Hacker News new | past | comments | ask | show | jobs | submit login
Superhuman embeds tracking pixels in user emails (mikeindustries.com)
467 points by minimaxir on July 2, 2019 | hide | past | favorite | 241 comments

Nearly every email marketing platform does this for every email they send already, and that’s part of why thunderbird has had images off by default in email since a really long time. (Or maybe I set it that way years ago, but at least it’s an easy setting.) Is it weirder because it’s mail from an individual? I guess so.

1. I do not expect emails from my friends and family to include tracking pixels. So yes, this is not just "weird," but also social-engineering: It exploits people who are not Superhuman users, who do not opt into being tracked, and do not expect to be tracked by emails from friends and family.

2. If there is a tracker, the second thing I expect is that it tells people whether I read the email. I do not expect it to also track location. Well, being an HN user I do. But the typical email recipient (who I repeat is NOT a Superhuman user) does not expect to be geotagged when they open an email from friends/family.

3. If I do figure out that I'm being geotagged, I am going to think it's like Google, some sort of thing that goes into the cloud and is sold to optimize my advertising or what-not. Nobody opens an email and thinks that the person who sent it to them will be told where they were when they opened the email.

In my opinion, "weird" is not the word for any of the three things I've listed. It is not nearly strong enough to describe taking advantage of people's (possibly flawed) model for how email and tracking works.

Every time you reply to an email it includes your location, and almost no one knows this either.

Everyone who uses email is basically agreeing to a contract that they haven't read, and wouldn't understand even if they had read. Usually this doesn't matter, but occasionally weird things happen as a result.

That's not to say that anything goes, but it's also important to look at this in context.

"Every time you reply to an email it includes your location, and almost no one knows this either."

No it doesn't.

If you're talking about leaking client IPs in received headers, some providers (including gmail) have excluded this information for some time.

If you're talking about the timezone in the Date header. Fair enough. Someone can figure out what timezone you're in. Unless you change it to just be UTC or whatever.

Or are you talking about something else?

> If you're talking about leaking client IPs in received headers, some providers (including gmail) have excluded this information for some time.

Sure, in the same way that some mail clients (like Thunderbird) don’t load tracking pixels by default. But if we’re going to talk about ethics and user expectations, I think that’s a reasonably fair comparison.

I don't think it's like that at all. I just sent my self an email from a gmail account, yahoo account and outlook live account. Not one of them included my IP address in the headers. I think your information is a bit out of date.

I mean in that case these services are just sending the email on your behalf, so it's their IP address that is included. But if you're sending the email yourself then it will be your IP address.

That might have been a valid argument in 1999, but in 2019 it's difficult to send an email yourself from a consumer IP address and actually have anybody on a major provider receive it. Major email infrastructure doesn't support those users any more; they're mostly irrelevant to the discussion.

I don't think he meant sending the mail yourself to the destination domain directly (which would indeed be blocked due to plenty of reasons), I think he meant connecting to your email provider's SMTP (over the 587 "submission" port so it's not blocked by ISPs), authenticating and then sending the email. The provider will relay the email to its final destination, but your original IP would still appear in headers.

Gmail et al. still add the headers if you send the message through an actual email client though, just not if you send it through the web client. And I'm guessing that the vast majority of email users still use email clients at least some of the time, given that they work much better on your phone and they're the easiest way for consumers to have a backup of their email.

I run my own mail server, and my mail is never rejected. It is still an option, and it works as well as it ever did.

What about when using email clients? They are far from rare.

>it includes your location

To be specific, it shows your public IP, right? Using a VPN means this will not show your location, correct?

It shows your IP address to the machine you submit your message, and that SMTP server doesn't add the IP address in a Received: header, as mine does not, nobody else will know what IP address you used.

Same with Superhuman. They get location from the IP address, so using a VPN would "mask" your real location.

Disclosure: SH user.

I think the problem is person on receiving end doesn't know that. also, at marketing level it happens with all mailchimp and other campaigns, but this is so explicit at the individual level.

Superhuman isn't an email marketing platform. From the article:

> Superhuman’s competitors are Apple Mail, Gmail, and Outlook. Exactly zero of those companies insert a tracking pixel into their emails. Furthermore, both Outlook and iMessage use Read Receipts that are turned off by default and controlled completely by the receiving user. In other words, when you buy a new iPhone or start using Outlook, no one requesting an Outlook or iMessage read receipt can receive one without your explicit permission. Furthermore, even if you do turn those on, it’s a simple one-time receipt… not a log of times and geolocations every time the recipient views the message.

Virtually all sales and marketing teams use this technology (including the author's company where they use Hubspot).

And those are opt-in, I hope. Otherwise it's unsolicited commercial email, in other words, spam.

Superhuman is an email client based on Gmail, so it's not only to send commercial emails to people that have agreed to receive commercial emails from you (and you've hopefully gotten them to opt-in to your privacy terms as well).

That doesn't make it any less creepy.

Yep - I work on an email platform and tracking pixels are common.

However, the ones I work on only record the time that a given email was opened ... BY DESIGN they do not include WHERE that email was opened, the IP address of the reader or anything else, because a) that's just creepy and b) it's not necessary to measure the impact of a given campaign.

Recording the time that an email is opened with a tracking pixel, is also creepy and not necessary. Stop it.

Please don't be aggressive toward other users on HN, regardless of how strongly you disagree.


Necessary? Perhaps not.

But frequently requested/demanded/wanted by email marketers? Yep.

And, perhaps surprisingly, open tracking (when used effectively) serves to reduce unwanted email.

Say you run a really popular store--tons of loyal customers who genuinely want to know about your sales/specials/coupons/whatever, tons of different marketing channels. When you send an email campaign, you want to be able to tell whether increased traffic is due to that campaign versus some other marketing, so you track link clicks (fingerprinting each link in the email). Presumably this isn't generally considered unethical (if it is, is server-side request logging problematic as well?).

You, the hypothetical marketer, want to know which category your campaign falls into for your recipients: "hate it" (marked as spam, you usually get notification of that from the mailbox provider), "don't care about it" (never opened it/filtered it into purgatory/deleted it), "maybe care about it" (opened it but didn't click), or "actually want it" (opened it, clicked on something).

Open tracking is important to disambiguate "don't care about it (and might start marking as spam if they get another email from me)" from "was interested, but not enough to click on a link". If there are no clicks, and really low open rates, it's a sign to stop emailing those people immediately, or else they might start marking the email as spam and get your sender reputation penalized, which is very bad for business. If there are no clicks and good open rates, it's a sign that people are interested, but your content might suck/have display issues/be poorly put together and need to be improved.

