Apple Begins Gathering Your Private Information within the Title of “Privateness”

0

I fear that many users tick Apple’s privacy policy thinking that no one can see what they are doing online. You couldn’t be more wrong.

Last week Apple introduced new data protection functions for the Mail app for the upcoming iOS 15 and MacOS Monterey versions, which are expected in September.

Having been in the email world for 23 years, I view these changes as both good and bad. Apple’s public discussion of online privacy is good, and I applaud your efforts as a full user of Apple products both personally and professionally.

On the surface, the viewing angle looks great for most people. However, This move further undermines web privacy and puts your data right in the hands of a very small number of large companies like Apple, Google and Facebook.

I’m not saying this as the CEO of an email company, but as an end user of the web who is also very privacy conscious (more on that below).

The release from Apple indicates that these changes will be made:

In the Mail app, Mail Privacy Protection prevents senders from using invisible pixels to collect information about the user. The new feature helps users prevent senders from knowing when they are opening an email and masks their IP address so that it cannot be linked to other online activities or used to determine their location.

Image Source: Ryan Jones via Twitter

These changes affect email senders in several ways:

  • Block a recipient’s IP address from being seen.
  • The tracking of the opening rate becomes even more unreliable.

Blocking IP addresses

Your IP address is a computer address that points to you and your activities when you surf the Internet. This address can only be used by you, your family, or an entire school or business location. Apple will soon begin loading images in email through a proxy that will hide your real IP address from the people emailing you.

If someone as an email sender blocks their IP address, it becomes more difficult to see where in the world someone might live. This makes segmenting subscribers by geography for specific sales or sending in their local time zone less accurate.

Then the only way to pinpoint someone’s location is either by the IP address they signed up for your list with or when they click a link in one of your emails.

For context, Gmail has been doing the same image proxying since 2013, Yahoo since 2018, and Microsoft Outlook since ~ 2018. This change from Apple affects more email recipients, but it’s really just about Apple catching up on what Gmail, Yahoo, and Microsoft have been doing for years.

Unreliable open rate tracking

Many email professionals write about how this change is destroying open rate tracking as a metric for target audience.

So far it has been unclear whether Apple will completely block the loading of open rate tracking images. In fact, some media reports that Apple only loads all images through their proxy. I believe that most of the time they only load images through a proxy and probably won’t reliably block open tracking pixels. Some tests have shown that Apple preloads email images before a recipient opens the message in their email client.

But time and more testing will tell what Apple actually does when they take the feature into the wild.

But let’s take a step back and talk about the open rates.

Open rate tracking as a metric has never measured how many people open your emails. It simply measures how many people have downloaded the pictures in your emails.

Many recipients disable images in their e-mail programs, which prevent senders from measuring the opening of an e-mail. If I disable image loading in my email client, you will never find that I “open” any of your emails, regardless of how often I actually open them.

Loading of pictures in Apple macOS Big Sur (6/2021) disabledLoading of pictures in Apple macOS Big Sur (6/2021) disabled

The length of your message can also lead to clippings in Gmail that affect whether some of your pictures appear at the end of a long email.

As a professional email marketer, I consider open rate metrics a useful tool for:

  • Subject line test.
    • In general, did “Tray A” get more people open than “Tray B”?
  • Engagement tracking.
    • Not as an indicator of overall audience engagement, but as an indicator of how engaged my audience is to that email compared to an email I sent last week or a month or so. Comparing an open rate today to a few years ago is quite pointless, as changes to how images are displayed in different email clients can have a significant impact on audience measurement.
  • Reputation measurement.
    • In a bigger look at other email metrics as a signal, low open rates could be an indicator of spam folder issues, audience / content matching issues, or permission issues.

Is that damaging the email ecosystem?

Simple answer … no, it just changes.

The benchmarks you are using today need to be recalibrated, but that’s not the end of the world. Some senders may experience an increase in open rates due to Apple’s image prefetching algorithms, while other senders may experience a decrease in open rates.

Absolutely none of this means that the actual people who receive your emails will interact with those emails differently than they did before. These changes affect the technical measure used to detect openings, not actual human behavior, whether or not someone opened your email. This is an incredibly important distinction that any company that sends email should remember.

At the end of the day, you need to send emails that people want, find valuable, and interact with. If you don’t, they will be ignored, deleted, or marked as spam – and over time this will affect your ability to send email to others who actually want your email.

Using verified opt-in is still one of the best ways to ensure a high quality subscriber base.

What you need to know about user privacy

Apple is marketing these changes as improving user privacy. I would argue that it undermines user privacy.

Currently, when I use Apple Mail on my desktop or iOS mobile device, Apple doesn’t know who I’m receiving email from, when I’m reading it, or what that content is. Today I turn off images by default to protect my privacy from external senders. That gives me 100% privacy. Senders don’t see me open the email and load pictures, and Apple doesn’t scan my email or run my email contents through their proxy servers.

When I turn on Apple’s new “Protect E-Mail Activity”, Apple goes from having zero knowledge of my e-mail activity to viewing everything that has pictures in it. Apple will see your email activity …

  • They know you received and opened an email from your pharmacy.
  • They know you received and opened an email from your doctor.
  • You will see your business email images.
  • You can see your personal email pictures even if you use Gmail, Yahoo !, Outlook, or a personal email server, but read those emails with the Apple Mail app.

All of this data is viewed and controlled by Apple.

What does that mean for you?

It becomes trivial for law enforcement to subpoena a single organization like Apple and get a lot of information about you. This type of law enforcement activity has been abused many times around the world in the past and has made headlines in the last week with the DOJ subpoenas for all email communications from members of Congress. This means that significantly more private information is revealed with less effort than ever before.

Not only is this the law enforcement that might reveal this data, it also becomes trivial to subpoena them for civil lawsuits like chaotic divorces, business disagreements, and so on.

Real privacy comes from training users and knowing what options are available to end users. I fear that many users tick Apple’s privacy policy thinking that no one can see what they are doing online.

You couldn’t be more wrong.

Apple may be working from a place with good intentions now, but by using “Protect E-Mail Activities” we trust that you will continue to handle your data responsibly when economic and government pressures arise.

Learn more about Apple’s privacy changes

There are many perspectives on this new version and I encourage you to read what others have to say on the subject. I’ve rounded up a few that I found interesting.

Leave A Reply

Your email address will not be published.