Google Makes It Harder For Marketers To Collect User Data 195
cagraham writes "In a seemingly minor update, Google announced that all Gmail images will now be cached on their own servers, before being displayed to users. This means that users won't have to click to download images in every email now — they'll just automatically be shown. For marketers, however, the change has serious implications. Because each user won't download the images from a third-party server, marketers won't be able to see open-rates, log IP addresses, or gather information on user location and browser type. Google says the changes are intended to enhance user privacy and security."
Re:And google will retain that info exclusively. (Score:4, Informative)
While I applaud the move, it is about competitive advantage for Google.
Google already knew which emails you have or haven't read. So does every other email client, web-based or IMAP / POP3.
They do see open rates (Score:3, Informative)
The cache system honors no-cache headers. As long as your images are served no-cache, you do see exactly when the email was opened, since the GMail servers refetch it every time. If each user gets a unique URL, you know exactly who opened the email.
change or same mistake I made about announcement? (Score:5, Informative)
Is this a new change, because after I saw the google announcement, I saw a report that they would share all that data about loading of images with marketers. End result: safer images, but just as much information for marketers, as along as they make nice with Google as 'official' email marketers. Would love to be wrong. Here's my source, Ars Technica article.
http://arstechnica.com/security/2013/12/dear-gmailer-i-know-what-you-read-last-summer-and-last-night-and-today/ [arstechnica.com]
Re:And google will retain that info exclusively. (Score:3, Informative)
If they have specific knowledge about Gmail. Unfortunately, mailers that don't would make the more dangerous assumption (that you read the mail) under that behavior.
But anyway, even that's not true because under Gmail's new setup, the first download will still come when the user opens the mail and loads the images. At least, that's the best information I can find on this [techcrunch.com]. I also saw a comment somewhere a couple of days ago by someone who claimed to have tested that behavior, and checked that the load of the image came when the mail was opened.
Re:if Google is smart, they download 1 copy, ignor (Score:2, Informative)
You make the tracking ID part of the image name. Set up a cgi to always return the same image regardless of what it is called. Use a fake hashed etag thingy so they are always different.
Google has to download the image to see if it is the same, marketing mission accomplished.
e.g. http://examplemarketing.com/images/gjdfkadfdhkhkfdhkdsfhkhfdsqiuqr.gif
Oh. Please send royalties to A.C. @ Slashdot.
Re:Possible? (Score:5, Informative)
Image formats have been used to compromise browsers in the past, so automatically loading images in your webmail or email client is a bad idea. Fortunately this is just a change from the default behavior so you can turn it off in the options.
In fact, Microsoft just patched a .tiff image format exploit last Tuesday [pcworld.com].
Summary is wrong wrong wrong (Score:5, Informative)
This summary is garbage and complete misrepresents the implications of Gmail's change. (I already researched this last week and developed a solution to avoid cacheing with in-progress email images that might get replaced with final versions)
Every singe email marketing system already uses a unique image URL to identify a given recipient. This is frequently called a "tracking pixel" because it's usually a 1px transparent gif stuck in the corner of an email where it won't be distracting. In fact, this method has been used for web tracking as well for many years. It's how Google Analytics originally worked.
Since these unique images will still get loaded when an email is opened in Gmail, marketers will still be able to track your opens. What they won't see, however, is how many times you re-opened the email. And since the image gets cached and requested through Gmail's proxy, marketers won't get information about your machine like browser, IP address, etc. But if you click-through on a link, or you visited their site before (highly likely if you're on their mailing list) then they have most of that info anyways.
This caching by Gmail is primarily to speed up Gmail since it means images can be loaded and shared on Google's Content Delivery Network which is almost certainly faster than servers owned by the email campaign provider for image hosting.
Re:Hah (Score:3, Informative)
Google caches content only for it's own Gmail client, so you have no choice of clients with regards to this caching.
That makes no sense.
If they only cache for their Gmail client, that would mean I DO have a choice, by simply using another client.
As for the disable feature, that is the FIRST thing I did. This feature does nothing to protect the user. Its all about giving google an advantage. It MAY be illegal. Its not at all clear that Google has the right to cache image files that were intended to be sent directly from my Brokerage account to me via an embedded URL in an email.
Re: Worse, Google now blocks steganography too (Score:4, Informative)
They're not caching attached images, they're caching linked images.
Re:And google will retain that info exclusively. (Score:4, Informative)
Typically SMTP servers won't accept delivery if the recipient is unknown, although I suppose when you write your own SMTP server you can do pretty much as you want. I can't see any up-side for google to process mail for NO ONE.
If they don't accept the body of the message they wouldn't get the URLs.