ProtonMail introduces Tracking Protection feature

Martin Brinkmann
Jan 22, 2022
Email
|
43

Secure email provider ProtonMail launched a new protective feature called Tracking Protection recently. The feature aims to protect users of the service better against tracking attempts.

protonmail tracker blocking
source: ProtonMail

ProtonMail users who use the web interface of the service will notice that Tracking Protection is enabled by default for their accounts. Tracking Protection blocks tracking pixels and hides a user's IP address in the default configuration.

Companies and individuals may add tracking components to emails. Tracking pixels are a common form. A small pixel image is added to the email, and it is loaded when the email is opened. The server the image is loaded from gets information such as the location and IP address of the user and date/time information from the request.

ProtonMail removes tracking pixels from emails automatically. Users are informed about this in the interface. Check the right side of the email header; ProtonMail displays a number there that indicates the number of trackers that it blocked in that email.

ADVERTISEMENT

A click on the icon in the email header on ProtonMail displays information about the trackers that the service blocked. Each tracker is listed with its full address and grouped by domain name.

Tracking Protection changes how remote images are downloaded in emails. The default behavior uses a proxy with a generic IP address to download remote images; this is done to protect the IP address of the user.

Google's Gmail service has a similar feature. Remote images are downloaded by Google servers and not by the user when emails are opened.  The feature protects the user's email address, but it has a downside for some users. Gmail displays the remote content automatically in the email, which means that unwanted content may be displayed automatically.

ProtonMail blocks remote content from being loaded automatically by default, but there is an option to switch the behavior to automatic.

ProtonMail users may configure the two protective features in the following way:

  1. Go to Settings > Go to Settings > ProtonMail > Email Privacy
  2. Toggle "Ask before loading remote content" and "block email tracking".

The first option blocks remote content from being loaded automatically by the company's proxy. Users who want content to be displayed automatically need to toggle "Ask before loading remote content" to off to do so. Note that the setting applies to the web interface and the mobile apps. If you turn it off, remote content is loaded automatically in the web version and in the mobile apps.

You can read more about the new privacy features here.

Now You: how do you handle remote content in emails?

Summary
ProtonMail introduces Tracking Protection feature
Article Name
ProtonMail introduces Tracking Protection feature
Description
Secure email provider ProtonMail launched a new protective feature called Tracking Protection recently. The feature aims to protect users of the service better against tracking attempts.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Uwe said on January 22, 2022 at 9:10 am
    Reply

    Yes, as a ProtonMail user, I got the information delivered from the ProtonMail team as well. ?

    And additionally, ProtonVPN is my absolutely favorite VPN service.

    Using both of them in a bundle.

    1. Hary said on January 27, 2022 at 4:48 pm
      Reply

      Same here.

    1. linuxfan said on January 22, 2022 at 3:38 pm
      Reply
    2. Anonymous said on January 22, 2022 at 9:22 pm
      Reply

      Golden rule, nothing online is private even if the company says it is…

    1. linuxfan said on January 22, 2022 at 3:35 pm
      Reply

      Did you really read that article before posting its link?

      Quote:
      “As usual, the devil is in the details—ProtonMail’s original policy simply said that the service does not keep IP logs “by default.” However, as a Swiss company, ProtonMail was obliged to comply with a Swiss court’s demand that it begin logging IP address and browser fingerprint information for a particular ProtonMail account.”

      So do you really expect ProtonMail to disobey a court order?

      1. John said on January 22, 2022 at 3:55 pm
        Reply

        What about apple and iphone? Why not?

      2. Klaas Vaak said on January 22, 2022 at 5:03 pm
        Reply

        @linuxfan: the issue is not obeying or disobeying a court’s demand; the issue is about misleading its users. It had stated that it does not keep IP logs, which was false. So, before issuing that statement Protonmail should have checked what its legal obligations were. In fact, I am pretty sure it knew, but in order to lure potential new users it went ahead and made the statement.

        Furthermore, in view of the info provided in the other links, Protonmail’s credibility is definitely not what one can expect from an organization that claims to be laser-focused on privacy.

  2. Anders said on January 22, 2022 at 10:58 am
    Reply

    I use the Trocker extension. https://trockerapp.github.io/

    1. Andy Prough said on January 22, 2022 at 5:23 pm
      Reply

      Ok this is totally awesome. Many thanks @Anders.

    2. FanboyNZ said on January 24, 2022 at 4:38 am
      Reply

      Just reviewed “Trockerapp” and it’s nothing special, just installing uBO or using Brave will protect you from email trackers. Avoid unnecessarily adding extensions, and this is another one.

  3. Anonymous said on January 22, 2022 at 11:05 am
    Reply

    Love ProtonMail. But I suspect their fame will make them target for unscrupulous people who will only try to exploit their free subscription.

    1. Klaas Vaak said on January 22, 2022 at 12:43 pm
      Reply

      @Anonymous: in view of the links provided here, it seems clear that the unscrupulous people are within the Protonmail organization itself.