Because of this dynamic, being able to track opens with reasonable fidelity (sure, people can block images or spoof opens if they want) is key to reducing spam and low-quality marketing content in many cases. Businesses suffer pretty directly and immediately if they don't back off from sending tons of crap to non-openers.

I know this probably seems alien to a lot of the HN email-using demographic, but there are large swaths of people that very much do use marketing email heavily to stay informed and buy things, and they willingly agree to receive a lot of it.

This isn't a blanket statement that "all activity tracking is inherently ethical" or anything, just that, in this case (and given that email marketing and facilitators thereof aren't going anywhere) this particular kind of tracking, while sometimes ethically dubious, has a bright side.

Source: I work for an email marketing provider.

Exactly this.

Sending email has a cost, however small, and it's better to send things people engage in and enjoy ... which is why knowing click through and open rates is useful.

Good thing you're the final arbitrator of that, here to tell us how it is.

The people you're sending these tracking pixels to should be the final arbitrators. So are you willing to have them reply yes/no to a form that says: "Do you wish to transmit the time at which you opened this email to $marketing_company". If not, why not?


You broke the site guidelines repeatedly in this thread. We ban accounts that do that, regardless of how right you are or how wrong other people are or you feel they are. Would you mind reviewing the site guidelines and sticking to the rules when posting here?


IIRC next version of iOS is adding in automatic stripping of these when sharing. If not iOS, some other big player.

Sure, after what, twenty years of it being the default?

Probably... maybe? Certainly I'd be weirded out if an online catalogue employee had found my name, decided to look at the geolocation data on the tracking pixel and was devotedly interested in where and when I decided to admire the latest in chinese tech.

But I think the point is that this is much less likely than on a personal email, and if you don't know the person then it's a little less creepy because it has no emotional meaning to the "stalker"

I mean, yeah I am weirded out by that, and don't like it. And I'm not trying to be (too) snarky, but seriously, what did you think people would do with this technology?

HTML email + IP to location + simple automation has driven the multi-billion dollar Martech (marketing technology) market for years. The feature set you are describing has been standard for a years now:

- They all use tracking pixels/logos-in-signatures for read receipts

- Read receipts aren't boolean "someone read this!" but instead track when, how many times you opened it.

- IP to location is used to understand location and route the lead/opportunity to the appropriate sales rep.

- Email User-Agent fingerprinting is done to track device type

- Most have automation, that allow you to automatically re-mail or even phone dial someone who has just opened an email after certain conditions are met.

This is fairly basic technology, glued to together, creating powerful platforms for marketing and direct sales. On a site like HN, how could any of this come as a surprise?

It's strange that we put more faith and trust in sociopathic-by-design corporations (which are just large groups of people you don't know, but who have some interest in you) than in humans we willingly correspond with.

No it isn’t. Corps are too big to care. An individual with specific interest in you can be far worse.

I think you answered your own question. Email marketing platform? Yes they do track emails, but only providing the data for open rates, not a list of timestamps and locations where you opened the email.

CRMs do. Just about every email-sending tool collects that data, even if they don't show it to you in the UI.

Mixmax provides a list of timestamps and location.

Most do provide location, if the client doesn’t mask the IP.

I resonated very strongly with this well written piece. The description of how early decisions become part of your company's "genome" is spot on. This comment in particular;

"When faced with making a product decision that is even mildly uncomfortable, employees often first look towards expressed company principles like “Always put the customer first”, but the next thing they look for is precedent."

It is reminiscent of the "two wolves" Cherokee story of two wolves inside a person one evil, one good. The one that wins out and determines your character is the one you feed. These sort of company decisions, individually small but repeated over time, are food for the ethical wolf and the unethical wolf that lives in the soul of a company. One way to know that you probably don't want to continue at a startup is when you notice they are feeding the unethical wolf more than the ethical one.

A really good article speaking to this is: https://www.theatlantic.com/magazine/archive/2016/01/what-wa...

Though, honestly, I find the use of Johnson & Johnson in that article to be more problematic by the day considering they clearly have done a lot of evil at this point.

One of the many reasons I love Little Snitch [1], which among other things is great at notifying you and allowing you to block requests for external resources when reading mail.


I just recently got back into Linux as a part-time driver and use this for the same purpose: https://github.com/evilsocket/opensnitch

Admittedly, I'm a noob so I would be happy to hear about alternatives.

There's also Douane: https://douaneapp.com/

No good alternatives.

I'd prefer my email client to not load external resources at all. If it attempts to do so (and I have to use a separate firewall to prevent it) I'd consider the email client defective.

Thanks for the reminder, buying it now :)

The amount of pixel-tracking apologists make red herring arguments in these comments is proof that tech, and probably specifically SV tech, is not ready to embrace privacy.

I hate tracking pixels, read receipts, and all similar stuff. The only thing worse than lack of privacy, though, is privacy theater, and that's what we've had. It's a good thing for more people to realize that this stuff happens all the time, so they can take action about it if they want to.

That sounds like an accelerationist position: instead of having some remnants of privacy, make them lose it all so they realize the value and take action to get back full/more privacy.

What if the revolution never happens? Then what little "privacy theater" stood between the corporations and the users is swept away. When corporations need to show some restraint, even if only to not appear completely evil, at least it's some restraint.

You and I must have very different ideas about what "privacy theater" means. To me, privacy theater is the _illusion_ of privacy not real privacy.

So, removing "privacy theater" does nothing to your actual privacy and only shows you how exposed you really are.

I'm generally opposed to accelerationism because it's too black-and-white. When there's some good to preserve, that's usually worth preserving. However, in this case I think we're already at the bottom since these methods are used regularly. Having a coworker know whether I read their email is the most benign version of tracking (even though I still don't like it).

The difference to me is that accelerationism says "it's bad; let's make it worse so that people will realize they need a revolution". Anti-theater says "it's bad; let's tell people know how bad it is".

Don't assume the noisy few on "hacker" "news" represent the quiet many.

I don't see anything unethical about Superhuman using something that's part of the platform for literally every other business email application (as the author mentions: Salesforce, Mailchimp, etc). Sure it's a little creepy, but this is a silly hill to die on.

