2 On Your Side: Tracking Pixels Could Be Collecting Your Data Every Time You Open An Email
LOS ANGELES (CBSLA) — From marketing and advertising to phishing and soliciting, our inboxes are littered with emails that we're not sure how — or even why — they got there.
"It's part of our reality now," Sushana Chaudhary, an entrepreneur, said. "It's hard to move away from it."
But the arrival of those emails was not by accident, and they could be tracking users' every online move.
"They actually know where your mouse is hovering sometimes," Ian Sherr, editor at large for CNET, said.
Tracking pixels are tiny, hidden single-pixel images embedded in emails. And once those images are downloaded by an email client, they send information back to the email's sender.
"The basic idea was that some genius figured out that every time your computer wants to download an image, it has to go to the internet to get it," Sherr said.
Karen North, a professor of digital media at USC Annenberg, likened the process to chipping your dog for identification.
"You can now chip emails and websites," she said.
North also said the practice is widespread.
"What all of these companies want, is they want data so that they can figure out who we are," she said. "And the reason that they want to figure out who we are and collect data on us is that they either want to curate an experience for us that makes us want to come back and spend time on their website or on their social network or they want to target us for advertising."
Chaudhary said she was skeptical about the use of the information.
"It all depends on the purpose for which they are tracking that information," she said. "If they are selling the information for their own gains, so they are profiting from my information, now that's wrong."
The mother of two said she was also worried about getting the message across to her kids.
"It's bothersome and it's worrisome," she said. "I understand all those things, but I'm sure my 12-year-old doesn't understand all these things, and I think it's very difficult to teach her that this is what they are doing."
So is there anything that can be done about these trackers?
"There are features inside your computer that can keep people from at least tracking your emails in some ways," Sherr said. "So, the easiest thing to do, it's in all of our phones and our computers, there is a setting your can go to that tells it to not automatically download images in an email.
"That, right there, will make emails look awful, they will be ugly as sin, because there are no images in them," he continued. "But it will keep the tracking pixel from being downloaded as well, which basically chokes off a lot of that data that is streaming from your phone when you are opening an email."
And while switching settings may limit data, it will also change the online experience, leaving everyone to decide for themselves just how concerned they are about being tracked.
"We have a bigger responsibility as parents, as educators," Chaudhary said. "But I am not very sure how many adults are even aware of this."
"There are ways to identify trackers, but it's very, very hard," North said. "The better we get at identifying trackers, the better they get at hiding trackers."
"Twenty years ago, people would have been shocked and horrified by the amount of data they're able to collect from us," Sherr said. "But now, we are so used to it."
There are email extensions that can be used, such as Ugly Mail, which stops the email client from downloading images and displays an icon next to any email that has a tracking pixel embedded so the user knows when they're being silently tracked. But, like the name implies, emails will not come through in the formatted way we're used to seeing them.
As for would-be bad actors, they too can take advantage of the technology to see which emails people are most likely to open and spoof them in an effort to install malware on a computer or get sensitive personal information from a user.
The best way to protect against hackers and phishing attempts is to verify the legitimacy of an email before clicking on any links or inputting any personal information such as social security numbers or passwords.