      1. Uwe said on January 22, 2022 at 3:27 pm
        Reply

        Bullshit. Think first before you write stupid nonsense.

        Do you know the complete and profound background why that happened? It’s a rhetoric question cause you don’t.

        Your Facebook-like comments degrades you to a halfwitted wannabe professional.

      2. Klaas Vaak said on January 22, 2022 at 5:07 pm
        Reply

        @Uwe: thanks for confirming the numskull is you, completely unable to refute with arguments someone’s comment. Furthermore, your reply with sewer-like language also confirms that your mindset does not even reach Facebook mentality.

        Get a life and get a decent education, you can only benefit because your education is at the basement of ground zero.

        Have a wonderful day!

      3. Uwe said on January 22, 2022 at 8:35 pm
        Reply

        “Get a life and get a decent education, you can only benefit because your education is at the basement of ground zero.”

        You would be uttermost surprized about my education if you knew, dude.

        Whatsoever… a wonderful day for you too.

      4. Klaas Vaak said on January 23, 2022 at 4:29 pm
        Reply

        @Uwe: coming from someone using sewer language, I am afraid I have to say you would not in the least be able to surprise me in a positive way. Whatever education you claim to have, it still remains at ground zero basement, as your previous comment confirms.

        By all means, keep deluding yourself, dude, that always feels a lot more comfortable for your ilk.

      5. zeo said on January 23, 2022 at 4:45 am
        Reply

        Ah, Ghacks is a breeding ground for people who like to complain about everything, deride everybody else that tries to tell them otherwise, go on and on about how Mozilla is witnessing its downfall, how M$ is an unscrupulous organization that loves tracking you.

        Folks, we get it. Don’t need to stick your nose in every single GODDAMN post on this website. Martin and Ashwin, you guys know this and yet keep the negative reactions to these coming in, so you’re a part of the problem.

      6. Clairvaux said on January 23, 2022 at 10:13 am
        Reply

        Sure. Let the blogmasters censor opinions you don’t like. That will incite more people to read Ghacks.

      7. Klaas Vaak said on January 23, 2022 at 4:30 pm
        Reply

        @Clairvaux: spot on. +1 for you, and for Martin and Ashwin.

  4. some1 said on January 22, 2022 at 11:38 am
    Reply

    “ProtonMail turned over a French climate activist’s IP address and browser fingerprint to Swiss authorities.”

    “After providing the activist’s metadata to Swiss authorities, ProtonMail removed the section that had promised no IP logs, replacing it with one saying, “ProtonMail is email that respects privacy and puts people (not advertisers) first.”

    This whole privacy thing is a joke!

    1. Clairvaux said on January 23, 2022 at 7:17 am
      Reply

      It was not a lone “climate activist”. It was a whole bunch of criminals. They were rightly dragged before French courts, for reasons which had nothing to do about their opinions on the “climate” : trespassing on private property, illegally occupying real estate and assaulting policemen.

      This is a good thing. It’s a good thing they were prosecuted, and it’s a good thing Proton Mail helped it.

      It’s also something all email providers will do, because that’s the law.

      The thugs breaking the law slipped their propaganda on Twitter, and everybody lapped it, including respectable media, including Proton Mail which was very very sorry they had to inconvenience some “climate activists”, because there’s something bad happening to the “climate”, and being “active” against it is a very very good thing, even if serves as a pretext to steal other people’s property and hit policemen.

  5. Tom Hawack said on January 22, 2022 at 1:19 pm
    Reply

    Call to the population :

    “Tracking pixels are a common form. A small pixel image is added to the email, and it is loaded when the email is opened.”

    I’m wondering if choosing the option provided by most email services which is to block email images by default includes pixel images.

    Thanks for sharing your answer :=)

    1. ULBoom said on January 22, 2022 at 4:38 pm
      Reply

      The FairEmail client does that. It has an effect on what is displayed but not the “almost all messages are butchered” effect disabling remote content does.

      I’d be interested in knowing if other email services or clients beside Proton look for tracking pixels. I don’t know of any, haven’t looked extensively though.

      1. Tom Hawack said on January 22, 2022 at 4:59 pm
        Reply

        @ULBoom, I’m not referring to an email service’s feature which would specifically concern tracking pixels, but to the one which proposes to block images, and if the so-called pixel images are included in that blocking.

      2. Yash said on January 22, 2022 at 5:25 pm
        Reply

        Actually in Fairemail client there are different options namely images, reformatting message, tracking pixels etc for privacy.
        As for main question – does tracking pixel come under images category? I would say no. Well I signed up to an undisclosed youtuber and when his mail came on a daily basis, they always included his signature(literally) at the end. Image loading was disabled through email provider, and so it was all good until I saw those mails in Fairemail, that signature part didn’t load and was identified as tracking pixel.

      3. Tom Hawack said on January 24, 2022 at 6:33 pm
        Reply

        @Yash, “As for main question – does tracking pixel come under images category? I would say no […]”.
        That’s indeed what I have in mind. I’ll have to get that clear with the email service.

