I never signed up for this! Privacy implications of email tracking

From AcaWiki
Jump to: navigation, search

Citation: Steven Englehardt, Jeffrey Han, Arvind Narayanan (2017) I never signed up for this! Privacy implications of email tracking.
Internet Archive Scholar (search for fulltext): I never signed up for this! Privacy implications of email tracking
Download: https://senglehardt.com/papers/pets18 email tracking.pdf
Tagged:

Summary

Crawl websites and submit forms that could lead to email, use instrumented browser to click on links in email, analyze potential email leaks to third parties, attempt to classify as intentional or unintentional. Find many emails result in leaks, mostly to similar parties that track on the web, however additionally to firms that specialize in email tracking.

Describes potential defenses in email servers, email clients, and web browsers, including:

  • content proxying (which itself can leak)
  • HTML filtering (not implemented in major servers/clients)
  • Cookie blocking
  • Referrer blocking
  • Request blocking

Propose a prototype HTML filter that removes elements with URLs matching blocklists. Also proposes extending common blocklists to include firms that specialize in email tracking.

Theoretical and Practical Relevance

One of the authors discusses in a blog post: https://freedom-to-tinker.com/2017/09/28/i-never-signed-up-for-this-privacy-implications-of-email-tracking/

Retrieved from "https://acawiki.org/index.php?title=I_never_signed_up_for_this!_Privacy_implications_of_email_tracking&oldid=11377"