Yet again this week we have seen headlines pitching Apple against Facebook, as the iPhone maker’s crackdown on user tracking threatens mobile ad revenues. But while Facebook is clearly in Apple’s sights, it is Google just as much as Facebook that is being hit hard by the new and long-delayed flight to privacy.
Gmail has already come under attack for its alarming privacy labels. But a new update from Apple, combined with a privacy backlash this month against “creepy” mail tracking, should now be the final convincer for millions of users to delete their Gmail apps, ensuring that their data is not being secretly harvested.
Until now, Apple versus Google on privacy has focused on Android’s continual game of catch-up on mobile data permissions. But Apple is also pressuring Google when it comes to its feasting on data from the billion iPhone users. And just as with its other apps, Google’s Gmail is a privacy nightmare compared to Apple’s alternative.
Earlier this year, Google cleverly allowed Facebook to play the role of minesweeper when Apple’s privacy labels exposed the sheer extent of the previously invisible data harvesting taking place. Google let its own iOS apps run stale, delaying updates until the furor had settled, before showing that its own apps were no better.
And so, one by one, we saw Google’s flagship iOS apps—Gmail, Maps, Photos, Chrome, YouTube, Docs—fill in the alarming blanks. And because this is Google, it was suddenly very important to remember that there’s an account-based system linking all these apps together and a spider’s web of trackers following users around.
As DuckDuckGo warns, “Google’s trackers are installed on 75% of the top million websites—the next closest is Facebook at 25%. Google sells ads not only on their search engine, but also on over 2.2 million other websites and over 1 million apps. Every time you visit one of these sites or apps, Google is storing that information and using it to target ads at you.” Google dwarfs Facebook when it comes to this tracking—period.
Apple has been publicly cracking down on Facebook with App Tracking Transparency and doing the same to Google by adding new privacy innovations to Safari to tempt users away from market-leading Chrome and enhancing other apps, notably Maps, to pull its users away from Google’s data-hungry ecosystem.
The other critical innovation that Apple will bring with iOS 15 will likely be as big a hammer blow to the data marketing industry as App Tracking Transparency and blocking third-party web tracking cookies by default in Safari.
Right now, 70% of the emails you receive are laced with secretive trackers that send information back to their handlers—have you opened the email, when and how often; where were you when you read the content and what device were you using. All this data feeds the nefarious algorithms that manipulate what you buy, think and do.
According to security researcher Mike Thompson, secretive mail tracking “has become a reality we now live with, where we have to accept to some extent that our privacy was washed down the river a long time ago… How do we deal with it? Ban email providers from rendering this content? Not gonna happen.”
But with iOS 15, Apple’s new Mail Privacy Protection will at long last “stop senders from using invisible pixels to collect information about users. The new feature helps prevent senders from knowing when they open an email and masks their IP address so it can’t be linked to other online activity or used to determine their location.”
If you’re in any doubt as to the impact this will have, then take a look at the marketing trades and their response to what’s coming. Mail tracking was seen as a defense against App Tracking Transparency, to recover some value from iOS users. But Apple is now slamming that door tight shut as well. It really is all change.
As I’ve said multiple times in this column, mail tracking is a nasty technology that has appeared to escape the clampdown it deserves. It’s a marketing tool that has gotten completely out of control, with most emails now tracking user behaviors. Suffice to say, make sure you enable Mail Privacy Protection when iOS 15 arrives.
“Tracking pixels are a concerningly normal part of today’s internet and yet another example of how people’s privacy is being intruded upon on a day-to-day basis,” Proton founder Andy Yen warns. “The volume of information a company can gather with something as simple as an invisible image is incredible.”
Until now, the best way to prevent these pixels tracking your activity has been to prevent remote images loading automatically. This stops most invisible tracking, but it removes the richness of the emails you open and if you do want to see any of the images, email by email, then those tracking pixels come along as well.
As Apple warns, “emails may include hidden pixels that allow the email’s sender to learn information about you. As soon as you open an email, information about your activity can be collected by the sender without transparency and an ability to control what information is shared. Email senders can learn when and how many times you opened their email, whether you forwarded the email, your IP address, and other data that can be used to build a profile of your behavior and learn your location.”
