London Daily

Focus on the big picture.
Sunday, Aug 10, 2025

'Spy pixels in emails have become endemic'

'Spy pixels in emails have become endemic'

The use of "invisible" tracking tech in emails is now "endemic", according to a messaging service that analysed its traffic at the BBC's request.

Hey's review indicated that two-thirds of emails sent to its users' personal accounts contained a "spy pixel", even after excluding for spam.

Its makers said that many of the largest brands used email pixels, with the exception of the "big tech" firms.

Defenders of the trackers say they are a commonplace marketing tactic.

And several of the companies involved noted their use of such tech was mentioned within their wider privacy policies.

Emails pixels can be used to log:

*  if and when an email is opened

*  how many times it is opened

*  what device or devices are involved

*  the user's rough physical location, deduced from their internet protocol (IP) address - in some cases making it possible to see the street the recipient is on

This information can then be used to determine the impact of a specific email campaign, as well as to feed into more detailed customer profiles.

Hey's co-founder David Heinemeier Hansson says they amount to a "grotesque invasion of privacy".

Without special software, it is not easy to spot which emails contain a tracking pixel
And other experts have also questioned whether companies are being as transparent as required under law about their use.
Invisible beacons


Tracking pixels are typically a .GIF or .PNG file that is as small as 1x1 pixels, which is inserted into the header, footer or body of an email.

Since they often show the colour of the content below, they can be impossible to spot with the naked eye even if you know where to look.

Recipients do not need to click on a link or do anything to activate them beyond open an email they are embedded in.

British Airways, TalkTalk, Vodafone, Sainsbury's, Tesco, HSBC, Marks & Spencer, Asos and Unilever are among UK brands Hey detected to be using them.

But their use was much more widespread despite many members of the public being unaware of it, said Mr Hansson.

"It's not like there's a flag saying 'this email includes a spy pixel' in most email software," he added.

Hey does offer such a facility, but users must pay an annual subscription.

Hey alerts its customers to the use of pixel trackers and automatically blocks them

Alternatively, users can install free plug-ins into other email programs to strip out many pixel trackers. Other options are to simply set their software to block all images by default, or to view emails as plain text.

"On average, every Hey customer receives 24 emails per day that attempt to spy on them," Mr Hansson said.

"The top 10% of users receive more than 50.

"We're processing over one million emails a day and we're just a tiny service compared to the likes of Gmail, but that's north of 600,000 spying attempts blocked every day."

The BBC also uses email pixels in some of its communications, although this was not picked up by Hey.

Follow-up phone calls


Tracking pixels are a standard feature of automated email services used by large and small businesses, and in many cases the facility is difficult to turn off.

Two years ago Superhuman, a consumer-focused email client, tried to extend their use to the public as a default feature of its own, but reversed course after a public outcry.

That had little impact on the marketing industry's continued reliance on the tech.

Clients can use them to track how many emails in a specific campaign are opened in aggregate, as well as to automatically stop sending messages to customers who ignore them.

But a study by Princeton University also indicated the data gathered was sometimes linked to a users' cookies. This allows an individual's email address to be tied to their wider browsing habits, even as they move from one device to another.

"The resulting links between identities and web history profiles belie the claim of 'anonymous' web tracking," the paper warned.

In addition, trackers can also lead to personalised follow-ups.

Danish technologist David Heinemeier Hansson co-created the premium email service Hey in 2020

"Particularly with salespeople or consultants, they can go: 'I saw you open my email yesterday, but you haven't replied yet. Can I call?'" said Mr Hansson.

"And in some cases they get outright belligerent when they see you've opened it three times but have still not replied."

Privacy laws


Use of tracking pixels is governed in the UK and other parts of Europe by 2003's Privacy and Electronic Communications Regulations (Pecr) and 2016's General Data Protection Regulation (GDPR).

They require organisations to inform recipients of the pixels, and in most cases to obtain consent.

One privacy consultant said the Court of Justice of the European Union (CJEU) had previously ruled that such consent must be "unambiguous" and "a clear affirmative act".

"Solely placing something in a privacy notice is not consent, and it is hardly transparent," said Pat Walshe from Privacy Matters.

"The fact that tracking will take place and what that involves should be put in the user's face and involve them opting in.

"The law is clear enough, what we need is regulatory enforcement. Just because this practice is widespread doesn't mean it's correct and acceptable."

Mr Walshe noted that the ICO had used a pixel within its own e-newsletter.

The ICO tells users their interactions with its newsletter will be tracked on the sign-up form

The watchdog told the BBC it was used to track email openings, but not users' locations, adding: "We're working with our provider to remove the pixel functionality and this should be completed soon."

The BBC asked some of the companies identified by Hey for their own response.

British Airways said: "We take customer data extremely seriously, and use a cross-industry standard approach that allows us to understand how effective our customer communications are."

