Two weeks back I wrote a blog post about the privacy concerns I have about typo-trap ‘sensor networks’ that are used by Validity for their email analytics platforms. The premise of that post was to state that we believe that knowingly collecting and indexing email destined for another user but whose address was simply mistyped upon entry is wrong. Responses have been mostly positive and in support of our stance, but one type of reply I’ve heard is that this is a sender issue that only affects commercial senders with poor practices. This entirely misses the point, so I’d like to explain.?
These sensor networks are entirely non-discriminatory in the mail they receive, and because commercial senders are more likely to engage in some sort of list hygiene practices, the real privacy risk this poses is to misaddressed interpersonal communication, which is ingested the same as commercial mail. To extend the postal mail metaphor from my previous blog post, no one cares too much if their neighbor peeps at their coupon flyer from a grocery store, but when they look at the personal mail intermixed with it – the note from their doctor, their lawyer, their bank, their child’s school – it becomes an obvious violation of privacy.?
This isn’t theoretical. When we first created our active sensor network (part of our eight data sources), it was constructed similarly to the other deliverability analytics providers and contained pristine, recycled and typo domains. As we began to analyze the information it was receiving, it was clearly problematic and we saw no ethical way to continue that collection. Amongst the expected commercial mail, it also contained significant amounts of deeply personal correspondence. In it, there were emails about a cancer diagnosis, death notices, children’s sports team schedules, photos shared between friends. These sensor? networks not only don’t distinguish between commercial and personal email before processing them–they can’t. By design they ingest any communication sent to them. And because they accept all that mail, the sender never knows they made a mistake, doesn’t know why the correspondence failed. Confronted with this reality we discontinued data collection and no longer accept mail destined for lookalike domains on our sensor network.?
You may say this is no different than when someone misspells the localpart on their address and it goes to the wrong recipient. But the difference is intent. That address wasn’t created solely for the purpose of collecting mail from a misaddressed recipient and it’s likely not managed by a business trying to profit from those mistakes. In the example with typo trap usage, there is a purposeful intent to collect email meant for a real human being. We will never use typo traps as an analytics source because it’s a privacy violation and that’s wrong.?