Superhuman, an email startup betting people who deal with a lot of messages will pay $30 a month for a more organized inbox, has come under fire for not providing privacy by default.
"Superhuman is a surveillance tool that intentionally violates privacy by notifying senders every time their emails have been viewed by recipients," said Mike Davidson, VP at InVision and former design VP at Twitter, in a tweet last week.
"I would never trust this company. Only way to make sure your own privacy isn't violated is to disable images in your own email app."
He elaborated on his concerns over the weekend in a blog post, a few days after the New York Times published a mostly positive review of Superhuman with passing mention of privacy concerns. In the pre-July 4 US news drought, Davidson's concerns stirred up discussion of the latest Silicon Valley attempt to turn commodity technology into a respectable revenue stream.
The Superhuman app is currently available on a limited basis – you have to request access and spend time on a waiting list. Beyond its aesthetic polish, it includes features like "AI triage," "Undo Send," social network analytics, reminders, scheduled messages and the ability to determine whether its messages have been opened – and therein lies the problem.
In the scheme of surveillance tools, Superhuman barely rates a mention. It's not a stingray (IMSI-catcher) that poses as a cell tower to hoover up phone data; it's not a mobile app cynically designed to gather personal info through a social media company or marketing SDK; it's not a website littered with trackers or any of the apps offered for free from Google or Facebook; it's not a Chrome extension designed to spirit passwords away.
It's not actual surveillance software installed by Chinese authorities on the phones of travelers or one of many real-time video systems around the globe that captures public activity for potential law enforcement review.
The company's alleged sin is that the Superhuman email client inserts a tracking pixel in outgoing messages by default. If you were following privacy issues in 1999, you might recall such things were once called web bugs.
"Superhuman calls this feature 'Read Receipts' and turns it on by default for its customers, without the consent of its recipients," said Davidson.
Read Receipts are available to email users through a variety of mail client and browser extensions. But they're generally not activated by default. The standard defense against tracking pixels is to load all messages as text rather than HTML and to tell your email client not to load images by default – provided that privacy function is available.
In Google's now discontinued Inbox app and in its current Gmail for iOS app, for example, there was no way to disable images from loading – which is exactly what you'd expect from a company in the advertising business that wants to make inboxes more amenable to marketers and indulges its data fetish as often as possible.
There are also a variety of privacy extensions designed to counter read receipts and related tracking technologies. The fact that these represents countermeasures against the status quo should give some sense as to pervasiveness of privacy abuses.
Davidson in his post acknowledges there are other services and tools that violate privacy. His point is that email clients should not do this by default and should give control over tracking to message recipients. Apple and Microsoft, not to mention LinkedIn, Signal and Twitter, he argues, have designed read receipts in an ethical way.
Complaining about privacy in this way has a certain charm, like Don Quixote tilting at windmills. It recalls all the privacy complaints that have been brushed aside by marketers since web browsing became a thing in the early 1990s. But it also has value in that it prompts tech investors to defend the privacy-trampling business models they bet on.
There's venture capitalist Gary Sheynkman puzzling over why anyone conducting business via email wouldn't want read receipts and then suggesting people can protect themselves (rather than have the company not do something requiring protection). And Nick Abouzeid, an investor in Superhuman, telling people to turn off images, "otherwise, it's part of the platform and you made your own bed." Then there's Zak Kukoff, an investor at Emergence Capital, declaring this is a phony controversy because consumers will always trade privacy for "advancements in tech."
The tone-deafness is astounding, particularly as legislators in Washington and in Europe appear to be fed up with the tech industry's inability to regulate itself. Silicon Valley's answer to pretty much everything has been "Can we do it?" regardless of the ethical implications. Governments and civil society increasingly are asking "Should we do it?", while confronted with examples of why they should not.
Davidson argues Superhuman should do the right thing and protect privacy rather than contributing to its further erosion.
The Register asked Superhuman to discuss Davidson's observations but we've not heard back. Perhaps the company is choosing to preserve its privacy. ®