TalkTalk said: "As is common across our industry and others, we track the performance of different types of communications to understand what our customers prefer. We do not share this data externally."

Newsletter

Related Articles

0:00
0:00
Close
Street justice isn’t pretty but how else do you deal with this kind of insanity? Sometimes someone needs to standup and say something
Armenia and Azerbaijan sign U.S.-brokered accord at White House outlining transit link via southern Armenia
Barcelona Resolves Captaincy Issue with Marc-André ter Stegen
US Justice Department Seeks Release of Epstein and Maxwell Grand Jury Exhibits Amid Legal and Victim Challenges
Trump Urges Intel CEO Lip-Bu Tan to Resign Over Alleged Chinese Business Ties
Scotland’s First Minister Meets Trump Amid Visit Highlighting Whisky Tariffs, Gaza Crisis and Heritage Links
Trump Administration Increases Reward for Arrest of Venezuelan President Maduro to Fifty Million Dollars
Armenia and Azerbaijan to Sign US-Brokered Framework Agreement for Nakhchivan Corridor
British Labour Government Utilizes Counter-Terrorism Tools for Social Media Monitoring Against Legitimate Critics
OpenAI Launches GPT‑5, Its Most Advanced AI Model Yet
Embarrassment in Britain: Homelessness Minister Evicted Tenants and Forced to Resign
President Trump nominated Stephen Miran, his top economic adviser and a critic of the Federal Reserve, to temporarily fill an open Fed seat
The AI-Powered Education Revolution: Market Potential and Transformative Impact
Chikungunya Virus Outbreak in Southern China: Over 7,000 Hospitalized
French wine makers have seen catastrophic damage to vines that were almost ready to be harvested after the worst fires in more than 70 years burned through the south of the country
US Lawmaker Probes Intel CEO’s China Ties Amid National Security Concerns
Brazilian President Lula says he’ll contact the leaders of BRICS states to propose a unified response to U.S. tariffs
Trump Open to Meeting Putin as Soon as Next Week, with Possible Trilateral Summit Including Zelenskiy
Katy Perry and Justin Trudeau spark dating rumors, joining high stakes world of celeb-politician romances
US envoy Steve Witkoff arrived in Moscow to seek a breakthrough in the Ukraine war ahead of President Trump’s peace deadline
WhatsApp Deletes 6.8 Million Scam Accounts Amid Rising Global Fraud
Nine people have been hospitalized and dozens of salmonella cases have been reported after an outbreak of infections linked to certain brands of pistachios and pistachio-containing products, according to the Public Health Agency of Canada
Karol Nawrocki Inaugurated as Poland’s President, Setting Stage for Clash with Tusk Government
Trump Signals JD Vance as ‘Most Likely’ MAGA Successor for 2028
US Charges Two Chinese Nationals for Illegal Nvidia AI Chip Exports
Texas Residents Face Water Restrictions While AI Data Centers Consume Millions of Gallons
U.S. Tariff Policy Triggers Market Volatility Amid Growing Global Trade Tensions
Tariffs, AI, and the Shifting U.S. Macro Landscape: Navigating a New Economic Regime
Representative Greene Urges H-1B Visa Cuts Amid U.S.-India Trade Tensions
U.S. House Committee Subpoenas Clintons and Senior Officials in Epstein Investigation
Sydney Sweeney Registered as Republican as Controversial American Eagle Ad Sparks Debate
Trump Accuses Major Banks of Politically Motivated Account Denials and Prepares Executive Order
TikTok Removes Huda Kattan Video Over Anti-Israel Conspiracy Claims
Trump Threatens Tariffs on India Over Russian Oil Imports
German Finance Minister Criticizes Trump’s Attacks on Institutions
U.S. Proposes Visa Bond of Up to $15,000 for Some Applicants
U.S. Farmers Increase Lobbying Amid Immigration Crackdown
Elon Musk Receives $23.7 Billion Tesla Stock Award
Texas House Paralyzed After Democrats Walk Out Over Redistricting
Mexican Cartels Complicate Sheinbaum’s U.S. Security Talks
Mark Zuckerberg Declares War on the iPhone
India Rejects U.S. Tariff Threat, Defends Russian Oil Purchases
United States Establishes Strategic Bitcoin Reserve and Digital Asset Stockpile
Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
China Tightens Mineral Controls, Curtailing Critical Inputs for Western Defence Contractors
OpenAI’s Bold Bet: Teaching AI to Think, Not Just Chat
Tesla Seeks Shareholder Approval for $29 Billion Compensation Package for Elon Musk
Nvidia is cutting prices on its RTX 50-series graphics cards after sales slowed and inventories piled up
Ghislaine Maxwell Transferred to Minimum-Security Prison Amid Ongoing DOJ Discussions
U.S. Tariffs Surge to Highest Levels in Nearly a Century Under Second Trump Term
×