The irony here is when I went to try to read the article... It asked for my email address. I thought twice, and didn't read the article.

Lol, I hate it too, been using the net since 1994 or whatever and have usernames and passwords coming out of my ears..

Use email aliases! iCloud, simplelogin, etc. Never give your real email address to anyone!

Compartmentalize and use alias if possible.

Saved me the trouble from identifying which services abused my e-mail and kept spamming me.

Why post paywalled articles?

This is why i have a dedicated junkmail address lmao

establish 2 emails addresses. 1 for business and 1 for risk. Has worked well for me.

interesting article on the topic of email address and digital tracking. providesoverview of current state of email tracking and its implications on privacy

Why, though? I can't read the article without giving them my email.

Edit: This wasn't a joke, I actually want to know their reasoning.

Paywalled article about not sharing details. Gold star.

[removed]

See, Comcast? You’re not completely worthless after all.

Everyone already has all your email addresses. You can download them on the 7 seas by the gigabyte. Which is a lot since a gigabyte is 1073741824 bytes and compressed the average email address is about 8 bytes.

[removed]

SimpleLogin is great

Because, they have an account.

[removed]

[deleted]

That's cause the entire article is just stuff everyone already knows and the whole purpose of this article is to make you view ads. Ya know, Iike every "article" on the internet nowadays.

Make it a habit of using email hiding services like anonaddy or duckduckgo email. The older your mail account is more likely you are to end up in some data leak somewhere.

Apple hide my email to the rescue.

[removed]

Do you know who abused it

Yep. This is why whenever I’m checking out and the cashier asks for my email to enter into the system, I always politely decline. “I’d rather not” usually does the trick.

Congratulations, you've won! We'll be opening the door to your cell momentarily, but it'll only remain open for a few seconds! We recommend you use that time to make a quick escape! Thanks for using Invisi-prison, your solution for incarcerating the ignorant! Y'all come back, now!

[removed]

[removed]

One email for "serious" usage like directly email messages and one for registering on the pages. It let you avoid spam in the first one.

setup a dummy account used just to signup for stuff.

I had the shocking revelation recently that a shit ton of people actually don't know how much they are being tracked or the extent that shadow profiles are being built on them.

Really? So you're saying I shouldn't just hand out my info freely?

Gosh! What a cutting edge concept! NYTimes is really onto something here.

Quite late to the party, aren't we?

Like... 20+ years late.

MULTIPLE junkmail addresses here.

The card/gift retailer Moonpig is currently doing user research into whether people who have been sent a gift (the recipient, not the purchaser) will give Moonpig their email address so that they can track the parcel. The prototype I saw had the recipient get a text message saying that they were getting a gift. It provided a tracking link, and then demanded the recipient's email address just to see when the gift would be delivered.

I wouldn't be at all surprised if it became the norm in the future

I've kept my old netscape address for this purpose.

Have levels to it too. Email address 1 is for absolute sus shit. Email 2 is for social media etc. Email 3 is for promos which require sign ups. Email 4 is for same but more legit. Etc.

I want to appreciate this comment, but I truly have no idea what the joke is.

I have a junk email, that literally serves the purpose for signups.

I also have another email that used for things that matter and that one is only ever used when working with official entities.

Then I have a “social media” email that’s just used for shit like twitch and reddit.

Yep. 2 of them I only log in every 6 months or so to keep them active and delete everything there.

[removed]

[removed]

Just create a junk email address. Problem solved.

The need to read the article is the prison, and we're all ignorant of it and thus ensnared. By using the given advice, OP was able to bypass the prison's game-loop and won themselves a chance at escape, if they can find the exit before it closes again.

I'll see myself out.

You need Bitwarden. It’s a life saver!

Joke's on you, my email is pretty much a spam repository now.

I've had to abandon e-mail addresses due to making this mistake. Once you get on enough lists, you'll get hundreds of ads a day.

Use one time email burner services like yopmail

[removed]

I have a dedicated junkmail domain, that way each site can have their own unique email address. It makes for easier blocking and also it makes it easier to see what sites/companies sell your email address or get hacked.

I used to have a dedicated junkmail-address and used the "+" and the website/company for similar purposes as above, but I notice many companies tend to strip the "+"-bit nowadays.

If they have an account they can share (“gift”) the free version. That’s one of the perks.

Another shocking revelation is many people actually do know how much they are being tracked and don't care about it.

I used my real name and current gmail email address on USENET about in 2005.

I forward emails from an old email account that I used on USENET back around 1995.

My real name and current email address appears on a bunch of Wikipedia articles and on digital media that I uploaded to the Wikimedia Commons.

Do not ever do this. Oops too late.

I get the most ridiculous amounts of spam. Google gets a hell of a workout from me, lol.

Which companies have tied to you personally, making it no different than your real address.

