I don’t know if this has always been the case or not, but I found a very worrying “feature” of Google’s popular Gmail service this evening, one that should make you very concerned about your privacy if you’re also a Gmail user:
It appears that Gmail logs all external links you click on that were embedded in your email messages.
Yeah, that’s a problem. That’s a big privacy problem.
Let me show you what I noticed when I received an email from the Hilton Honors program that had what appeared to be a very innocuous link within.
First, the message:
Innocuous enough, right? Notice within the link to “hiltonhhonors.com”. I clicked on it and was surprised to see that the new tab opened in Firefox showed a Google URL for just a fraction of a second, rather than the Hilton URL which ultimately was displayed.
What the heck?
I tried a bunch of ways to capture it and finally just got a quick screenshot in. Here’s the URL:
A second later, of course, the URL was as I expected:
Was Gmail rewriting the messages, I wondered? Turns out that’s darn hard to ascertain because of how Gmail uses AJAX to present messages. I finally used “File” –> “Save Frame As…” to get to the source code:
As you can see, it’s clean, there’s nothing odd or suspicious going on. Therefore the logger must be associated with some sort of “OnExit” event, buried deep in the JavaScript of the Gmail system. I got lazy at this point, I admit, and didn’t poke around any further.
Needless to say, this is highly concerning to me, as someone who has been using Google Gmail for years, and has brought literally hundreds of other people into the Gmail fold.
Google, can you tell me exactly what’s going on here?
Thanks for sharing this. I was thinking about a similar concern re: Google’s Calendar program. Not too much of a jump to mash some code linking Calendar w/Street View, etc.
On the one hand, I love the integration and the functional stability of their software. On the other hand, I know others who are very, very concerned about the trade-offs they make wrt “convenience vs. privacy”.
But, isn’t this similar to Microsoft’s routing email messages through their servers, a few years ago, with Hotmail & Outlook?
Interesting privacy issue. I’ve seen Google tracking URLs in some of my Google Alerts lately but have yet to pin down the rhyme / reason.
Hey Dave,
I suspect that what you are seeing is a “feature” of Google’s Page Rank and Toolbar. They’ve got a global history of your activities – if you’ve enabled it.
Here’s a good article.
http://www.hackszine.com/blog/archive/2007/04/google_web_history_give_google.html
If this is the right answer, I’ll look forward to your tweets on the subject!
Cheers,
Tim Junck
http://IMGIGClub.com
Interesting possibility, Tim, as I do have the Google Toolbar installed in Firefox, my main web browser (and the one I used to analyze the link tracking problem). If this is the situation, I’d still be disturbed that the links are being tracked, but I’d like to get a definitive yes or no from the Gmail team about whether this is their doing (I’ve gotten emails from others saying that they’ve noticed this sort of behavior in Gmail too) or whether it’s part of Google search history (which shouldn’t’ be logging this non-search transaction) or the Google Toolbar (which should have a clearly visible item in Preferences that says “Track sites I visit”)
I’m surprised, but only that this surprises you. 🙂
GMail is already doing extensive analysis on the content of your email in order to provide contextually relevant ads. That they should be click tracking seems a small, logical and to me at least, unsurprising step. They seem equally invasive, or not.
I don’t consider it a privacy issue in the larger sense. Let’s face it, what links *you* your *I* specifically click on is uninteresting to Google, because you and I, as individuals just aren’t that interesting to Google. However the aggregate data of millions of users clicking on certain links they get in email is. If a bunch of people get a link in email and click on it, that tells Google something: whatever’s at the other end of that link has people’s interest. That, in turn, affects Google’s concept of “relevance”, and is additional data to improve Google’s search engine results.
Now, absolutely, the in the *strictest* sense Google is taking information about your email and your email actions and doing “something” with it, and that’s exposure and a breach of your privacy – again, in the strictest sense. I don’t see how it’s any different than letting your email pass through their servers in clear text, or letting them know which emails you forward or delete. They have the opportunity to read and see and collect so much more than what links you click on it isn’t funny.
Do they? Who knows.