The author compares tracking email opens and locations with looking into your neighbor's window and seeing them naked. What's different about the latter is that it's actually illegal (look up "peeping tom laws"). Storing someone's public IP address and using it to guess their location is not illegal, and shouldn't be -- we have massively faster internet from things like DNS targeting that do exactly that.

If you're going to go after people for tracking user locations then there are much bigger fish in the sea than Superhuman.

EDIT: It looks like GDPR does go after the big fish here, which is email tracking in general: https://www.gdpreu.org/compliance/email-tracking/

> In its current prevailing form, we expect email tracking to be categorically prohibited under the GDPR without express user consent.

Are other people doing it? -- So that is a reasonable test for ethical behavior? Wow. Other platforms similarly unethical behavior is NOT justification for lack of ethics. That might be a financial argument, but it is absolutely not a reasonable approach to ethics.

Legal vs. illegal is also not an appropriate basis for proper behavior. I think if we all used that standard for our personal interactions society would rapidly descend into chaos.

The behaviour of others is absolutely something that should be considered when deciding if something is acceptable behaviour.

Acceptable behaviour in a mosh pit is not acceptable behaviour in a grocery store check out line, because of how others are already acting and the pre established norms.

Ethics is relative, what one person deemed to be ethical might be not be for other.

Ethics is not all that relative. Does SuperHuman allow tracking pixels for INCOMING emails from non-SH users by default? That would at least be non-hypocritical.

Not only does it have them on by default, you can't turn them off. It's in the article that we're all commenting on. In bold.

Wait...so "tracking email opens and locations" is different from "looking into your neighbor's window" because the former is legal, but then you mention that email tracking is illegal?

I disagree, and believe IP tracking through email tokens SHOULD be illegal!

I was on Superhuman's waiting list in 2018 – until, on 2 occasions, Superhuman puts its own growth above customers' needs. 1 involved privacy: when a Superhuman user emailed an address on the waiting list, Superhuman told the sender.

I didn't and don't trust them with my email.

I know Rahul and told him then that I thought they had an organizational blind spot in over-emphasizing growth hacking. I don't think it led to any changes.

(If anyone is looking: I've been a FastMail customers for years and still trust their staff, ethics, and decision process/priorities completely. Bonus that their webmail doesn’t load remote images: https://www.fastmail.com/help/receive/remotecontent.html)

What bothered me the most about tracking pixels in emails (when using Apple Mail) was false positives:

I would occasionally have someone ask me why I opened their email 20+ times before responding (I didn't).

After a while, I realized that when using the "arrow down" key to scroll through your inbox in Apple Mail (with split view enabled), Apple Mail will open and render every email in the split view when attempting to open an email further down in the inbox. This would result in every tracking pixel being loaded/rendered dozens of times, even when the email was open on the screen for < 200ms.

After a few times hearing people ask why I opened their email dozens of times but haven't responded (when really hadn't read their email at all), I ended up disabling images from loading in emails entirely.

Does anyone know if this is still an issue with Apple Mail? Or if this also happens with Gmail configured in split view?

> Does anyone know if this is still an issue with Apple Mail?

What issue? This is marketing wonks and creepy SV companies abusing image loading in email to implement "read receipts". The fact that some clients load images differently is their problem, not Apple's.

Outlook does this too if the reading pane is turned on, and it often is in big corporate audiences. It’s a well-known issue with image-based open tracking.

IMO the people harassing you about how many times you opened their email are idiots. Image-based open tracking is notoriously unreliable and is best used to track engagement trends within a given audience, not as a microscope on one person.

This seems like a classic example of people taking some marketing feature at face value and not spending any effort to understand the actual technology under the metrics they see in a dashboard.

Aside from remote images, they store all of your emails on their servers. Not sure why they don't receive the same scrutiny that other email apps like Edison have [1].

I've heard enough fishy stories from former engineers there — people should think twice before logging in and letting them ingest your full account history (as with any third party email app, which Gmail is already cracking down on [2]).

[1] https://www.macrumors.com/2018/07/02/third-party-email-apps-...

[2] https://www.androidpolice.com/2018/10/08/google-updates-gmai...

Edison packages up info from user emails and sells that on the data market. Maybe Superhuman isn't doing this (yet), and therefore aren't being scrutinized for this security/privacy lapse in the same way.

I do not think this is true. I'm pretty sure it's all locally stored aside from "scheduled emails" which are temporarily stored on their services before they are deleted.

Note: I'm not using Superhuman currently, but tried it briefly a few months ago.

Why do e-mail clients still load images by default? This is not a new attack, or even hard to predict.

I thought Gmail's solution to this was to always download every image in your email and then proxy the image from their own servers when you view it. This results in a meaningless 100% "open rate" for Gmail and does not reveal an end-user's IP address.

While you're mostly correct, they do not automatically download every image, it only initiates the download when you go to read the email. So they're still letting the sender know when you read the email, but yes they are masking the IP by using their own servers to download it. This can still be disabled if you use the setting to not download images, which is frustratingly unavailable in the gmail for ios app.

Ah, okay. I keep meaning to test this out myself. It's unfortunate that Gmail doesn't mask opens entirely.

> This is correct: https://gmail.googleblog.com/2013/12/images-now-showing.html

No, it's wrong. The first time you open the email, the image is retrieved. It's only subsequent views that are cached. So the sender can still see when you read the email; they just can't see how many times you read it afterwards.

Not quite, the sender still doesn't get location and your browser fingerprint. The receipt of email is still received though.

> Not quite, the sender still doesn't get location and your browser fingerprint.

Yes, but the key question was about the open rate.

The statement:

> I thought Gmail's solution to this was to always download every image in your email and then proxy the image from their own servers when you view it. This results in a meaningless 100% "open rate" for Gmail

is incorrect because

a) GMail does not always download every image in your email

b) GMail does not have a 100% open rate.

You are right, but do not trust in Gmail, because they like to store your data on their servers!

Because some idiot thought it was a good idea a long time ago and if they turned it off now there would be a widespread user backlash complaining that every non-human written email they receive is just "blank squares with a click to load button".

They don't necessarily. Thunderbird lately makes me opt-in, or whitelist a particular address if I want. I haven't dug in to ensure that it's 100% rigidly shielded from all possible info leaks (e.g., "blocks img and script but still loads bgsound tags", which is an example of something I've seen before), but it's definitely at least trying to not load by default.

Because more and more emails are HTML and not text and loading the images is critical to make the emails actually readable.

That's mostly true for marketing emails which nobody wants to receive anyways.

