Email startup Superhuman ruffled some feathers this week thanks to a viral blog post by former Twitter vice president of design Mike Davidson detailing how one of the $30 a month service’s core features was actually a run-of-the-mill privacy-violating tracking pixel that transmits information about recipients, including geolocation, back to the sender every time an email containing it was opened.
Now that there’s been a considerable backlash against the firm, Superhuman says it’s canning one of those effective immediately, as well as changing others. Per the Verge, CEO Rahul Vohra says that the company will stop sending geolocation data of recipients to senders, delete its database of existing location data, and will stop setting its read receipts functionality to activated by default. But it won’t be removing tracking pixels entirely.
Tracking pixels are tiny images that can be embedded in emails or websites. When loaded, they ping the image server they’re hosted on with the information required to download them—such as the IP address of the device they were loaded on (which can be easily tied to geolocation) and the time of download. This is the basis for read receipts, which can notify the sender of an email when and where the recipient loaded the tracking pixel.
Vohra wrote in a blog post that Superhuman users will no longer be able to access that geolocation data, writing that the feature’s high potential for abuse for purposes like stalking was the “most severe” criticism raised in Davidson’s post.
“I have come to understand that there are indeed nightmare scenarios involving location tracking,” Vohra wrote. He added that while the service only provided state or country-level data, he was “so very sorry for this... We did not consider potential bad actors. I wholeheartedly apologize for not thinking through this more fully.”
Vohra also said that while it “made sense for read statuses to be on by default when our user base was early adopters,” they were changing the feature after having “heard from some recent users that they felt enabled to track people by accident.”
However, Vohra responded to complaints concerning the inability of recipients to opt out of email tracking by advising those bothered to “turn off remote image loading in your email client” or download an anti-tracking pixel plugin. Tracking pixels are incredibly widespread in the email industry and “demand for read statuses is so high that it has now become table-stakes,” Vohra wrote:
We are still keeping the feature, as Superhuman is business software for email power users. In the prosumer email market, read statuses have been “must have” for many years. See MixMax, Yesware, Streak, Hubspot, and Mailtrack. These products alone have 3M+ users, and each one provides read statuses by default.
“I therefore think that we, as an industry, should agree to the level of information that we track and show in our products,” Vohra concluded. “If one of us creates something new, and that innovation becomes popular, then market dynamics will pull us all in that direction.”
Vohra also elaborated on his thoughts in a series of tweets:
This kind of response to criticism tends to be the exception rather than the norm in the tech startup world, and it’s always good to see complaints taken seriously and responded to instead of evaded, rationalized away, or ignored. In the meantime, though, users who want to opt out of Superhuman’s (and any of the number other aforementioned platforms’) tracking have few options. One is, following the instructions in this post to automatically flag Superhuman users and put them in a folder, though that won’t in and of itself spot other services or block the tracking pixels themselves.
The other is disabling image loading by default in your email client—which does add a few steps in the rare case that someone actually sends something useful in the body of an email, but will block pixel trackers from working.