If this were Microsoft, of course, this would be front page news and rampant hysteria. People still trust Google. Google has an opportunity for much greater transparency than Microsoft every gave to retain that trust.
But I just don’t see how this is a real issue if you trust Google with your email to begin with.
Remember, there’s no such thing as a “free email service”. There’s a cost, be it ads or data collection.
Finally: you can avoid click tracking completely by using a POP3 mail client to download your GMail and read it in a desktop mail application, or use another free email service’s POP3 retrieval to do same on the web.
Leo
http://ask-leo.com
I too suspect that Google uses this information to their own advantage. Gmail is free, but clearly the Google-clan is anything but altruistic. They will monetize whatever they can. No doubt, the information they glean from Gmail will show up in some $/click scheme.
Dave, I noticed this some time ago. It bothered me for a while, but I realized that they had all the links in my email anyway. Of course, click tracking is a little more invasive. However, I also stay logged into my google account most of the time anyway, so it seems likely to me that if a website is using google analytics (and many are) that Google can see what I click on anyway.
I start to wonder if I cam giving up too much on online privacy.
Dave,
Google covers this in their privacy pages:
http://www.google.com/privacy_faq.html#urls
This is done by the toolbar, and that policy is here:
http://www.google.com/support/toolbar/bin/static.py?page=privacy.html&hl=&v=4.0
and it looks like this is part of the “optional features” of the toolbar (safe browsing, web history, etc.).
Hmm, I actually don’t remember a point where Google *didn’t* do that in Gmail, and I’ve had my account since July 2004. Granted I’ve probably just overlooked it for so long that it seems like forever.
My guess is it’s ad-related, as others have surmised.
Stephen, I just read the Toolbar privacy page and still can’t see where it says that it’ll log everything I click on if I enable an “optional feature” of the Toolbar.
For the record, the only optional features I have enabled currently are Bookmarks, Autofill and Autolink, described as: “Store your favorite web site links…”, “Fill web forms with a single click” and “Automatically link street addresses to maps”. Which of these three is saying “please log every page I visit when I’m using my browser?”
Yes Dave,
I noticed this too recently.
We accept that, to have the free tool that is
hyper-featured Gmail, we will be served adsense in our own mailbox, before the damn thing is even opened.
But Seeing that every link I click on routes through gmail/google tracking (and is likely measured against keywords in the mail),
is behavioral targeting where I live.
The folks in Mountain View, can proudly
post a Transgender Day on the main Google Blog,
and scream “we’re all Lefties”
But they’re making the Patriot Act look like
a responsible Den Mother.
simple redirects are prolific for capturing clicks. frankly, I’m shocked when it’s not the base case :-). it’s best just to assume every link you click on is tracked. if you’re concerned about privacy implications, right-click each link before clicking on it, copy the link, and paste it into the URL bar to ensure where you’re going is where you want to go, and that no-one’s in-between.
two powerful tools to get under the hood for stuff like this:
– Live HTTP Headers – https://addons.mozilla.org/en-US/firefox/addon/3829
– HTTP Watch – http://www.httpwatch.com
Dave,
Do you think that Google really gets that much more information on you from your email than it already has through your search behavior and use of their other properties like maps and calendar?
I used to be troubled by this tracking in gmail too, but once I realized how much other information they had, I stopped worrying about it.
Google has every single word of every email you have ever sent or received from the moment you first logged into Gmail.
This is cloud computing.
To notice that they’re also gathering your click behavior, fine. But it’s needle in the haystack time at that point.
Best,
DJ
As mentioned before, I am surprised that you are suprised.
But then again, you could consider this “finding” to be the lesser evil. Or you would prefer to have “silent” link tracking e.g. GA style?
I mean what’s the difference if bitween tracking wit a redirect and “silently” with JS? Would anyone tell the difference?
Not to mention that JS tracking is much more efficient than “raw” tracking with redirects — browser, OS (if not faked), screen resolution, colors, tabs, exact positionof the pointer, scroll offset, probably some other user related stuff.
Slightly offtopic: “copy link location” and “view selection source” could be also usefull when it comes to viewing small fragment source or links.