And product emails - receipts, product updates that affect you, account status changes, passwords, etc.

Citation needed. Most of these, even if they include images, at least have a text version of the same content in the email because it's actually important for the sender that you can read them regardless of computing environment.

I use mutt, and AFAIK I've never missed anything due to it being in rendered into an image instead of included textually in the email. The images are useless static content, not real information rasterized on demand. Sometimes I do get HTML-only emails, but it's usually not hard to find the important stuff, if there is any, among the tags.

It’s not very hard to configure (neo)Mutt to display html only emails with w3m in the terminal. Makes it even easier to parse/read them

w3m will still fetch external assets, including tracking pixels. You have to use something like socksify to basically cut off network access for w3m.

Apparently big players like Google can preload and cache for others, somewhat mitigating img tracking/attacks.

Maybe clients could use Tor to limit the damage when img are needed but not necessarily trusted.

How would caching work if it is a (uniquely) _tracking_ pixel?

They cache the image when the email is received, not when it is opened.

Which would break tracking because open-rate would be 100% even if the user is on vacation.

Desktop email clients I know don’t load images by default, neither does gmail (well it does but it’s proxified) so this is quite literally not an issue

Does a proxy really help if the url is parametrized? Even if they do some param stripping a wildcard subdomain can easily get around that.

A proxy helps not to expose your IP and user agent which is good enough in most cases.

Not all of them do. Check out FairEmail on Android. It actually shows you the tracking pixels it doesn't load

What email client loads images by default in 2019? I've used Thunderbird for years and I am pretty sure it has been disabled for a long time, Outlook at work doesn't load anything outside of the firm's domain, and I also remember big news on HN from a while ago saying gmail will start to proxy images which should prevent these things from working.

Tracking pixels are so widespread that surely it must work, so what do people use to view their emails?!

It seems that more and more do which is a shame. I'm surprised it's enabled by default on Apple Mail on both iOS and macOS. I'd expect better from a privacy-focused company.

I just realized that gmail doesn't serve proxied images on external clients (mail.app, iOS Mail app). I bet a lot of people don't realize this either.

> What email client loads images by default in 2019?

Most do. You have to turn it off manually.

I don't believe Outlook or Gmail do.

Am I wrong here?

What other apps or clients load images by default?

Apple Mail, which most apple users use.

https://www.emailprivacytester.com will let you know if your email client is leaking information about you, by sending you an automated email with various tests embedded (e.g tracking pixels).

If you're scared about giving your address to this tool, I wrote it. You've no reason to trust me, but you can scan the about/privacy pages for information, and it's also available to download and self-host.

Mixmax has an accidentally helpful guide to the only way to block tracking: block images. (They also mention how aggressively they try to get around email blockers.)

There's an inverse relationship between email importance and production value, seeing a bunch of blank boxes is a great hack to signal that.


"...An open won't be recorded if:

The recipient opens the email on a legacy email client that blocks all images from being viewed. This also means that images in signatures and other media won't carry through to the recipient, so in practice this is quite rare.

The recipient has software to block email tracking. This is also quite rare, and Mixmax actually circumvents most email tracking blockers."

having an email client that automatically loads images is insane. it means that any spammer / scam emailer can immediately tell if their emails are getting into your inbox vs. being filtered and they can then see where you live, and target their next spam / scam to that geographic location and/or try to find out who you are, etc.

a mail provider like fastmail could in theory be loading image links in emails they will deliver to their users and store them into their own local cache, rewriting the email your client receives so that you see the images served off of your email hosting provider's servers. that would be a straightforward way of preventing any sort of image link tracking across the board, is this a thing?

This is something I've been wondering about for quite some time, particularly given that large providers can hash the images and conserve storage space by storing only a single copy of the image per hash.

I would suspect there are privacy implications of google caching what's behind every image tag in an email, in addition to the massive traffic / CPU spike such a thing might cause to retrieve the image and hash it, particularly for a very large email campaign. (But I don't know).

[Edited to include this link, which I found in another comment here] "Gmail will now serve all images through Google’s own secure proxy servers." https://gmail.googleblog.com/2013/12/images-now-showing.html

I seem to recall Gmail doing this a couple years ago. I was working for a marketing company at the time and there were questions as to how we'd track metrics for Gmail addresses since Google would essentially "open" every email and load the images on their servers for their users.

Yes, iirc (though don’t quote me on it) gmail started doing this a while back. Not loading them when the email was sent, but proxying and lazy-loading.

In these sort of articles, I wonder why the author never considers benign intentions.

The conversation could have easily been

"Read receipts are a useful feature." "Yeah. Let's add them"

And that was it. Lots of people are not privacy focused and don't think of this as a problem, so it would never occur that their seemingly benign feature could have bigger consequences.

It's pretty easy for people who care to "turn off read receipts" by disabling images or blocking it through proxy/vpn/whatever.

I personally don't like read receipts, so I will likely not use superhuman. I just don't view it as some major problem.

Sure, never assume malice when it could be just ignorance/stupidity. But at the end of the day, this is a major product and service ($33M in VC funding so far [0]). Even though the author tweets (and includes the screencap) "Superhuman is a surveillance tool that intentionally violates privacy...", my impression overall was that his main complaint was about a company's culture and ethical decision-making process:

> Second, I want to talk about why this particular issue is so important. Not why privacy is important; we are all already learning that the hard way. Rather, why making ethical decisions at the earliest stages of your company is important.

> When a company first forms, there are no norms or principles guiding how its people should make decisions. It’s basically just what’s in the founders’ heads. With each decision a company makes, its “decision genome” is established and subsequently hardened...

In other words, if this is a decision Superhuman made early on and embedded into its main product, then, the author argues, we should be very wary of its culture, and how it will weigh-in on privacy issues going forward. It's from this claim that the author seems to have built his anger on.

Read receipts have been a feature of email and messaging clients for at least more than a decade now. Among the tech-literate, the tradeoffs and potential problems/controversies are well-known, such that opting-in (or out) of read receipts is a near-ubiquitous option in every service's account settings. I'm sorry, but it really stretches plausibility to think that Superhuman put in as little thought about it as you propose.

[0] https://www.crunchbase.com/organization/superhuman#section-o...

It's pretty easy for people who care to "turn off read receipts" by disabling images or blocking it through proxy/vpn/whatever.

What about non technical people who have no way of learning that they are being spied upon?

Likewise, "turn off read receipts" and "disable images" seem like two different things.

