I received an email recently from a music promoter that began by thanking me for checking out a song that he had sent as an MP3 link in a previous email.

Maybe I was having a bad day but his email set off little alarms in my brain. He was thanking me for checking it out? Meaning, he knew that I had downloaded the song and listened to it?

He said it so casually. I was not supposed to be perturbed. I was supposed to realize that of course promoters know when you’re downloading their material.

And yet I felt spied on. I emailed him back, not (oops) as politely as I might have, and he answered, a bit irritated, but we kept going and ended up with a friendly and productive dialogue. My eyes were opened to something that they were perhaps rather willfully closed to in the past. Which is this:

Many if not most emails that are sent by companies are not one-way but two-way communication tools. Information is sent to you, and you send information back to the sender. This is standard operating procedure.

And there’s only one little thing wrong with it.

With very few exceptions, these two-way communication tools are disguising themselves as one-way tools. And so they are really less like two-way communication tools and more like two-way mirrors, with recipients sitting here on the exposed side, not realizing there are people watching what we’re doing.

Some may shrug and wonder what the big deal is. I’m a music blogger, people are sending me links, of course they are going to want to know what I’m clicking on.

But you see the issue isn’t that they know what I’m clicking on. It’s that they know but aren’t telling me. If these companies were to state in clear terms at the top of their emails that any link you click on in the email is traceable and trackable, then everything’s cool. I may choose not to click links as a result, or I may choose to. This is my fully-informed decision.

But tracking your behavior without telling you is a breach of privacy. You are being watched and you don’t realize it. Wiretaps are illegal for the same reason.

This is why (now I get it) the links in music industry emails often arrive with extra code attached. The intention at the sender’s end is to be able to know whether each individual recipient has clicked on a link, without specifically telling the recipient that this is happening.

Ironically enough, the promoter who sent me the email that initially alerted me to this problem does in fact let recipients know, at the very end of the email, that the downloads are “monitored.” It’s a fine-print statement that is not very informative and yet this is more than almost anyone else bothers to do who is sending behavior-tracking email.

I can see why this has developed but I can’t see why it’s right.





I’m raising a fuss here because the concept of simple human privacy is taking a beating in the Facebook Age. Despite the self-serving pronouncements of Mark Zuckerberg it is not true that we have collectively changed, on a dime, our views of privacy. They are being changed for us by companies that will profit mightily from this change while arrogantly believing that no one will either bother to or be able to do anything about it. It is disingenuous of Zuckerberg to proclaim some vast sociological insight, based on absolutely zero expertise and 100 percent vested interest.

No, make that: it’s positively scummy of him.

His hubris on the matter will bring him down in the end, without question. He thinks human nature has magically changed in just a few years and yet, ha, the ancient Greeks knew things that he has yet to fathom. I’ve seen the plays, and they don’t turn out well for those who send the needles into the red zone on the hubris-o-meter.

But the problem right now is that Facebook and Google—equally guilty of positioning privacy violation as 21st-century “normal”—appear to be controlling the conversation about privacy. We have to start asserting otherwise. And I begin here in this small way to call out the deceptive, privacy-violating practice of emails that track your behavior without informing you.

In some ways, these emails are even more troubling than the privacy violation going on at Facebook, because by now, as the diagram above indicates, most of us should be pretty aware that any interaction you have with a web site or an app is inherently non-private.

But emails look and feel private. Do we have to adjust our perception there now too?

Look, I understand that sending out emails that track recipient behavior makes perfect sense to the promoters sending them. They can use this data to help them better target their campaigns. The data is also, obviously, helpful in terms of reporting back to clients (record companies and/or independent musicians) about how effectively a song or album has been disseminated.

I understand, furthermore, that some of what the promoters gain from the metrics doubles back as a benefit to us recipients. Promoters use their email management software to target us more effectively—so that, for instance, I only receive tour information related to Philadelphia, as one simple example. More complexly, they can also use my clicking behavior to help them understand what kind of music I tend to respond to, and send me more of that kind, and less of other kinds.

So, okay, the data is valuable. But why aren’t they up front about the nature of the data they are collecting? This is an affliction of the 21st-century online business world. They love the data they can access but would prefer not to admit they are accessing it.

And how ironic: it’s the Zuckerbergs and the Eric Schmidts who constantly assure us that everyone now has to be transparent, that we have to get used to sharing everything with everyone. Well, then: why are companies who collect our data so eager to hide what they are actually doing?

Please understand that I am not comparing most music promoters to privacy tramplers such as Zuckerberg and Schmidt. Music promoters tend not to be as Machiavellian about it. Many of these folks are good people who are simply trying to do a good job.

As such, it is my hope that the better souls out there in the industry begin to think twice about collecting this data without openly informing us. You want your data? Fine. Just tell us what you’re doing.

And not in fine print at the bottom, but in a clear and present statement in the email. Give us the option of giving you your data, or not.

I’m not holding my breath about this, however. The free market is notoriously disinclined to police itself.

This also raises the interesting issue of whether the data is itself only valuable, or in any case notably more valuable, when it is collected on the sly. It is likely truer that way, no question. But do we, as end users, somehow “owe” companies who are trying to sell us things all the information they would ideally like to have?

How you answer that question to yourself will determine how concerned you might want to be about the proliferation of email two-way mirrors and what if anything can be done about it.




Image Credit: Dave Makes