Silicon Valley app gets hype, money, attention and then gets exposed for privacy violations packaged as killer features. It’s a movie we’ve seen before, this time played at rapid speed.
Superhuman is one of the most talked about new apps in Silicon Valley. Why? The product – a $US30 ($43) per month email app for power users hoping for greater productivity – is a good alternative to many popular and stale email apps, nearly everyone who has used it says so.
Even better is the company’s publicity strategy: The service invite only and posting on social media is the quickest way to get in the door. So it gets some local buzz, a $47 million dollar investment, bigger blog write-ups and then a New York Times article to top it all off last month.
After a peak, a roller coaster hits a downward slope.
Superhuman was criticised sharply on Wednesday when a blog post by Mike Davidson, previously the VP of design at Twitter, spread widely across social media.
The post goes into detail about how one of Superhuman’s powerful features was actually just a run-of-the-mill privacy-violating tracking pixel with an option to turn it off or a notification for the recipient on the other end. If you use Superhuman, you’ll be able to see when someone opened your email, how many times they did it, what device they were using and what location they’re in.
Here’s Davidson:
It is disappointing then that one of the most hyped new email clients, Superhuman, has decided to embed hidden tracking pixels inside of the emails its customers send out. Superhuman calls this feature “Read Receipts” and turns it on by default for its customers, without the consent of its recipients.
Tracking pixels are not new. If you get an email newsletter, for instance, it’s probably got a tracking pixel feeding this kind of data back to advertisers, senders, and a whole host of other trackers interested in collecting everything they can about you.
Let me put it this way: I send an email to your mother. She opens it. Now I know a ton of information about her including her whereabouts without ever her ever being informed or consenting to this tracking. What does this kind of behaviour mean for nosy advertisers? What about abusive spouses? A stalker? Pushy salespeople? Intrusive co-workers and bosses?
in which @mikeindustries nails this point: “If you use SH’s default spyware behavior, you should be willing to change your signature to this:
– Sent via Superhuman. Every time you open this email, the time and your location are sent to me.
Who’s first?” https://t.co/M6Yj90TZhw
— Ellen Huet (@ellenhuet) July 2, 2019
Davidson sums it up in his blog:
They’ve identified a feature that provides value to some of their customers (i.e. seeing if someone has opened your email yet) and they’ve trampled the privacy of every single person they send email to in order to achieve that.
Superhuman never asks the person on the other end if they are OK with sending a read receipt (complete with timestamp and geolocation). Superhuman never offers a way to opt out. Just as troublingly, Superhuman teaches its user to surveil by default. I imagine many users sign up for this, see the feature, and say to themselves “Cool! Read receipts! I guess that’s one of the things my $US30 ($43) a month buys me.”
Tracking emails is a tried-and-true tactic used by a ton of companies. That doesn’t make it ethical or irreversible. There has been plenty of criticism of the strategy – and there is a technical workaround that we’ll talk about momentarily – but since the tech has been, until now, mainly visible to businesses, the conversation has paled in comparison to some of the other big privacy issues arising in recent years.
Superhuman is a consumer app. It’s targeted at power users, yes, but the potential audience is big and the buzz is real. Combined with the increasing public distaste for privacy violations in the name of building a more powerful app, Twitter has been awash this week and especially on Wednesday with criticism of Superhuman: Why does it need to take so much information without an option or notification?
We emailed Superhuman but did not get a response.
A tracking pixel works by embedding a small and hidden image in an email. The image is able to report back information including when the email is opened and where the reader is located. It’s hidden for a reason: The spy is not trying to ask permission.
If you’re willing to put in a little work, you can spot who among your contacts is using Superhuman by following these instructions.
The workaround is to disable images by default in email. The method varies in different email apps but will typically be located somewhere in the settings.
Apps like Gmail have tried for years to scrub tracking pixels. Marketers and other users sending these tracking tools out have been battling, sometimes successfully, to continue to track Gmail’s billion users without their permission.
In that case, disabling images by default is the only sure-fire way to go. When you do allow images in an email, know that you may be instantly giving up a small fortune of information to the sender, and whoever they’re working with, without even realising it.