My thesis is that if you care about being tracked enough that you'd want to turn it off, you're also technical enough to do it.

I may be wrong.

Go find a non technical person and ask them these two questions:

"Do you care if your ex-girl/boyfriend can tell every time you read an old email s/he sent you?"

"Have you disabled loading images by default in your email client?"

You will see that you are wrong.

EDIT: decided to listen to my own advice and conduct a (very non scientific obvs) twitter poll.


You're ignoring the vast majority of people who aren't aware that it's possible yet would care a great deal if they knew about it. In fact, that's the whole premise behind tracking pixels. It's victim blaming.

> It's pretty easy for people who care to "turn off read receipts" by disabling images or blocking it through proxy/vpn/whatever.

Setting aside the difficulty, being pressured to disable a generic feature (image loading) for a degenerate use case of that feature (user tracking) is annoying.

The author does, explicitly, consider benign intentions. But beyond serving as a read receipt it also includes location data and timestamps for each 'read' which is much harder to consider as due to a benign intention (from the perspective of the recipients).

Other email clients support 'read receipts' without using tracking pixels. It's not impossible that Superhuman chose to use tracking pixels for a good reason, but I can't think of one and I haven't read of one either.

How do they do that without tracking pixels?

They use Message Disposition Notifications.

We thought about this a lot at Boomerang, and decided to do it in a more recipient-friendly way by making read receipts visible & opt-out (and excluding all location information). Our read receipts were well received but we still get a lot of requests for more comprehensive read receipts. It’s tough to balance.

Not trying to be too much of a conspiracy thinker but 227 points in 1 hour should give the first spot on HN (it was though) but now it's on #12. Are the investors pulling some strings?

You don't know how many people have flagged the article or not. There was a very sudden drop, so something happened, but it's impossible to give the actual root cause unless you're on the inside of HN itself. I'd assume flags over any sort of conspiracy here.

I saw the drop and wondered if there was something afoot, then talked myself off that ledge and assumed this was probably some kind of normal flag like ring detection triggered, etc.

Interesting additional note, though, the title has (relatively recently) changed to "Superhuman embeds tracking pixels in user emails" versus the actual article title of "Superhuman is Spying on You"

Yes, this post fell down unusually fast. May not be HN specifically but perhaps a large, motivated SF cohort.

After reading this I'm now more interested in the showerhead he loves so much and seems so enthusiastic about. It does have great reviews online so I might have to pick one up now.

It’s a Commando 450.

This sort of open tracking with geoIP based location has been around for a while. There are numerous GMail add-ons that provide this functionality eg. Streak there are equivalent's for other clients too.

This is written as if Superhuman are the first people to do this, that doesn't justify the behavior but there are others to blame here and the precedent was set prior to Superhuman's implementation with these email tools

If you're concerned about this behavior (and you should be, it's creepy as f) you might be interested in this EFF article:


I guess I’m mostly surprised people have auto load images turned on in their mail clients.

This does make me want to find a mail client that automatically finds these tracking images, uploads them to a pool of tracking URLs, and then loads a few hundred members of the pool at random (preferably with randomized cookies, etc).

I’d pay for something that does this to the top 100 tracking firms, especially if it worked with web browsers.

While this may be "what aboutism", I noted that the post sets a cookie on your browser by just visiting the site.

Considering the person is saying how bad it is to have a tracking pixel in email, the site that hoats this article can now do similar things by putting that cookie in your browser

You requested the page from their server so they know you visited. Setting a cookie doesn't do anything unless you come back to the same site, at which point you request the page and they know again anyway.

That assuming e.g. your IP address doesn't change. Cookies can be used for tracking - in this case they aren't though, the cookie for me is "resolution: 1920,1", which is set by this inline script:

    <script>document.cookie="resolution="+Math.max(screen.width,screen.height)+("devicePixelRatio" in window ? ","+devicePixelRatio : ",1")+"; path=/";</script>
I can't tell what it's used for (seems unused in the other JS files), but as far as cookies go, that seems pretty benign.

Feels like the kind of thing one would write if they wanted to keep track of whether to serve you "retina" @2x-sized images in the future or something.

In fact, that's pretty much what it is. This looks like it comes from an older version of the Adaptive Images WordPress plugin: https://wordpress.org/plugins/adaptive-images/ (there's a very similar version of this code in the adaptive-images-front.php file).

The WordPress install would use this cookie to resize an image to send to your browser.

Could that itself be used for tracking? Sure, but you'd need at least a few other signals as screen size and DPR aren't all that unique across most devices.

Not quite the same. With email pixel tracking, anyone can theoretically obtain your broader geographical position just by sending you an email via Superhuman.

Yeah. I guess they try to offer the customer something extra. But this doesn't look like to be the thing they should offer.

In order for pixel tracking to work, one has to open the email and load the pixel. I don't think you can track someone just by sending an email.

This has been the case since always. It just wasn't as obvious to users because consumer-oriented mail software didn't include it.

If this is a problem, why is with Superhuman and not the client at the receiving end? How tracking pixels are handled is a client issue. If anyone's violating your privacy, it's your email client and not the sender of the email or the sender's email client/provider.

I think it's analogous with EU's "cookie consent". Cookies too are a client issue. Instead of annoying mandatory popups on every site, browsers should handle cookies better by default.

It's both.

If someone breaks into my house because my door lock is broken then I should definitely fix the lock.

But the criminal shouldn't have broken in anyways.

In this case the lock would be shipped broken from the factory with the users and lock manufacturer's knowledge and consent (with regards to email clients' and web browsers' default settings and the user's ability to change these).

Cookie popups aren't mandatory unless the site has decided to use additional cookies which aren't necessary for the basic site functions.

There's no real way a browser could know the difference, hence the law.

Thanks for the clarification!

I thought that this trick was as old as html email, and that (at least) gmail was actually caching images on their side to prevent tracking?

They're proxied but follow the caching rules sent by the server, so for tracking purposes they're not cached. You get entries with proper date/time, proper tracking ID, but anonymous Google IP / user agent.

Posts I found that seem readable: https://movableink.com/blog/gmails-recent-image-handling-cha... https://movableink.com/blog/real-time-content-and-re-open-tr...

I may be wrong but I believe google cached it after you open the email first. So your IP is hidden and you can't tell how many times someone has opened an email, but you know the timestamp of the first time they do.

