How do you know if someone has read your email message?
Has your recipient actually read that email that you sent to him or her?
Has anyone else been reading the email messages that you sent or which are saved in your online email folders?
We are often asked how customers can verify if an email that has been sent has actually been read or if they can detect if messages have been covertly read (e.g. by the NSA). The quick answer is that:
- With respect to your recipients reading your emails, you generally cannot ever know unless you plan on it ahead of time or use a system that includes read tracking as a feature.
- With respect to your ISP or the government reading emails, you cannot ever know. All you can do is implement encrptions mechanisms to prevent them from reading the messages altogether.
In this article, we will discuss what measures you can take and how effective they are for determining if an email message has been read — the simplest and most generally available methods are the least reliable.
Detecting if your ISP or the Government is Reading your Email
This is a hot topic with all of the surveillance by the NSA and other government bodies and ISPs that has come to light lately. Many customers has asked if it is possible to tell if their email has been accessed or read by someone at the ISP or if the ISP has given the email to government agencies.
The answer is — you can’t tell. Why?
- When you get down to it, email messages are simply files on disk or in a database. Anyone with access to the raw files or databases can read the raw email message content without leaving any digital fingerprints that you can see when looking at your messages yourself.
- Any high enough level system administrator at your email service provider will have access to the raw content of your email messages. These people can technically read this raw content and/or give it to other people / organizations.
- There may be system-level log files that indicate who has accessed what when, but usually this data is not granular enough to indicate access to specific files and these logs are only available to these high level system administrators — and not to customers like yourself.
So, you can’t know if your raw email data has been accessed or read or distributed.
What can you do to protect your email?
As you can’t detect if your messages have been read inappropriately, the question then turns to ensuring that either (a) you have sufficient trust in your service provider, or (b) even if the raw messages are read, that does not divulge the true message content.
Trust in your email provider comes down to privacy policies and controls. For example, under HIPAA (the legal framework for health care privacy), organizations establish contractual relationships with their email providers where these providers ensure the privacy of their sensitive email data. E.g. that it will only be accessed by administrators as needed for business functions (e.g. to help you or to resolve a service issue) and they will not disclose any of that information to others in any inappropriate ways.
If you keep the password to your encryption keys to yourself, and there is no copy of that at your email provider, then those encrypted messages are much more safe than otherwise. If you encryption keys are also not located with your provider, then they are even more safe. E.g. using PGP or S/MIME with keys stored only in email programs under your control (and not at your provider, where they could provide more convenience with less absolute security) provides an excellent means of protecting your email data from ISP and governmental view.
Recipient Read Receipts
The most basic way to determine if your recipient has read your email message is to use a “Read Receipt”. Most email programs and WebMail systems support the concept of a “Read Receipt”. These work as follows:
- The sender chooses to add a “Read Receipt Request” to the email message (this adds a special extra “Disposition-Notification-To” to the email header of the message). This is done through a button or checkbox or preference in your email sending program.
- When the recipient opens the message for the first time, the recipient’s email program/system sees this request and works together with the recipient to determine if a receipt should be sent back to the sender or not.
- If a receipt is sent back, the sender gets sent a short email message indicating that the recipient has read the message.
This system is very simple and very unreliable, because:
- The sender must actively choose to ask for a read receipt, though usually there are preferences that allow requests to be sent with every message, so that no manual action must be performed.
- The recipient’s system must support read receipts. Some do not and those will never send you back a receipt.
- Systems that do support them generally allow the recipient to choose if receipts should be sent “always”, “never” or “ask each time”. E.g. the system may never send receipts or the recipient may choose to not send you one.
With read receipts, you only know if a recipient has read you message if you get a receipt back. But, not getting a receipt doesn’t mean that the message has not been read!
LuxSci WebMail supports use of Read Receipts for sending and receipt of email and allows the sender to choose when they are requested and the LuxSci recipient to choose if/when they are responded to the sender.
Web Bugs and Message Tracking
When someone opens an email message that contains images and other content, the reader’s email program will usually download these images and such from the Internet to display them.
Of course, downloading an image from some web site generates a trail and if someone is looking at that trail, they can see that someone downloaded the file and when (and what IP address was used, and other things). Finally, if the address used for that image is unique to the email message opened, then opening the message and downloading that image is tantamount to letting the sender know that it was read (by someone).
These specialized images (called “web bugs”) are unique to each message and tied into a system to detect their usage and log it. These are much more reliable than read receipts because:
- The recipient does not generally have the ability to tell if the sender is tracking if the message was read.
- The recipient does not often have the opportunity to stop the tracking.
as such, these are often used by spammers and legitimate bulk mailers to detect if their email messages are being opened and thus if the addresses used are “good” or not, how effective their messages are, etc.
However, web bugs are not completely reliable because:
- Plain Text Preview: Email systems (like LuxSci WebMail) that allow you to view a plain text preview of messages before fully opening them do not trigger web bugs in preview mode (you can preview and delete with no one being the wiser).
- Suppressed Images: Email systems (like LuxSci WebMail) that allow you to suppress the display of images in email messages will not trigger web bugs even if you open the full message.
- Good Filtering: Good email filtering systems (like LuxSci’s Premium Email Filtering) can detect images that are coded to be web bugs and selectively suppress them … so that opening the message does not trigger the bugs, but you can still see all the normal non-unique images.
While LuxSci provides many options for blocking web bugs, it does not currently support the ability for senders to use web bugs for tracking except via its Spotlight Mailer email marketing service.
Guaranteed Read Receipts
Short of unreliable read receipts and using special software to track with web bugs (which is also not 100% reliable), what can you do to know for sure if someone has read your email message?
Generally, if you send a message to someone and they are free to use their own system/program to open that message, then you can never be sure if a message has been read. The only way to be sure is to control the recipient’s access to the message content so that you can detect if/when it is opened.
One good example of a system that permits guaranteed read receipts is LuxSci’s SecureLine Escrow system. With our end-to-end email encryption system:
- The LuxSci user sends an email to anyone on the Internet.
- The user chooses for a “Read Receipt” to be sent.
- The message goes over SecureLine Escrow (instead of SMTP TLS or some other mechanism).
- The recipient gets an email notification of the waiting secure email message. This notice does not contain your message content.
- The recipient clicks on a link in that notice and logs into the “Escrow Portal” where your secure message is waiting.
- The message is opened and shown to the recipient.
- The Escrow system sees your Read Receipt request and automatically sends you back an emailed confirmation that the message has been read. This is also tracked in the database, so you can view in online reports who has read your messages and when.
SecureLine Escrow ensures that your message is sent securely, that you can get a reliable read receipt, and that you can go back and analyze reports of sent messages and see what happened to them.
Other closed email systems, where the access to the message content is controlled by the system itself, may have similar reliable receipt and tracking mechanisms.