How do you know if someone has read your email message?

Has your recipient read the email message that you sent to them?

Has anyone else read the email messages you sent or saved in your online email folders?

We are often asked how customers can verify if an email that has been sent has actually been read or if they can detect if messages have been covertly read (e.g., by the NSA). The quick answer is that:

1. You generally can never know unless you plan on it ahead of time or use a system that includes read tracking as a feature.
2. Concerning your ISP or the government reading emails, you cannot ever know. All you can do is implement encryption mechanisms to prevent them from reading the messages altogether.

In this article, we will discuss what measures you can take and how effective they are for determining if an email message has been read. The simplest and most generally available methods are the least reliable.

How to Tell if an ISP or the Government is Reading your Email

Many customers have asked us if it is possible to tell if emails have been accessed or read by someone at their ISP or by the government.

The answer is — you can’t tell. Why?

1. When you get down to it, email messages are simply files on a disk or in a database. Anyone with access to the raw files or databases can read the raw email message content without leaving any digital fingerprints you can see when looking at your messages.
2. Any high enough level system administrator at your email service provider will have access to the raw content of your email messages. These people can technically read this raw content or give it to other people or organizations.
3. There may be system-level log files that indicate who has accessed what and when, but usually, this data is not granular enough to indicate access to specific files. These logs are only available to high-level system administrators, not customers.

So, you can’t know if your raw email data has been accessed, read, or distributed.

What can you do to protect your email?

As it’s impossible to detect if messages have been inappropriately read, the next step is protecting the message contents. First, you should know the policies of your ISP. Even if they divulge access to the raw messages, the contents can be protected with encryption techniques.

Privacy Policies

Trust in your email provider comes down to privacy policies and controls. For example, under HIPAA (the legal framework for health care privacy), organizations establish contractual relationships with their email providers where these providers ensure the privacy of their sensitive email data. E.g., that it will only be accessed by administrators as needed for business functions (e.g., to help you or to resolve a service issue), and they will not disclose any of that information to others in any inappropriate ways.

Read your provider’s privacy policy and see if it is sufficient for your needs.

Encryption Options

A good privacy policy does not prevent access by some individuals. It also usually does not prevent access due to legitimate governmental requests. So, if these are a concern, you need to go further. Email encryption is probably the best option. If the content of your email is encrypted while stored on disk, then even raw access to these messages does not expose their actual content unless the person has the decryption information.

By keeping the password to the encryption keys to yourself, and there is no copy of that at your email provider, those encrypted messages are much safer. If the encryption keys are also not located with your provider, they are safer. Using PGP or S/MIME with keys stored only in email programs under your control (and not at your provider, where they could provide more convenience with less absolute security) provides an excellent means of protecting your email data from ISP and governmental view.

See also: Ensuring all Data is Encrypted at rest with LuxSci

Recipient Read Receipts

The most basic way to determine if your recipient has read your email message is to use a “Read Receipt.” Most email programs and WebMail systems support the concept of a “Read Receipt.” These work as follows:

1. The sender chooses to add a “Read Receipt Request” to the email message (this adds a special extra “Disposition-Notification-To” to the email header of the message). This is done through a button, checkbox, or preference in your email sending program.
2. When the recipient opens the message for the first time, the recipient’s email program sees this request and works with the recipient to determine whether or not a receipt should be sent back to the sender.
3. If a receipt is sent back, the sender gets a short email indicating that the recipient has read the message.

This system is straightforward and very unreliable because:

1. The sender must actively choose to ask for a read receipt, though usually, there are preferences that allow requests to be sent with every message so that no manual action must be performed.
2. The recipient’s system must support read receipts. Some do not, and those will never send you back a receipt.
3. Systems that do support them generally allow the recipient to choose if receipts should always be sent, never be sent, or ask the recipient each time. The system may never send receipts, or the recipient may choose not to send you one.

With read receipts, you only know if a recipient has read the message if a receipt is received. But, not getting a receipt doesn’t mean that the message has not been read! LuxSci WebMail supports the use of Read Receipts for sending and receipt of emails and allows the sender to choose when they are requested and the LuxSci recipient to choose if and when they are responded to the sender.

Web Bugs and Message Tracking

When someone opens an email message that contains images, and other content, the reader’s email program will usually download these images and such from the internet to display them.

Of course, downloading an image from a website generates a trail, and if someone is looking at that trail, they can see that someone downloaded the file and when (and what IP address was used, and other things). Finally, if the address used for that image is unique to the email message opened, then opening the message and downloading that image is equivalent to letting the sender know that it was read (by someone).

These specialized images (called “web bugs”) are unique to each message and tied into a system to detect and log their usage.     These are much more reliable than read receipts because:

1. The recipient cannot generally tell if the sender tracks if the message was read.
2. The recipient does not often have the opportunity to stop the tracking.

As such, spammers often use these to detect if their email messages are being opened and thus if the addresses used are “good” or not, how effective their messages are, etc.

However, web bugs are not entirely reliable because:

1. Plain Text Preview: Email systems (like LuxSci WebMail) that allow you to view a plain text preview of messages before fully opening them do not trigger web bugs in preview mode (you can preview and delete with no one being the wiser).
2. Suppressed Images: Email systems (like LuxSci WebMail) can suppress the display of images in email messages and will not trigger web bugs even if you open the entire message.
3. Good Filtering: Good email filtering systems (like LuxSci’s Premium Email Filtering) can detect images coded to be web bugs and selectively suppress them so that opening the message does not trigger the bugs. The other non-unique images will appear normally.

Guaranteed Read Receipts

Short of unreliable read receipts and using special software to track web bugs (which is also not 100% reliable), what can you do to know if someone has read your email message?

Generally, if you send a message to someone and they are free to use their own system/program to open that message. However, without access to their systems, you can never be sure if it has been read. The only way to be sure is to control the recipient’s access to the message content so you can detect if and when it is opened.

SecureLine Escrow

One good example of a system that permits guaranteed read receipts is LuxSci’s SecureLine Escrow system. With our end-to-end email encryption system:

1. The LuxSci user sends an email to anyone.
2. The user chooses for a “Read Receipt” to be sent.
3. The message goes over SecureLine Escrow (instead of SMTP TLS or some other mechanism).
4. The recipient gets an email notification of the waiting secure email message. This notice does not contain the message content.
5. The recipient clicks on a link and logs into the “Escrow Portal,” where the secure message is waiting.
6. The message is opened and shown to the recipient.
7. The Escrow system sees the Read Receipt request and automatically sends you back an emailed confirmation that the message has been read. This is also tracked in the database so that you can view the logs in online reports.

SecureLine Escrow ensures that your message is sent securely, that you can get a reliable read receipt, and that you can go back and analyze reports of sent messages and see what happened to them.

Other closed email systems, where the system controls the access to the message content, may have similar reliable receipt and tracking mechanisms.