The Gmail image-proxy honors the regular http cache headers, so marketing mails get their open rates ‘correct’ but cannot see cookies/ip addresse

If I understand this correctly:

(Gmail’s API lockdown will kill some third-party app access, starting July 15) https://news.ycombinator.com/item?id=20300008

I think their startup will stop working soon, given that they only support GMail.

> One absolute doozy of a requirement kicks in if the app stores user data on a third-party server. Google will now require those apps to pass a third-party security audit, which the app developer must pay for. According to the company, the cost "may range from $15,000 to $75,000 (or more) depending on the size and complexity of the application." The message here seems to be "Don't store Google user data on your server."

They've surely paid for this. And, ironically, this is the sort of app that Google supposedly set up this gatekeeper process to keep off their platform, as this was meant to "safeguard user privacy."

A good alternative to Superhuman is KanbanMail[1]. I've been using it for quite a while now and it works wonders.

It's pretty productive and the creator is pretty responsive.

Disclaimer: guy who made it is a cool friend.

[1] https://KanbanMail.app

I think what gets me is the juxtaposition of the brand name and this functionality. Superhuman sounds like it should be all about making the email sender more productive. And not about tracking time-stamped geotags of my actions as the receiver.

If Superhuman announced they were going to remove the tracking pixels instead of doubling down on defending them, they might have turned all this negative publicity into a benefit. They may have already missed the window for doing that though.


>I suspect this entire thread of being some sort of "manufactured controversy viral marketing" promotion for superhuman.

I thought so too.

> no matter what email client you use

Nope, not my email client, Emacs/Mu4e simply flat out won't notify you by any means that I have viewed the e-mail.

Man, the world has gotten weird. Its like people forgot emails were actually just text.

Because for almost the entire world they’re not.

People will do what people can do. Test your email client for leakage and then plug the leaks. There is some discussion and links on stackexchange [1] If your client can't plug the leaks on its own, please file a bug with the mail client developers. Please consider asking them politely to make those settings default.

[1] - https://security.stackexchange.com/questions/23718/is-my-ema...

We need a very simple law. “1. You cannot track a user or send marketing spam without their explicit consent. 2. The user can take away the consent at anytime and you gotta stop the peepin. 3. The user can ask for what you’ve tracked and you gotta give it to them. 4. The user can ask you to delete their data and you gotta respect that.”

I know this is what GDPR is but we need a saner US version of it.

We can’t be technology leaders and still pretend it’s the Wild West.

GDPR is also BS.

Not only is it not enforced (why are Google and Facebook still around considering their entire business is to basically violate the GDPR?), but there are plenty of exemptions that can be abused to argue that nasty behavior falls under "legitimate interest".

Making a complaint is also super difficult. The ICO (UK's privacy regulator) for example insists that you have to first contact the offending company and give them 3 months to reply which is an insane amount of effort and not always possible (what if there's no way to contact the company, or you have to login/create an account first). There should be just a simple form where you send the URL of the offending page and they take it from there.

I can't imagine why people would want to entrust their e-mail to a company that's known for disrespecting people's privacy.

cough Gmail cough

Whatever happened to hosting your signature as an image at cutepersonalizedname[.]com and logging the IPs yourself?

It probably wouldn't take much work to use Automator.app to periodically uniquify the src URL in your sig and map Sent Item => unique hash into a sqlite database, later asynchronously updating it with IPs seen from an nginx server hosting your image. Presto, you're a "superhuman".

From a design standpoint, It would be nice if email clients had an option to hide image placeholders if images are also blocked from loading.

I do want to be an ethical company, and I agree about all these decisions adding up over time. This article convinced me to deleted all of my MailTrack accounts and uninstall the extension.

I was using MailTrack for a while, and it's been a very valuable tool, but I can do without it.

I was also talking to some lawyers about GDPR, and they said that this kind of tracking is actually illegal for recipients in Europe, unless I explicitly ask for their permission to include a tracking pixel. So I was already planning to get rid of this, and I'm glad that my emails are now GDPR compliant (even for people in the US.)

[1] http://mailtrack.io

Can you tell me more about how they violate the GDPR or quote the relevant parts of the regulation? I've got an inbox full of otherwise legitimate emails but every single link is a disgusting stalking link thanks to their ~spamming~ marketing platform (also the links are always HTTP even if the original link was HTTPS, so they also decrease security) so I'd love to put an end to that.

My guess is it's because you're collecting PII on someone (location data and email address) without their consent. And it doesn't sound like there are procedures for an EU resident to request that all such data be scrubbed, which I believe is also required.

How hard is can it be for an email client, e.g. Gmail, to specifically detect tracking images (literally 1x1 pixels or other similarly small/inconspicuous images) and to block them by default? Sounds pretty trivial to me...

This is why my private address deletes everything that does not have a text-only part containing at least 80% of the HTML mail´s user-readable content.

EMail is supposed to be text infomation, not a glorified leaflet.

Why mail seevices doesnt load the images the moment it receives an email? And cache them?

IMO who cares. People can do this anyway with dozens of different email tracking services. What difference does it make if it came from a 3rd party service or the email client they send it with. I think you should just expect tracking in email, just like you would expect 90% of websites to track you if you have adblock off.

I think the difference is you expect it from a marketing email, but you don't expect it from a personal email.

I know nothing about the capabilities of Superhuman but with other clients (e.g. Outlook) I can circumvent (most?) tracking by disabling automatic downloading external content.

Streak has been doing this forever, why is this new news?

I got an invite, scheduled a conference call, and the lady said she I need to screencast how I'm using Gmail. I told her that I'm not letting a stranger peek into and record my Gmail inbox and she said that I cannot sign up without this step, so, I refused, and they lost the income from me. Typical overhyped SV crap. Should rebrand to "Subhuman".

I also told her I couldn’t share my screen or inbox and she said that was fine and walked me through onboarding with voice. Agree it was creepy to even ask.

Lucky you!

I use Superhuman; they didn't ask me to do this in on boarding.

That said....using Superhuman (or any similar third party app connected to gmail) involves giving them access to your entire gmail account.

It's odd they wouldn't let you onboard without that (they used a zoom screen recording with me, and it was fully within Superhuman), but you're not really sending them anything they don't have access to if you signup.

This is bananas. Why would anyone need that in the first place? I can't come up with any remotely valid reason.

Why? IMHO, and from on-boarding a bunch of folks for my startup, it's because it makes teaching you the software easier and more personal. If you aren't comfortable doing it, that's fine; but I believe it's designed to make the on-boarding of folks better.