“Using/abusing pixel tracking for location tracking is in my mind over the line,” says Cyjax CISO Ian Thornton-Trump. “I think it’s an overreach and hard to justify in terms of collecting data under GDPR/PECR. Is collection of my location relevant to the goods or services being offered? Maybe. But I think it should be immensely hard to justify.”
Apple’s new solution will load all remote content using multiple proxy servers. This will do two things. First, images can be presented on all your emails without any risk of tracking—they’re being served from Apple’s own servers. And second, marketeers will receive a near 100% open-rate for their emails, rendering it useless data.
So, unless you click a link from within an email, there should be no way to harvest any data from your email browsing activity. The only thing Apple will provide is a broad idea of the region you’re in, to ensure any context and language is right.
The flight to privacy, fueled by Apple and others, is shining an awkward light on Google, Facebook and the data-driven digital marketing industry. “The everyday user is waking up to the importance of privacy,” security researcher Sean Wright says. “Anything that helps them keep control over their data is a step in the right direction, but privacy is not ‘one size fits all’. The power to choose how and where data is used should always be in the hands of the individual. As such, education and transparency so users can make informed decisions about which mail clients they should use is key.”
Google has actually been blocking email IP address tracking for some time now, using its own servers to preload remote images. But it still returns other data to marketeers, including “open rates,” and there’s no anonymization from Google itself. It continues to collect all the data it can. Apple is a very different proposition.
“Apple does not learn any information about the content,” the company says. “All remote content downloaded by Mail is routed through multiple proxy servers, preventing the sender from learning your IP address. Rather than share your IP address, which can allow the email sender to learn your location, Apple’s proxy network will randomly assign an IP address that corresponds only to the region your device is in. As a result, email senders will only receive generic information rather than information about your behavior. Apple does not access your IP address.
I asked Google for more detail on Gmail’s use of its own servers to load remote images, how extensively it blocks user IP address harvesting, and whether Google itself has any restrictions on the location tracking data it can harvest from Gmail usage. I had not received a response ahead of publishing.
Google has already been criticized elsewhere for introducing new privacy innovations that block third-parties and so advantage Google, most notably the removal of third-party trackers in Chrome, which it has been argued will concentrate everything in Google’s own data-harvesting hands. As such, the move has been delayed.
And, ultimately, that’s the crux here. Apple’s new privacy innovations have been designed holistically. There are no qualifiers and workarounds. “If you choose to turn it on,” Apple says, “Mail Privacy Protection helps protect your privacy by preventing email senders, including Apple, from learning information about your Mail activity.”
It has taken too long, but we have now seen a strong clampdown on cross-site web tracking, with Safari and Firefox protecting vast numbers of users, and more specialist offerings from Brave and DuckDuckGo also hitting the market. It’s worth noting, that when it comes to such tracking Google’s Chrome is now an outlier in how it works by default, how much data is gathered as you browse, how data is linked to your identity.
It’s likely we’ll see something similar now with mail tracking. “Just like browsing the web,” DuckDuckGo told me, “email is used to track people without their knowledge.” The privacy-first company has just announced its own mail service to block tracking, “a free, personal @duck.com email address—emails sent to it will forward to your regular inbox, with creepy email trackers removed.”
“Email tracking is often completely forgotten,” warns ESET’s Jake Moore, “as it quietly operates in the background in stealth mode. It is seen as a huge invasion of privacy, possibly even dangerous if used criminally.”
Google has told me that data it collects is used to “provide helpful and personalized experiences in Google products, including faster searching and automatic recommendations.” The company also emphasizes that users “can control what activity gets saved to their account or delete their activity at any time.”
But that puts the onus on you to police Google and actively check on what’s been collected, forming a judgement on what is appropriate and proportionate. As I’ve said many times, when it comes to platforms and services, just follow the money. Google generates its revenue from data-driven advertising. It’s not complicated.
You don’t need to stop using Gmail itself, albeit remember that Google can see everything you’re doing server-side. But you should use Apple’s own Mail app with Gmail rather than the Gmail app. This stops Google gathering additional data through the app’s permission settings. It also means you can use email without any concerns that anyone—including Google—is hiding invisible trackers.