Superhuman, an email startup, has been spying on you as part of its business model
SaaS now stands for Spying-as-a-Service.
Startup darling Superhuman, who just closed a $33 million Series B funding round, has a dirty trick under its sleeve. Inside every email sent by the super-speedy email app, which users pay $30 per month to shave precious seconds off sending each email, is a hidden tracking pixel.
Now, this isn’t anything new. Outlook lets you attach Read Receipts to outgoing email, as do other email apps. What is different is Superhuman’s case is that there’s no mention of this to the recipient of the email, or any way to opt-out from tracking.
The skinny is this – Superhuman doesn’t let recipients of emails opt-out of tracking
It’s not a bug – it’s a feature. Email tracking is a mainstay of email marketing, I mean you need to get those metrics somehow so you know if your campaigns are successful. Many other email apps encourage the use of tracking pixels, but as far as I’m aware Superhuman is the only one that turns it on by default.
That’s perhaps not the best move in today’s current privacy-aware, tracking-averse internet landscape, where we install multiple extensions to avoid tracking, ads or other threats to our privacy.
- Superhuman’s ‘Read Receipts’ work differently to those in Outlook or other email apps. They’re enabled by default, they track if the recipient opened the email (or not), and they don’t let the recipient know that they’re being tracked, or give a way to disable tracking
- The only way to avoid tracking pixels in your inbox is to disable image loading in your email client (which has its own crop of issues, including not being able to read some emails at all)
My thoughts on this have already been said by TechCrunch and others, so I’m just going to summarize once again: The key takeaway here is one of consent. Superhuman doesn’t offer any way to get consent from email recipients, so in my view, it’s just as invasive as robocallers that violate the Do Not Call list.
- Amazon is totally saving your Alexa recordings, but you can delete them – here’s how
- Chinese border guards are installing a mandatory malware app in tourists’ phones
- Grubhub is creating fake restaurant websites to exploit the actual restaurants it delivers for
- Facebook finally removed some pages that had been spreading malware since at least 2014