打开了电子邮件(因此,您的电子邮件地址有效) ,以及人们花了多长时间阅读他们的信息。

Why tracking pixels are creepy

But despite being a great tool for marketers in an age when our digital privacy matters more than ever, it's clear tracking pixels are creepy for multiple reasons.

The first is that no one is ever offered an opt-in or opt-out to tracking pixels. Companies use them without getting your permission first and without your knowledge that they are even being used at all. Given this, why should companies have that right to see when you've read an email in the first place? If someone from the marketing agency was camped out in a tree in front of your house and using binoculars to peer through your windows to see if you're reading their email, we'd call that creepy. So how is using an invisible trick to spy on us to achieve the same goal not creepy?

It's also not just marketers that can use tracking pixels. Anyone can insert one into any email they send. And again, this tracking pixel will just be an invisible 1-pixel-by-1-pixel image. You won't know it's there. But by inserting the tracking pixel into your email, the person will be able to spy on a portion of your private life without you ever knowing.

And don't think this can't be abused. By using tracking pixels, a stalker could see when an object of his or her obsession has read their latest email screed. Further, and as already mentioned, not only can a tracking pixel let the stalker know when their email has been read, but what time it was read, on what device it was read, and even the location in which it was read. Remember, because tracking pixels are invisible to the naked eye, an email you receive could look like it only has plain text when in fact it has a tracking pixel in it.

By the way, it's not just stalkers and marketing companies that love using tracking pixels. PR people love embedding them into emails they send journalists so they can tell if the journalist is choosing to ignore them.

How to block tracking pixels

If you're sufficiently creeped out now about tracking pixels, the good news is they are relatively easy to block --- though most people don't.
如果你现在已经充分了解跟踪像素,那么好消息是它们相对容易阻止 - 尽管大多数人都没有。

Since tracking pixels work by loading remote images in an email when the receiver opens the message, you simply need to configure your email client to not load remote images by default. Doing so will ensure a tracking pixel can't send code back to the sender's server alerting them you've read their email. Here's how to block tracking pixels in the most popular email services and email clients:

  • macOS Mail app: go to Mail>Preferences>Viewing and uncheck "Load remote content in messages."
  • iOS's Mail app: go to the Settings app, tap Mail, then toggle the "Load Remote Images" switch to OFF (white).
  • Gmail on the web: Log into your Gmail account, then click the Settings (cog) icon. Now click Settings. On the Settings screen under the General tab, scroll down to the Images section and make sure "Ask before displaying external images" is selected.
  • Android Gmail app: in the Gmail app, select your account, tap on Images, and then select "Ask before showing."
  • Outlook email client: Microsoft has disabled loading remote images by default --- a wise move. To make sure it's still disabled, open Outlook and choose Options > Trust Center. Under Microsoft Outlook Trust Center, click Trust Center Settings. Make sure the "Don't download pictures automatically in HTML email messages or RSS items" checkbox is not checked.

There are also a number of Chrome and Firefox browser extensions that will alert you if a tracking pixel is detected in an email you have opened in a browser window, the most popular of which is
还有一些Chrome和Firefox浏览器扩展程序会在您在浏览器窗口中打开的电子邮件中检测到跟踪像素时提醒您,其中最受欢迎的是Ugly Email.

One final word: While blocking remote images from loading will protect you from tracking pixels, it also means remote images won't be loaded in your emails by default. This can make emails from, for example, banks, look a bit jumbled. However, all the email services and clients listed above offer a one-click button in the email message itself that allows you to load remote images in that email only. Given this, there is no reason not to disable loading remote images by default in all your email clients to protect you from tracking pixels.