We show that the simple act of viewing emails contains privacy pitfalls for the unwary. We assembled a corpus of commercial mailing-list emails, and find a network of hundreds of third parties that track email recipients via methods such as embedded pixels. About 30% of emails leak the recipient’s email address to one or more of these third parties when they are viewed. In the majority of cases, these leaks are intentional on the part of email senders, and further leaks occur if the recipient clicks links in emails. Mail servers and clients may employ a variety of defenses, but we analyze 16 servers and clients and find that they are far from comprehensive. We propose, prototype, and evaluate a new defense, namely stripping tracking tags from emails based on enhanced versions of existing web tracking protection lists.
If the inline PDF is not rendering correctly, you can download the PDF file here.
 Gunes Acar, Christian Eubank, Steven Englehardt, Marc Juarez, Arvind Narayanan, and Claudia Diaz. The web never forgets: Persistent tracking mechanisms in the wild. In Proceedings of ACM CCS, pages 674–689. ACM, 2014.
 Gunes Acar, Marc Juarez, Nick Nikiforakis, Claudia Diaz, Seda Gürses, Frank Piessens, and Bart Preneel. Fpdetective: dusting the web for fingerprinters. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 1129–1140. ACM, 2013.
 Julia Angwin. Why online tracking is getting creepier. ProPublica, Jun 2014.
 Mika D Ayenson, Dietrich James Wambach, Ashkan Soltani, Nathan Good, and Chris Jay Hoofnagle. Flash cookies and privacy II: Now with html5 and etag respawning. 2011.
 Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Elie Bursztein, Nicolas Lidzborski, Kurt Thomas, Vijay Eranti, Michael Bailey, and J Alex Halderman. Neither snow nor rain nor mitm...: An empirical analysis of email delivery security. In Proceedings of the 2015 ACM Conference on Internet Measurement Conference, pages 27–39. ACM, 2015.
 Peter Eckersley. How unique is your web browser? In International Symposium on Privacy Enhancing Technologies Symposium, pages 1–18. Springer, 2010.
 Steven Englehardt and Arvind Narayanan. Online tracking: A 1-million-site measurement and analysis. In ACM Conference on Computer and Communications Security, 2016.
 Steven Englehardt, Dillon Reisman, Christian Eubank, Peter Zimmerman, Jonathan Mayer, Arvind Narayanan, and Edward W Felten. Cookies that give you away: The surveillance implications of web tracking. In Proceedings of the 24th Conference on World Wide Web, 2015.
 David Fifield and Serge Egelman. Fingerprinting web users through font metrics. In International Conference on Financial Cryptography and Data Security, 2015.
 Ralph Holz, Johanna Amann, Olivier Mehani, Mohamed Ali Kâafar, and Matthias Wachs. TLS in the wild: An internetwide analysis of tls-based protocols for electronic communication. In 23nd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016, 2016.
 Balachander Krishnamurthy, Konstantin Naryshkin, and Craig Wills. Privacy leakage vs. protection measures: the growing disconnect. In Proceedings of the Web, 2011.
 Balachander Krishnamurthy and Craig E Wills. On the leakage of personally identifiable information via online social networks. In Proceedings of the 2nd ACM workshop on Online social networks, pages 7–12. ACM, 2009.
 Pierre Laperdrix, Walter Rudametkin, and Benoit Baudry. Beauty and the beast: Diverting modern web browsers to build unique browser fingerprints. In 37th IEEE Symposium on Security and Privacy, 2016.
 Adam Lerner, Anna Kornfeld Simpson, Tadayoshi Kohno, and Franziska Roesner. Internet jones and the raiders of the lost trackers: An archaeological study of web tracking from 1996 to 2016. In 25th USENIX Security Symposium, 2016.
 Timothy Libert. Exposing the invisible web: An analysis of third-party http requests on 1 million websites. International Journal of Communication, 9:18, 2015.
 Jonathan R Mayer and John C Mitchell. Third-party web tracking: Policy and technology. In 2012 IEEE Symposium on Security and Privacy. IEEE, 2012.
 Georg Merzdovnik, Markus Huber, Damjan Buhov, Nick Nikiforakis, Sebastian Neuner, Martin Schmiedecker, and Edgar Weippl. Block me if you can: A large-scale study of tracker-blocking tools. In Proceedings of the 2nd IEEE European Symposium on Security and Privacy (IEEE EuroS&P), 2017.
 Keaton Mowery and Hovav Shacham. Pixel perfect: Fingerprinting canvas in HTML5. W2SP, 2012.
 Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Christopher Kruegel, Frank Piessens, and Giovanni Vigna. Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In Security and privacy (SP), 2013 IEEE symposium on, pages 541–555. IEEE, 2013.
 Lukasz Olejnik, Gunes Acar, Claude Castelluccia, and Claudia Diaz. The leaking battery A privacy analysis of the HTML5 Battery Status API. Technical report, 2015.
 Jingjing Ren, Ashwin Rao, Martina Lindorfer, Arnaud Legout, and David Choffnes. Recon: Revealing and controlling pii leaks in mobile network traffic. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, pages 361–374. ACM, 2016.
 Franziska Roesner, Tadayoshi Kohno, and David Wetherall. Detecting and defending against third-party tracking on the web. In Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation, pages 12–12. USENIX Association, 2012.
 Ashkan Soltani, Shannon Canty, Quentin Mayo, Lauren Thomas, and Chris Jay Hoofnagle. Flash cookies and privacy. In AAAI spring symposium: intelligent information privacy management, volume 2010, pages 158–163, 2010.
 Oleksii Starov, Phillipa Gill, and Nick Nikiforakis. Are you sure you want to contact us? quantifying the leakage of pii via website contact forms. Proceedings on Privacy Enhancing Technologies, 2016(1):20–33, 2016.
 Oleksii Starov and Nick Nikiforakis. Extended tracking powers: Measuring the privacy diffusion enabled by browser extensions. In Proceedings of the 26th International Conference on World Wide Web, pages 1481–1490, 2017.
 Narseo Vallina-Rodriguez, Christian Kreibich, Mark Allman, and Vern Paxson. Lumen: Fine-grained visibility and control of mobile traffic in user-space. 2017.
 Zhonghao Yu, Sam Macbeth, Konark Modi, and Josep M Pujol. Tracking the trackers. In Proceedings of the 25th International Conference on World Wide Web, pages 121–132. International World Wide Web Conferences Steering Committee, 2016.