        What you describe could mean that the signature was disabled by the email provider on the account it was an image, but blocked by Fairemail on the account it included moreover (or before) a tracking pixel. That could mean tracking pixels being blocked by the traditional ‘block images’ feature given they’re included in an image. For what I know most racking pixels are freely independent, hidden among nothing as compared to hidden within an image…

      4. Yash said on January 25, 2022 at 9:31 pm
        Reply

        I think I didn’t explain it properly before. Actually with disabling images on email provider settings the signature part always loaded. But in Fairemail it didn’t.

        It really sometimes puzzles my mind as to how invasive these things are. Some say even opening a mail or even it being sent is enough to track users. I guess that part is a bit over the top but still scary. I consider emails fundamentally broken and so only use them in extreme circumstances.

    2. ULBoom said on January 22, 2022 at 7:59 pm
      Reply

      That’s what FairMail does, best I can tell. I didn’t mean to imply that only the pixel is removed or blocked. The entire image is blocked if it contains a tracker.

      Try this for more info:
      https://email.faircode.eu/

      1. Tom Hawack said on January 24, 2022 at 6:35 pm
        Reply

        @ULBoom, OK. But Fairmail is for smartphones only. I’m experiencing on a PC desktop.

  6. allen said on January 22, 2022 at 2:18 pm
    Reply

    Loading remote content is the default for Gmail, but you can turn it off in the settings.

  7. ULBoom said on January 22, 2022 at 4:53 pm
    Reply

    I leave remote content enabled. Disabled, most messages, especially those with graphics, are unreadable, so I end up turning on remote content often. Videos in email are stupid; it’s easy to turn email into a proxy browser, hence a mess.

    Not all remote content is for tracking or ad serving. I use TBird with advanced config privacy switches and FairEmail for clients in Windows and Android, along with AdGuard and aggressive spam filters.

    I’ve found it easier to make email non-functional with too many privacy switches than browsers. I get some spam but not much.

  8. Andy Prough said on January 22, 2022 at 5:22 pm
    Reply

    Laughing in my coffee this morning reading a bunch of gmail users scream about protonmail complying with ONE court order.

  9. Anonymous said on January 22, 2022 at 6:02 pm
    Reply

    So people are throwing shade at ProtonMail (not undeservedly), but I’m not seeing anyone suggesting better options. Are there any legit email services today that are really private?

    1. Akina said on January 23, 2022 at 10:51 am
      Reply

      Tutanota maybe.

      1. Anonymous said on January 23, 2022 at 11:30 am
        Reply
      2. Klaas Vaak said on January 23, 2022 at 4:41 pm
        Reply

        @Anonymous: thanks for that link because I actually ditched ProtonMail for Tutamail. But, as the article says:

        “And even then, it will only deliver any unencrypted emails that are present, because Tutanota is not able to decrypt users’ emails that apply end-to-end encryption, which is entirely under the user’s control, not Tutanota’s.”

        I am aware that only email messages between 2 Tutamail accounts are encrypted, so all mails between my Tutamail account and non-Tutamail accounts are freely accessible even without a court order.

        Still, this is so far the only article about Tutamail’s privacy I have seen, whereas Protonmail is involved in more privacy issues, incl. egregious ones.

  10. VioletMoon said on January 22, 2022 at 7:05 pm
    Reply

    “Tracking pixels is [grammar correction–tracking is the subject] a common form.” Learning more each day; didn’t know about the pixel tracking. Crazy–The mass of tech corporations earn a living in some desperate ways.

    1. ULBoom said on January 22, 2022 at 8:11 pm
      Reply

      In US. Other versions of English don’t seem to recognized collective nouns.

      “My herd of cattle were inside the fence before it came down.” Yuk.

  11. Jax said on January 23, 2022 at 10:19 am
    Reply

    That incident was because senior members of French government personally targeted that activist because the activist attacked the members of their parliament, their families and their homes. So basically they received terrorist level labeling. They went to highest levels of French Interpol and they fired it to EUROPOL in Switzerland and got it done through subpoena straight through the High Court so when ProtonMail had received it, they had absolutely no way to challenge it. It was basically labelled as ‘terrorism’ straight from High Court and bypassed everything. They handed over all the data they had on the account which was useless encrypted data because ProtonMail does not store keys, but the activist in question was stupid enough to use his unfiltered IP from his home address as his last login so they just traced his IP and knocked on his door.

  12. FanboyNZ said on January 24, 2022 at 4:44 am
    Reply

    Since feature. If you’re Protonmail, Gmail or other webmail app just using uBO or Brave (or any extension using Easyprivacy) will protect you against email trackers.

  13. Tavia said on January 27, 2022 at 7:16 pm
    Reply

    That’s very interesting. Those tracking pixels are what I suppose LiveIntent puts in emails I subscribe to from a newspaper. I really have been bothered when LiveIntent ads mention the city where I am; it is creepy and violating. Recently I signed up for an anti-spam forwarding service and changed my email address with the newspaper newsletter to it. I have not since seen ads mentioning my location, so I am glad but do not know exactly why that happened. Big benefit.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.