Thanks For Reading My Email for 13 Minutes In Wisconsin

Just when I started agonizing about the privacy aspects of MessageTag, a company has come along with a service that makes the mail-receipt monitoring service look like chicken-feed.

MessageTag allows users to see whether and when their emails have been read by recipients. It does this by inserting what privacy advocates called a web-bug into the email — a unique link, basically, that checks back to the MessageTag servers and matches it with the original email. The sender will then be notified as to when the email was opened.

I have to confess I find it an excellent service, and I use it, along with a message at the bottom of each email informing the recipient I’m doing it and offering not to if it offends them. Few ask me to remove them, an indication they either don’t object or they don’t read all the way through my emails. But despite finding it a huge timesaver — knowing whether an email’s landed safely, and whether to expect a reply any time soon makes life a lot easier — I still worry it’s too intrusive. Is it fair to make the process one the recipient must not first approve? MessageTag, to their credit, have acknowledged these concerns and have built in some safeguards, including limiting the service to individual emails. But is it enough?

As I was juggling all this, word comes by of a new service that can tell you not only if and when your email has been opened, but approximately where the reader is located and how long they read the email for. If they open it again, or forward the message, you’ll also be informed (it’s not clear whether the original sender is informed as to who the email is forwarded to). What’s more, DidTheyReadIt is invisible, meaning, in their own words, “every e-mail that you send is invisibly tracked so that the recipients will never know you’re using didtheyreadit”.

Privacy aside, for the moment, you can imagine the social fallout from this. “Jean only read my email for two minutes, and she read it in Utah when she said she was in Seattle. The cheatin’, lyin’ skunk!” Or “Brian has read my email 14 times and he still hasn’t replied! Is he trying to break up with me?” Or “That love note I sent Sandra in personnel has been forwarded to 64 people! I’m the laughing stock of the office!” (OK, there are probably easier ways to find out if you’re the laughing stock of the office. But you get the idea.)

The company behind the service is a Florida-based company called Rampell Software, whose other products include keyboard loggers such as Spector, ”the most advanced computer monitoring application” for Macs (“Spector locally (and secretly) records everything you do on your computer”). Then there’s ViewRemote (“record everything that happens on your computer and watch it from any other computer in the world!”). Clearly Rampell has some experience in the field of stealth software. I can see warning flags being raised all over the place already, and the company’s privacy policy, as it stands, is not comprehensive or specific enough to be reassuring. Perhaps it will be before the official launch.

DidTheyReadIt works slightly differently to MessageTag. Once you’ve signed up and installed the software, you add an extra didtheyreadit.com to any email you send out that you want to track. So joe@sixpack.com becomes joe@sixpack.com.didtheyreadit.com. There’s not enough information on the website to say more than that. Indeed, there’s a lot that’s not on the website, and which I think we need to know before assessing DidTheyReadIt. Such as:

  • How can the user alert recipients to the fact he’s using the service and what it entails?
  • How will the email addresses harvested by Rampell be used?
  • Why is the service invisible by default?
  • How will Rampell prevent this service being used by spammers and other mass-mail marketers?

The service will be officially launched later this month. The basic version of DidTheyReadIt is free, but is limited to 5 messages. Subscriptions cost $10 a month, $40 a half-year or $50 for the whole year.

I’d be interested in hearing from folk (lwire at jeremywagstaff.com) about whether they think there’s a line here that could allow services like MessageTag to thrive without sacrificing privacy — such as allowing users to choose whether they acknowledge receiving an email, without requiring much effort on their part, perhaps– or whether DidTheyReadIt just throws into sharp relief that this sort of thing is unacceptable to most folk and should be stopped. I’ll also forward this to Rampell to see if they have any comments.

14. May 2004 by jeremy
Categories: Privacy | Tags: , , , , , , , , , | 13 comments

Comments (13)

  1. When someone’s wishes (to know whether I read their e-mail) supercedes my right to privacy (whether I read the e-mail or not is my business, not theirs, since it now resides on my computer) the constitution of the united states no longer has any value and the individual has no rights. In other words, your “right” to expect my fist to stop before it hits your nose is now superceded by my “wish” to not stop my fist before it hits your nose.