Because anyone who becomes an SH customer will be giving them access to their gmail account anyway. AFAICT it is a third party enhancement to one proprietary service (gmail) and SAAS, not a general mail program.

Rahul has written volumes on the SH onboarding process. They train you to use the product so you will actually use it.

I told the lady that I have over 35 years of software development experience and I've used all kinds of software and I don't need guidance and I do, I will reach out to them, but she was stubborn and lost a customer. I tweeted to Rahul and the team, but got no response so far! Well... This is not a scalable business model. But the lady was clear: "Superhuman is not for everybody!" Alrighty then!

Over 15,000 users paying $30 per month. $260 million valuation. Perfectly scalable. If you'd like to learn why you're wrong, I encourage you read one of the many lengthy, sincere, and detailed articles with the founder of Superhuman, starting with this one. https://www.drift.com/blog/how-to-measure-product-market-fit...

You don't need a screenshare to accomplish this. I'm amazed by how much people buy into a companies bullshit and then defend it online.

I literally bought it into, both as a customer and investor. :-)

And did you update your email signature in the way the OP suggested? Specifically, do you let everyone getting email from you know that you not only track that read it, but when they read it, and even where they were when reading it?

I ask, because that would be the ethical way to handle what this app is doing for you.

I don’t need to be told that an electronic communication may be tracked because I was born after 1980. Why do you?

You should have disclosed that you were an investor in the first comment you made.

Literally, every glowing review I have seen comes from a related party, whether it is an investor, employee, or friend of the CEO.

Well, valuations change. Sell!

That's extremely high for an email client that only runs on a single OS, but if that's true, that's 450k/month or 5.4M/year. How do you get to 260M valuation?

When you say it's "perfectly scalable", what are you using as your reference? That is, what other SaaS has $30/month pricing, especially one in a field as crowded as email and work messaging (i.e. Slack). Obviously, SH is far from having, or needing to have, a finished business plan, and it seems likely that the $30/user won't be the default offering or main breadwinner. But that raises the question of why that number is relevant in the first place when assessing SH's viability.

Well, I pay $5/mo for SaneBox as I always forget to unsubscribe and delete it's pathetic labels. Many of us pay for useless stuff. But some point, we stop, and then the company tanks.

But anyone can do that without screensharing the person's own screen. It's called good old fashioned coaching and teaching.

If you don't trust them enough to see your email inbox, you probably shouldn't be considering them as your email provider at all.

I trust engineers. I don't trust people who do the onboarding.

Are you implying that everyone should run their own email servers or is there any email provider company that you are willing to screen share your personal email account with?

It's pretty clear: I'm saying if you don't trust an email provider to view your email -- they shouldn't be your email provider.

^ this

Should have signed up for the $60 a month plan…

If you're already using Gmail, how privacy conscious can you be?

It's a much bigger company under much stricter rules and regulations. It's well understood that a small startup will have a much more lax security posture around customer data than the trillion-dollar technology company.

haha. op has a point about privacy but this is also accurate.

Very, apparently. Would anyone care to explain?

I use GMail with the understanding that Google has access to my activity and content. However, I trust Google to not divulge* my activity and content to other email recipients and senders. That's enough privacy for me in my normal email usage.

* disabling the option of blocking image-loading in the iOS GMail app is definitely an aggravating and inexplicable tactic, to the point I'm starting to looking into switching away from GMail as my provider.

> With Superhuman, it is not. If I send you an email using Superhuman (no matter what email client you use)

Dunno, I open mails with (neo)mutt, so none of this works.

Can I turn off tracking pixels in Gmail?

Note that Gmail defeats the location tracking and browser fingerprinting features by proxying all image requests. So while the read receipts do work, you are not leaking your location or your browser fingerprint to the sender even if you leave image loading on.


Thanks, so I can't stop senders from knowing I opened an email?

You can, but you have to disable image loading (like any other email client) because any image may have tracking information in it.

Does Apple Mail do this?

google, on the other hand, knows all of that information.

You can turn off loading images by default on the web-based Gmail client under the general tab in settings.

It's not possible to disable loading of images on the iOS Gmail client.

There are some blocking apps for Chrome: https://chrome.google.com/webstore/detail/ugly-email/ldgiafa... https://chrome.google.com/webstore/detail/pixelblock/jmpmfcj...

They're based on a blacklist so they don't catch all tracking pixels. And then most emails contain images I want to see and that have tracking ID's attached anyway, which is a problem that can't be solved with a blocker.

Gmail intercepts tracking pixels at Gmail's server, if you use gmail's client. The sender gets the "open" event and time, but not the client into (IP, etc)


Thanks, so I can't stop senders from knowing I opened an email?

You can disable loading images in Gmail, which has the same effect.

not for gmail for ios.

As for desktop - there are a few pixel blocking chrome extensions that are great for this too

Illegal in Europe due to GDPR.

Oh god superhuman. What a hype train. Finally got an invite...only to learn they don't support Android? And really, only support entirely Mac-based workflows?

I mean from a baby startup maybe that's reasonable, but in this case, with all the hype, I think not.

My guess is a very well connected founder who was able to get his VC friends to hype the tool, make it elite and club-like, and from there, profit.

I look forward to seeing them go down in flames more than most other elitist, stupid startups around.

It's also Gmail only, which they are pretty up-front about in the puff pieces.

Almost every fancy email app I've used has had cross platform issues early on. It's always either iOS or Android only, often little desktop supports (zero for linux) besides maybe some half-baked web site. etc, etc.

Superhuman is hardly new in this context. The mac/ios only first approach is super common for better or worse.

Not having Android support is frustrating, for sure. However, I've come to appreciate the flow of only being able to really manage email on my laptop. I use the gmail app on Android so I get notifications and can send off a quick response, but I don't feel like I need to do anything else there, like set a reminder for myself or mark it unread. I know it'll still be in my inbox when I get to a computer.

Also, I've been using it fine on Linux, except that it didn't support Firefox when I tried it.

> only support entirely Mac-based workflows?

I believe the application is Electron based too, so it's not even a technical reason to make it platform specific.

I'm a friend of the superhuman CEO and have been following this company over the time it's been around, both by talking to him and from interactions with the official channels. Here is my $0.02.

SH started out like any other startup, with the best of intentions and a cool idea but it just didn't take. The issue is that they're on the line to deliver and they haven't had the traction they'd like so I've seen it slide, slowly, over an extended period, into a desperate place that leaves them doing ugly things. You should read Rahul's blog on finding product fit, it tells you much.