The only solution is throw away addresses for every site

10minutemail.org
Sign up, confirm email, cya

That train has left the station, my email is 95% annoying spam already to the point that third party email clients aren't usable because only gmail will categorize all that spam and garbage.

This is why I love my trusty 25 year old AOL email address.

I got hit with the “sign in with your email to read the article” paywall. As an email marketer, this is the funniest thing to happen to me today. I’ve already shared it with my coworkers.

Well, Apple has this neat “Hide My Email” feature. That, along with the “Sign In with Apple” feature are great for privacy.

Spam and scam probably, also some probably try to search on the data breach repository if your email is there and will try to use any leaked info connected to those email

Word. Nancy pelosi is blowing up my Gmail

I think a lot of people don't care about it don't realize just how vast it is. I've had a few arguments with people who were convinced that Facebook and Google were not tracking them because they didn't use their services.

[deleted]

I have a multitude of email addresses that are made for specific purposes. I have a personal email address that only goes out to friends and family and never signs up for anything. I have an official email address for any government related services and never signs up for anything not a government website. I have another one just for gaming and only signs up for gaming related accounts. I have another one just for my bank and only my bank and my email service knows it exists. I have another one for useless fluff stuff, where I don't care about it and it's not synced anywhere but I need to have an email account like pizza restaurant website or something. Then I have the truly fluff account that I hand out to anyone who's asking but I really don't care about their services at all. Need an email address for me to sign up for your store membership card? You get the junk email address.

Compartmentalizing my emails has been a godsend. For the most part it's been near 20 years since I started this and the various mailboxes arely ever get any junk mail except for the two accounts that are specifically designed for junk services... But I don't have them synced to any accounts to constantly pester me with junk mail and no one that I care about knows that they exist so I never have to look at them to try to find important emails anyhow.

I don't know if this is still accurate but for a long while Gmail was set up so that you could have name@gmail as your regular email and then do a "dot alias" to identify where the email came from. So Name.FoodLion@gmail would still deliver to your regular email address but it would show the dot designation. So now when food Lion sells your data to some other company and you start getting non food lion emails using that Food Lion address you know who sold your data.

My uncle own an internet domain and just makes new unique email addresses for when he's forced to give one. He's had some interesting conversations catching local businesses, etc who say they don't give or sell your info away.

That's why I decided to have an email for food apps, an email for bills, and an email for documents to send or receive.

Here's a gifted link https://www.nytimes.com/2023/01/25/technology/personaltech/email-address-digital-tracking.html?unlocked_article_code=ABIEo_3_fpx6HsUg4oeiqKr4gqNRhGy_rRrzsKUrkVIEjvRgAnsSTbjRI7buu6gLu8B9Qnd0bm_Gc0VPafqnfgXtS0hrslFRfRwtK3D2IwPhtloQhLwrTctoctjS_kEbceS9wG9GmnPRI1piNgyM1A-Lqu9zIgInr3WnxAKQ09IHhJ4SPBT-p1DaW89h8q7YSbswM11ny-LSmnNPyY-TGhkY5jlDHqvusUSX-KFYokfEszK0RYpKIJN6iN1cw9bd643Qh4AfZob3rkK_zD84UkIaB4AIABiSomQZJ8GZ6TRoTwREmOQXU79Ftk_GGDW1_pTSFFZg4aUKbqwJgeZwZUtlwpcgzcGXR-dHM_KWEQZbP7_Rj1A3NA&smid=share-url

Most likely because an e-mail allows them to track you, but since it has also been provided to others, it allows for correlation of data to get a more complete picture of who you are. A much more comprehensive picture than you would be comfortable giving to any one organization.

Right now, things that are used for this that I have observed are: phone numbers, email addresses, credit card numbers (scraped when you purchase something), social media accounts, misc web browsing trackers. I wouldn’t be surprised if your phone’s wifi and bluetooth identifiers are also used to track you in large chains or malls.

[removed]

What's even more ironic is The New York Times wants your email address, in part, because they want to use it for advertising practices exposed in this article.

In the advertising world, "leverage first-party data" (i.e., use people's email addresses and other contact info) is a phrase that has been repeated to the point of cliche when talking about how to adapt to the end of the third-party cookie. NYT and all these other sites work with ad exchanges that rely on their signed-in user base to target audiences.

Working in advertising, I don't think it's ever really used for anything nefarious, but I understand why people think it's shady.

My hairdresser asked for my email address. Told her to cut it out. But seriously. I’m not giving my email address to a state run covert ops group that’s infiltrated “just cuts” to get email addresses. Cut it out.

[deleted]

Not for nothing, but Facebook and Google tracking practices are a moot point in the United States. Since 2017, it's been legal for ISPs to sell browsing data in the U.S. (other developed countries rightly prohibit that), so all of their browsing privacy is gone even before they ever get picked up by a Google or Facebook tracking pixel.