Another aproach could be FireBug
@Jud, redirecting is done old school — meta redirect, not http header 😉
@Leo, @Manish, I couldn’t agree more.
Now to answer the question: “exactly what’s going on here”.
1) Anti fraud links — using Google’s link proxy could avoid phishing links e.g. Google search style;
2) User tracking, though there is no point in that, since the link has already been altered by JS;
3) Various other statistics.
Honestly, if one wants safe browsing, this would mean turning off scripts, flash, applets, cookies, styles on some occasions — but without them the joy of browsing goes away.
Now let’s lookit from the other side — did you tell your visitors that you are tracking them? I suppose no, but you do it. Surely, you don’t use all the gathered information, but you still track it. Including links I clicked around the site.
What’s the difference bitween you tracking my behaviour on your site and Google tracking your links in the mail?
Let it slide.
Hey guys,
I was concerned about for a long time, but really didn’t care to look for any reason/ solution. But today I just simply wanted to see if at least there is one other soul out there who has this same issue.
As the commentors explain this may be due to one of following things, right?
1. Google Toolbar installed
2. Web Search History enabled for login
First of all, I guess you all came to conclusion that it’s Google Toolbar since you all use it; But, I’m not! – Yet, I get the redirected links in my email messages. (I use a beta version of Win7 with bare minimum software: No FF, No toolbars, just the default browser with no additional plug-ins)
On the second point, I checked my web history at http://www.google.com/history, it clearly mentioned “Your web history is limited to searches”. (well actually if one ‘wants’ google to keep track ‘everything’ they do Google toolbar has to be installed. but again, I already explained that I haven’t installed it yes.)
Coming to the ‘trust’ factor – do you keep believing your usual gas station after you’ve once found that they are serving kerosene instead of gas? – get real!
I’m really trying not to arrive at any conclusions, but looking for someplace where I see some response from Google. – Gmail support didn’t help much.
We’ve been having fun with this for months. Sending messages back and forth with different combinations of words that have nothing to do with anything to see what ads would appear with the message.
Then we found if you use txt mssg shrthand u kin git awl kynds of strange ads opearin on ur gmale.
I just came across this after a google search, and wanted to point out something, which in addition to allowing them to track clicks actually offers a benefit to you:
Whenever you click on a link in a page, the page you go to gets in the request a header called “HTTP_REFERER.” This header tells the destination server what page you’re coming from. In some cases, it can contain a security token or similar, which could be used to hijack your gmail session, if it’s used right away. When request goes through a redirect, such as Google implements with gmail, that header is not sent with the request, meaning that the destination server will not be able to tell where you’re coming from. This is much better for security.
As for Google “hiding” this functionality “buried deep in the JavaScript of the Gmail system,” attaching onclick handlers after the page loads is much more efficient both bandwidth-wise and server-capacity-wise than rewriting each and every message to include the redirect. The same thing happens whenever you do a Google search – your search result links go directly to 3rd party sites, until you click on them, at which time the href is hijacked to point to Google’s redirector, which sends you on to the 3rd party site.
If you don’t like it, don’t use Google. The Internet would be a much better place if people refrained from blogging about things they don’t understand.
Really, Aaron, that’s your solution? If you don’t like it, don’t use it, and stop blogging about it because “you don’t understand”? No customer feedback, no point in sharing with other users something that is potentially of concern? Then you can no doubt explain to me how it is logical for you to come to this blog, read the comment and complain about it? Ah well, at least you’ve added an informative and interesting note before your amusing wrapup. 🙂
Sure, customer feedback is great – but did you actually email Google about it? Did you expect them to come to your blog and answer your question? Sharing concern is all well and good too, but accusing Google of “hiding” things in their Javascript, and “tracking” your links is disingenuous. The things they’re doing are pretty standard these days, and it legitimately helps them track the interests of their users, to better rank search results and target ads. It also helps protect your privacy by hiding your HTTP referrer from the destination server.
My last comment was a bit over the top, and for that I apologize, but it seems to me that your post was more about fear mongering, than about genuine curiosity as to what Google was doing.
Googles behavior becomes worse and worse. Those privacy argues with google earth – now tracking users activity…