Email – why you might not want to download pictures

One man’s privacy is another man’s paranoia

Most – if not all – email clients and webmail services allow you to choose whether to automatically download images that are included in email messages. They usually also offer fine-tuning that allows you to block images from all senders except those that you choose to add to a “safe senders” list. If you don’t allow the downloading of images then you will be given the choice to download them in each specific email that contains them.

You can, of course, ignore the option. This can cause a problem, though, in that important written content can also be contained in image files, so not downloading the pictures can render the message unintelligible

So why do they offer these options? Wouldn’t you always want to see any images sent to you in emails?

These days it’s more a matter of privacy and security than anything else. When we first had email, everything was a lot slower – from computer speed to internet download speed. Storage space on the computer was also a big consideration. So, in times gone by, it made sense for obvious reasons to choose not to see images. After all, the important bit is in the text, surely? These days, these considerations have largely – if not completely – evaporated with faster internet, faster computers, and increased storage space.

So, why not just turn on the downloading of all images contained in all emails? The important bit may be in the text, but life’s more colourful and interesting with images.

The answer is “privacy and security”. I think that it is slowly beginning to become a mainstream consideration in people’s minds that any (and every?) use of the internet involves us giving away an enormous amount of private information and that there is a huge market in the buying and selling of data about all of us.

And it’s not just the obvious biographical detail such as names, addresses, ages. Thanks to all of the interconnectedness of data on the internet, and the growing sophistication of artificial intelligence, the amount of actual information about us plus the inferred assumptions made about us is staggering and there are, at last, signs that more and more people are becoming worried about the implications.

I really hope so. I hope that we will be putting behind us the attitude of “I’ve done nothing wrong, so I’ve nothing to hide”. I think we definitely SHOULD be worried about the amount of information we give away about ourselves with almost everything we do online. I most strongly believe that the default position should always be a presumption that no data should be “stolen” from us without our explicit consent.

Enough of the polemic (paranoia?). Back to images in emails. When you open an email with an image in it, maybe you assume that the image was directly sent by the sender of the email and that it is just an innocent part of the content of the message. Not necessarily so. The email may have been sent not with an image in it, but with a link to an image.

The image itself may be stored on a computer anywhere in the world. As soon as you open the email (if you are allowing the downloading of images), the link visits that other system to fetch the image. The system storing that image can then record information about you and your visit, including the facts that you have received and opened that email and when you did it. They may also be able to tell your IP address (from which connections can be made with any amount of other information that is for sale about you). And, apart from the value of all this to marketers and data traders, the image link may also cause the downloading to your system of malicious content.

Now, you may be perfectly happy to risk all this, but did the sender even have the courtesy to tell you that the email would contact a third party and, at the very least, record your actions? No, I thought not.

If you want to scare yourself a bit more, have a look at this from StackExchange.com