I know this is sarcasm, but I do want to make an important distinction: This type of privacy issue doesn't really relate to governmental use. If the government wanted your browsing history and internet activity, they wouldn't really have to go through publishers and data providers.

[removed]

That's not the point here. If your junkmail address is linked to other addresses or data points in an identity graph, advertisers/data providers will still be able to pool you accordingly. The vast majority of this has little to do with bad actors trying to invade your privacy to spy on you; rather, it's about whether or not your presence on these sites can be monetized in some way.

Yes, very true but the arguments I had were specific to Google and Facebook’s practices and that wasn’t within the scope of the conversations. That’s a really good point to bring up though.

It's very likely that, if they are not already, some (if not all) those email addresses will be unified under a singular identifier in some sort of identity graph that is being used for advertising targeting and attribution.

jokes on you idiots, I don't even check my own email address.

[removed]

[deleted]

I'm loving Apple's Hide My Email to make a unique email for each company:

> Hide My Email generates unique, random email addresses that automatically forward to your personal inbox. Each address is unique to you. You can read and respond directly to emails sent to these addresses and your personal email address is kept private.

It's very easy to create a unique email and know if the company sells it because then it will start being used by other companies. I can then filter or abandon that email address and not have my main email address affected.

Welcome to 1992

[deleted]

Private Relay is great too. I hope that others follow suit and produce more products that protect your privacy.

That's shocking? You're literally posting this on a site funded by Tencent and full of telemetry. Imagine the average person.

Try “reader view” if on iOS.

[removed]

I have my own domain set up with an email wildcard so any address followed by @mydomain.net (not my real domain) goes to my inbox. I set up a new address for every website or email list.

I also have email rules to automatically put email in folders or delete it based on what address they send to (or from).

So not only can I see when my address was leaked or sold, I can easily filter it out when it happens.

This is why I think Hide My Email is one of Apple’s most underrated features of iCloud.

The only problem I have is that, gmail app on iOS doesn’t give a notification when an email is received on hide my email address and you need to set up rules so that it doesn’t go to spam

The only problem I have is that, gmail app on iOS doesn’t give a notification when an email is received on hide my email address and you need to set up rules so that it doesn’t go to spam

Where's a NordVPN ad when you need it?

I have more than one.

I constantly have been thinking about a better solution to email providers. Why are we handing them an address anyone can send anything to.

Why haven't we considered a different path that puts the control of what the user wants to see in their own hands.

Why am I unable to provide a unique key or a cryptographic solution to a provider and I am essentially 'adding' them to allow them to send me information about their produce or my account.

Once the unique key or solution becomes compromised I can simply toss out the key associated with my main email manager and move on with my life without getting every piece of shitware junk mail.

Drives me fucking mad.

Wish our healthcare system was more like our ad tech system

And if you have iPhone use hide my email. That way they can’t share it either

[deleted]

Create a throwaway account and share it all you want.

I never give out my email address unless it’s absolutely necessary. My phone number as well.

I stopped shopping at Bed Bath & Beyond because of how pushy they were for me to give that info out. That info was not necessary for me to compete the purchase. Now they’ve lost a customer that would’ve had a high lifetime CV which has shifted to one of their competitors instead.

it simplifies the page into text-only and lets you read the article without a paywall.

I don’t know the technical explanation, but it’s kind of like the reader view “converts” the article before the paywall downloads. It works about 95% of the time for me.

you're really going to like it when you find out apple is doing that to just collect your data and serve you ads when their ad platform is up and running

yeah but unless you're paying cash they have transaction data, name data, location data and then they just tie it to other data they've purchased on you.

Can’t even ask an apartment complex what their pricing is without them asking for you to set up a whole personal profile these days. Just to find out you can’t afford it.

Yeah it was funny. I was able to bypass that annoyance with safari reader mode feature. But good things don't last long.

On the other hand people are wise to it know so it probably doesn't offer the protection it once did.

>it's about whether or not your presence on these sites can be monetized in some way.

So get an adblocker and don't care if they use your email to send you ads you'll never see?

If you use UBlock Origin you can turn off javascript and read the article anyway. This works for many news sites with those "login to read more" popups.

Non-paywalled link, in case you don't want to enter your email address:

https://web.archive.org/web/20230125170505/https://www.nytimes.com/2023/01/25/technology/personaltech/email-address-digital-tracking.html

Very similar here...

Basic stuff...

Basic stuff 2 (when Basic 1 got too busy)

Business 1 (for VITAL business stuff--like data feeds and subscriptions)

Business 2 (for business websites like LinkedIn, WSJ, etc.)

OK, sounds good to me. But how does that mitigate any of the concerns people seem to have with online privacy/tracking?

