Towards Transparency in Email Tracking

  • Max MaassEmail author
  • Stephan Schwär
  • Matthias Hollick
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11498)


Tracking technologies have become ubiquitous, not only on websites but also in email messages. However, while protection and transparency tools exist for the web, no such tools exist for email messages, thus obscuring privacy violations. We introduce the PrivacyMail platform to assist with the automated analysis of email messages. The platform automatically analyzes commercial mailing lists, making it easier to detect different forms of tracking. Our platform introduces transparency about the practices of companies, and serves as a tool for regulators, data protection professionals and consumers alike. Our preliminary results show widespread email tracking, where opening an email can result in information being sent to up to 13 third parties, in some cases disclosing the users’ email address in the process.


Scanner Tracking Compliance Email Privacy 



This work has been co-funded by the DFG as part of project C.1 within the RTG 2050 “Privacy and Trust for Mobile Users”.


  1. 1.
    Andersdotter, A., Jensen-Urstad, A.: Evaluating websites and their adherence to data protection principles: tools and experiences. IFIP Adv. Inf. Commun. Technol. 498, 39–51 (2016)CrossRefGoogle Scholar
  2. 2.
    Clark, J., van Oorschot, P.C., Ruoti, S., Seamons, K., Zappala, D.: Securing Email. ArXiv preprint (2018). arXiv:1804.07706
  3. 3.
    Electronic Frontier Foundation: PrivacyBadger. Accessed 28 Jan 2019
  4. 4.
    Englehardt, S., Han, J., Narayanan, A.: I never signed up for this! Privacy implications of email tracking. Proc. Priv. Enhancing Technol. 2018(1), 109–126 (2018)CrossRefGoogle Scholar
  5. 5.
    Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS 2016, no. 1, pp. 1388–1401. ACM Press, New York (2016)Google Scholar
  6. 6.
    Haupt, J., Bender, B., Fabian, B., Lessmann, S.: Robust identification of email tracking: a machine learning approach. Eur. J. Oper. Res. 271(1), 341–356 (2018)CrossRefGoogle Scholar
  7. 7.
    Hu, H., Peng, P., Wang, G.: Characterizing pixel tracking through the lens of disposable email services. IEEE Secur. Priv. 2019, 545–559 (2019)Google Scholar
  8. 8.
    Maass, M., Walter, N., Herrmann, D., Hollick, M.: On the Difficulties of incentivizing online privacy through transparency: a qualitative survey of the German health insurance market. In: 14. Internationale Tagung Wirtschaftsinformatik (2019)Google Scholar
  9. 9.
    Maass, M., Wichmann, P., Pridöhl, H., Herrmann, D.: PrivacyScore: improving privacy and security via crowd-sourced benchmarks of websites. In: Schweighofer, E., Leitold, H., Mitrakas, A., Rannenberg, K. (eds.) APF 2017. LNCS, vol. 10518, pp. 178–191. Springer, Cham (2017). Scholar
  10. 10.
    Marx, M., Zimer, E., Mueller, T., Blochberger, M., Federrath, H.: Hashing of personally identifiable information is not sufficient. Sicherheit, pp. 55–68 (2018)Google Scholar
  11. 11.
    Pridöhl, H.: Privacyscanner., Accessed 28 Jan 2019
  12. 12.
    Xu, H., Hao, S., Sari, A., Wang, H.: Privacy risk assessment on email tracking. In: IEEE INFOCOM, pp. 2519–2527 (2018)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Secure Mobile Networking LabTU DarmstadtDarmstadtGermany

Personalised recommendations