In my last weblog, I wrote about a fascinating but disturbing new email service called DidTheyReadIt that lets you trace every piece of email you send, for $50 a year. It tells you if someone opened your mail, and even how long the recipient kept your email open.
I’ve used the service more since then, and done a bit of investigation, and what I’ve found is both disturbing and reassuring. Disturbing because DidTheyReadIt uses a technology commonly used by spammers to help harvest email addresses, and reassuring because it’s so easy to defeat.
DidTheyReadIt attaches an transparent, one-pixel .gif called a “Web bug” or “Web beacon” to emails you send out. When someone opens your email, your email server grabs the .gif from the DidTheyReadIt server, which then logs information about when you opened the message, and for how long you had it open. It then sends that information to you. Spammers commonly use this technology to confirm people’s email addresses, so that they can spam them more in the future, and sell the confirmed email addresses to other spammers.
The DidTheyReadIt service has more problems than that it invades people’s privacy, and uses a technology that spammers use. Ultimately, too much of the time it can’t actually tell you if someone has ready your message. If you send a message to someone who doesn’t use HTML email, you won’t be able to know whether he’s opened the message. Outlook 2003, and all future versions of Outlook, turn off HTML email by default. So send a message to someone who uses Outlook 2003, and you won’t know whether your mail got through. (The exception is if you’re on the Contact list of the person to whom you’re sending a message. In that case, Outlook 2003 turns on HTML.)
Because Web bugs are associated with spam, some anti-spam software blocks email that includes them. In the future, expect that all anti-spam software will do it. It even appears that some ISPs block email with Web bugs as well. I’ve sent several emails using DidTheyReadIt to my beta Google Gmail account, and not a single one has gotten through.
What’s the upshot? DidTheyReadIt is one of those bad ideas that probably won’t stick around long. Legislation won’t be needed to kill it (as some have proposed) — technology will handle that all by itself.
What do you think of DidTheyReadIt and similar technologies? Should the government intervene?