Screw that, look at what happened with this..

https://thecrow.uk/lastpass-data-breach-is-starting-to-look-truly-horrendous/

>If the government wanted your browsing history and internet activity, they wouldn't really have to go through publishers and data providers.

Sure, but they technically need warrants for official data requests. But why bother with warrants when they have been known to simply buy personal data as a 4th Amendment loophole.

My spam email has a name JUNK BOY.

I get a chuckle every time i read spam emails that start with “Hello JUNK BOY”

That's why Gmail accounts are free and you make 10 of them. A few are for signups and spam. And you get 15gb of cloud for free on each

[removed]

You got your close personal, your personal, your business and work account or two for each depending, your spam account, and whatever else for your needs. Are people rocking 1 account in 2023?

You can self-host Bitwarden and limit it to a local environment. That way, security breaches on their server would mean absolutely nothing to you.

Yes, my parents, and guess who gets to listen to them complain about spam mail and then go in and clean up the mess. When I suggest doing things like this they say "Don't make it complicated. I don't like complicated!" I'm like, "Complicated is me having to clean up your email mess!"

do people just not have a “spam email account” for all this kind of stuff. like I don’t even check it.

email for financial & utilities account stuff email for personal stuff email for work/school stuff email for spam, rewards cards, websites email for online accounts & logins

This is the funniest thing that happened to me today. I have already shared it with my colleagues.

But make sure you share it with NYTimes so they can resolve your online identity and share with ad partners.

i use gmail's "+" and the merchant's name to segment out who's abusing/selling my email address. for sites that don't accept that, i have a "spam@" alias. for companies who won't accept that, i have "crap@". both of those two go directly to spam folder.

This is why i use simplelogin i have 100s of emails address one for each company i deal with no two companies have same email for me.

Your ISP can do the same thing, the sites you visit can do the same thing. At some point your data is vulnerable, the only true way to be safe is to be a luddite and not generate any data at all.

Stuff like Hide My Email is there so you can have some measure of control over who sends you email and it works well for that.

Specifically this: https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/

I created a SPAM email address decades ago. Its still going strong for any random sign-ups.

You said

>The vast majority of this has little to do with bad actors trying to invade your privacy to spy on you; rather, it's about whether or not your presence on these sites can be monetized in some way.

So the vast majority of concerns should be mitigated by an adblocker, according to you.

And if you're that worried about privacy, use a new email for everything you sign up to. With password managers like Bitwarden there's no worry of forgetting passwords, or remembering which password goes with which account.

Don’t worry everyone get one…

The edits on that article say that they upped iterations to 350k. I heard on my fav security podcast that it was 600k (show notes aren’t posted yet, when they are I’ll update this with their reference). If you’re self hosting though your vault is on your own servers.

I'm sorry what you got from my comments was that I'm personally worried about any of this.

[removed]

That's what your yahoo email address is for.

[deleted]

That's not what I said at all, but thank you for confirming you have trouble with reading comprehension.

The actual answer is that privacy is an illusion. The large corporations have known this for a while, and it's all a song and dance until the entire house of cards comes toppling down. Edited to add that my details are smeared all over the internet on purpose. Someone's gotta start the fight somehow.

Just use KeePass and manage your passwords. Upload it to a cloud service and the password database is still encrypted.

It’s not that big a deal to find somebody’s email address. This is not really a thing.

Everyone should have a throw away email or use one of those email anonymizer like built into Apple.

[removed]

[removed]

Fortunately ISPs can only see domain names and not full URLs when HTTPS is used (which is what like 99% of the internet uses at this point).

Same, but I also use 5 different domains to mix things up even more. I also embed creation dates in them and rotate them every now and then to further narrow down when they were sold/stolen.

[removed]

Never share any personal data unless absolutely required to. Never install any app on your phone for convenience as that's the best way to source your data. Turn off all request permissions in your browsers, you don't need to supply that data to anyone.

Same. I have to have a notepad and I write everything in my own mixed up code that’s based off personal life experiences so that no one would ever get it but literally only me.

Sometimes I make it too hard and I forget. :(

[removed]

I have no beef with any particular online password provider. Because I use Keepass with the password file shared on a google drive folder on very limited desktop / laptop computers. I don't use a smartphone.

That, and if you have encrypted DNS and the server you're connecting to uses Encrypted Client Hello (https://blog.cloudflare.com/encrypted-client-hello/), the domain name is hidden too.

It doesn't help if only one site is behind an IP address, but it does help if you're connecting to a share host where many sites can be behind a single IP, your ISP will have a harder time figuring out which site you're visiting.

This post was a great reminder about the importance of protecting our personal information online. Email addresses are often used to create accounts, and it is important to think twice before sharing it with anyone.

We should be aware of how our email address may be used by others, and take the necessary steps to protect our personal information. Thanks for this post! Nice share:
https://interdatalink.com/the-importance-of-technology-in-spotting-security-risks/