  2. there’s gotta be any of a hundred ways this tracking wouldn’t work. How’s it going to activate any sort of call-home mechanism when I read this with my unix mail reader? or likely, if i turn off html and all the active features on a non-unix reader? And as long as there’s holes like this, it’s worthless. I don’t know what kind of sucker would actually pay for a service like this…

  3. I just tested the DidTheyReadIt service. I signed up with a hotmail account, and sent an email, with the .didtheyreadit.com extension on the address, to an account I access using Outlook Express.

    First, I right-clicked the message title, and selected Properties, Details, and Message source. This opened the message in a simple text window, where I could read not only the message I sent, but also the reference to the 1-pixel-by-1-pixel web bug for tracking placed at the bottom of the message. I then checked in with DidTheyReadIt.com, where there was no indication whatsoever that I had read the message.

    Next, upon seeing that my ISP’s anti-spam/anti-virus processes had rendered the web bug ineffective, I went ahead and fully opened the message in Outlook Express. The entire text of my message was there in all its glory. I returned to DidTheyReadIt.com to check again, and they were blissfully unaware that their “monitoring” had failed to report that I had not only read it, but also forwarded it to another of my accounts, and read it there, too.

    God bless my ISP and their attention to privacy. And God help the investors behind DidTheyReadIt.com — they’re gonna need all the help they can get.

    Regards,

    Bob

  4. If this really works, two comments:

    1. It is unnecessary. In my experience email is extremely reliable. If I don’t get a reply to my message or the recipient says he/she never got it, I don’t need artificial intelligence to know what’s up. It’s like the time I said to the lady after the first date, “We ought to do this again some time” and she didn’t say anything. And who gives a flying fandango how long somebody spent reading the message? Maybe they’re a speed reader.
    2. It is an outrage. Who wants some clown monitoring your e-mail habits? We can only wonder what’s next. I hope mfrs. of firewalls can put something in to hammer DidTheyReadIt.

  5. It’s a simple web bug. Easy to kill if you know it’s there. It looks like this: [img src = “http://didtheyreadit.com/index.php/worker?code=eecb847b62ae865c6c220a4a1c6b37f8″ width=”1″ height=”1” /]

    Outlook 2003 and yahoo.com already block images embedded in emails. I’m sure we’ll be adding this didtheyreadit.com and rampellsoft.com to our http blacklist tomorrow.

  6. This just works like all of the spam that you’ve been getting for years – web bugs. Just turn off loading of images in your e-mail client. Sounds like a company is trying to make money off of deceptive practices of the SPAM industry. You should already be doing this, anyway, with the amount of spam out there. Don’t do HTML e-mail.

  7. Pingback: Foolippic

  8. I just heard a story about this on Talk of the Nation on National Public Radio, they didn’t do their research enough even to be able explain what’s been mentioned here. It ended up sounding more like an advertisement than a news program. If they would have spoken to anyone with any expertise they would have been able to dispell the myth that this is invisible and unavoidable or even that this is some kind of new technology. Shame on them too…

  9. To see if an email has the didtheyreadit.com feature before you open it, Right click on it and hit options. In the internet headers section you are likely to see rampellsoft.com. If you want to view the contents of any email without opening it, highlight the message, hit Ctrl+C. Then go to your desktop and right click, paste. Right click on this message and open with notepad or word pad. You will see all of the message along with the internal coding without allowing any formatting or executables.

  10. Supposedly this sort of service has been available for quite some time :: http://www.readnotify.com/

  11. Pingback: Foolippic

  12. Turning off remote image loading did the trick of blocking DidTheyReadIt.com but did not stop ReadNotify.com from working. I am switching back to Horde which blocked both of them.

  13. Sir,

    I was searching the web for a FREE software that can be used for my personal (non commercial) use to send emails with read receipt.

    In your article you have said about ‘didtheyreadit.com’. you have also said about the service if free for individual use. But their web site does not mention anything about free.

    Please offer your valuable suggestion about any other free software that can generate read receipt (like).

    Yours sincerly

    Suresh