Personally, I now think they're in a position where they are trying to mooch everything they can off of users in order to try and build a better product coupled with finding ways to be "unique" that will make them money/attractive. This means they end up in sketchy territory i.e. the pixels, forcing people to reveal how they use gmail in order to sign up, tracking every-single-aspect of how users are using their site, hyped up bullshit etc. I don't know if they're harvesting actual user data.

The fact is, they're between a rock and a hard place. They aren't profitable, and there's no real exit. Whatever features make them unique can be copied in months, if not weeks by any other provider. Why would Google buy them? Also, the feature set, as good as it is, only appeals to a tiny subset of users of email. Other aspects like corporate email not being allowed to be accessed by third party clients etc makes a difference too.

I wish them all well, but by God I would not want to be a part of this thing. It stinks.

People often use throwaway accounts to post sensitive information to HN, but that mechanism is easily abused as well. Given the information in the replies you've received, as well as details of and about your comment, I'm leaning to the explanation that you've made this up. I don't know that, of course, but moderation is guesswork. Until we get substantiating information to the contrary, I'm guessing that this is fabricated and am going to moderate accordingly.

We detached this subthread from https://news.ycombinator.com/item?id=20337178 and marked it off-topic.

This anonymous comment is definitely not from a person with knowledge of the company. Here's some evidence to show that they're just making things up:

1. The comment says open tracking was added as a last ditch act of desperation...here's a 2017 article that talks about the feature: https://techcrunch.com/2017/08/18/rapportive-founders-new-st...

2. The comment says the high-touch onboarding was also added out of desperation. here's an old-ish tweet talking about it: https://twitter.com/josephcohen/status/1034189170003070976

3. The comment also claims that the company is floundering and desperate....they literally JUST closed a $33M round from A16Z...obviously they have a ways to go, but the claim that they are lost and helpless is simply absurd...here are pages upon pages of people begging for invites: https://twitter.com/search?f=tweets&vertical=default&q=super...

There's probably a healthy debate to be had about email tracking, but this comment is not contributing to that.

With friends like that, Rahul hardly needs any enemies!

So the company chooses to build email. EMAIL! Ok. What about their engineers or product concept was SOO different that building EMAIL would draw customers? Looking at their first page, the ONLY item that is unique here is "ENSURE YOUR EMAILS ARE READ". This almost seems like a parody sight - like it's not even real. Something is seriously fishy.

> They end up in sketchy territory i.e. the pixels, forcing people to reveal how they use gmail in order to sign up, tracking every-single-aspect of how users are using their site, hyped up bullshit etc.

You're passionately asserting a strong claim, but when you get to the "evidence" part of your comment, it seems you haven't added any supporting evidence beyond what's in the parent discussion.

It's a tough business. What email app has ever had a real business model? The opportunity for acquisitions seems to have closed with Accompli being the last big one (bought by Microsoft to turn into Outlook on iOS).

Also the founding team is from rapportive and rapleaf which are part of the shady data brokers that HN discusses often. It's best to assume good intentions first but there is precedent here.

I'm sure glad you're not my friend.

This doesn't read as accurate at all. Nobody has copied Superhuman's features. I'm sure you can't name another app that has. It's substantially faster to use than other email apps.

I have strong doubts you're who you claim to be.

While I don’t know about the company traction, or sales tactics, I think it is fair to assume the feature set on email can be fairly easily replicated by the big players if they want to. Gmail added a lot of the Boomerang features as well as suggested autocomplete, etc. pretty quickly IMO.

1. It looks years for gmail to copy boomerang

2. Gmail has no desktop app. It's reasonably fast, but not as fast as Superhuman.

3. Superhuman is a niche app, gmail caters to everyone. They can't reorient gmail around a tiny, high revenue portion of users

4. Gmail's iphone/ios apps lack the vast majority of desktop gmail's customizability features

The competitor to Superhuman would be a similar niche app, not gmail itself.

> Before we continue, ask yourself if you expect this information to be collected on you and relayed back to your parent, your child, your spouse, your co-worker, a salesperson, an ex, a random stranger, or a stalker every time you read an email.

Yes. I expect analytics to be captured from HTML emails which I open.

Now do Tout. Or Yesware. Or Salesforce. Or every CRM ever invented. Or LinkedIn posts by Premium users. Also hilarious you think that Superhuman competes with Outlook.

Email marketers have been doing this for a very, very long time. As someone who used to work in adtech, my reaction was "well of course they're doing this, every other email marketing tool does it."

Personally I think email software should all turn off third party requests by default. If you want images, use data urls or attached images.

Superhuman isn't an email marketing tool, and it's not opt-in email.

This is just email tech playing catch up with instant messaging, twitter, and other communication tools.

At least with email I can block images and prevent the tracking from occurring. I can't do that with facebook or twitter.

From the article:

> Superhuman doesn’t even let its own customers turn images off. So merely by using Superhuman, you are vulnerable to the exact same spying that Superhuman enables you to do to others.

This is where the author's dunk on Superhuman became complete.

A Superhuman investor, who does not disclose his interest in the company, pops in to say it's the recipient's responsibility to defend their own privacy, using a method (turning images off) that Superhuman's own product makes impossible for its users.


All superhuman is doing is giving access the same tech that every company uses to monitor emails sent to individuals. If you don't like it (and you absolutely shouldn't), then don't use superhuman and turn of automatic image downloads in your email client.

The problem is that the person that "doesn't like it" isn't the user of Superhuman, it is the recipient, who doesn't get a choice as to what email client the sender is using.

And my point is that a large percentage of emails sent contain tracking pixels already. Privacy conscious recipients should already have automatic image downloading disabled.

I think this misses the points from the original post, the most critical IMO are:

(1) Recipient generally doesn't know they're being tracked. Even in the argument that 'email is catching up to IM', the recipient always knows that read receipts are turned on -- because it is built into the UI.

(2) Recipient doesn't know they're being tracked multiple times, with multiple locations. Again, in that same argument, messenger doesn't tell you the number of times I viewed your message and where I am when I viewed it.

BTW -- you can absolutely turn off read receipts across both Facebook and Twitter.

Turning off read receipts doesn't actually turn off read receipts, it just does't show the state to the user. Facebook still knows whether or not my message was read.

This is not correct, and there is even a section in the post rebutting this point (did you read it?).

See "Email clients have done this for years. Even Apple does this with iMessage"

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact