A Few Words on Web Bugs
It has been widely reported that HP used an email tracking service as part of its now-infamous leak investigation. The service, offered by a company called ReadNotify, inserts a tiny bit of HTML code into an email message that reports back to the sender when the message is opened. HP investigators used the software -- commonly known as a "web bug" -- to trace emails sent to CNET reporter Dawn Kawamoto. Web bugs have long been employed by email marketers and spammers to determine if a particular email address is active and whether a particular message has been opened by its recipient. ReadNotify simply takes this technology one step further and allows any sender to imbed a bug in any message to track the results. Under the Anti-Spyware Coalition's definitions, web bugs qualify as a Passive Tracking Technology that can be used for good or bad, depending on the level of notice, consent, and control provided to the user. The legality of HP's use of the ReadNotify service is unclear. Several laws may govern the use of web bugs, including the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, and state wiretapping laws. Hopefully some of the legal questions surrounding this issue will be resolved as investigations into the HP scandal progress. In the meantime, consumers should take a look at their email software's documentation to learn about how to avoid bugged emails. Many popular email clients in use today provide ways to block messages from loading HTML automatically, allowing users to read messages in plain text, minus the bugs.