Suped

How can I track which vendors share my email data with others?

11 Marketer opinions3 Expert opinions4 Technical articles4 Resources

Summary

Tracking which vendors share your email data involves a multi-faceted approach, with the core strategy being the use of unique email addresses for each vendor. Techniques include using personal domains with extensions, plus addressing (e.g., yourname+vendor@example.com), email aliases via services like SimpleLogin, Firefox Relay, and AnonAddy, password managers that generate unique addresses, and even honeypot addresses solely for baiting spammers. Owning your domain grants maximum control. Some advocate for burner email addresses coupled with virtual credit cards. Monitoring these unique addresses for spam is essential. While some services, like DuckDuckGo Email Protection, offer tracker removal and others, like Superhuman, provide insights into email activity, the fundamental approach remains distinct email addresses.

Key findings

  • Unique Addresses Dominant: The most prevalent method is using unique email addresses for each vendor to isolate data sharing.
  • Domain Ownership Offers Control: Owning a personal domain gives the most control over address creation and management.
  • Alias Services Simplify Tracking: Email alias services streamline the creation and monitoring of unique addresses.
  • Monitoring is Crucial: Regularly checking for spam or phishing attempts at specific addresses is necessary to detect data sharing.
  • Email Harvesting is a Threat: Email address harvesting by companies makes proactive use of distinct addresses for each interaction essential.

Key considerations

  • Implementation Complexity: Managing numerous unique email addresses requires organization and consistent application.
  • Service Limitations: Some services might not support plus addressing or might strip email aliases, hindering tracking.
  • Privacy of Alias Providers: When using third-party alias services, consider their privacy policies and security practices.
  • Proactive Security: Combining burner emails with virtual credit cards adds financial protection against vendor data breaches.
  • Tracker Removal Caveats: Even with tracker removal services, some tracking techniques may still be effective.

What email marketers say
11Marketer opinions

Tracking which vendors share your email data involves employing unique email addresses for each vendor or service. Several methods facilitate this, including using personal domains with extensions, plus addressing, email aliases, password managers with address generation, burner email addresses, and honeypot addresses. Monitoring these unique addresses for spam or unsolicited emails helps identify the source of data sharing. Some services offer features like Email Insights to monitor email activity and potentially identify forwarding patterns.

Key opinions

  • Unique Addresses: Employing unique email addresses for each vendor is the most common strategy for tracking data sharing.
  • Domain Control: Owning your own domain allows for full control over email addresses and simplifies the tracking process.
  • Alias Services: Email alias services provide a layer of abstraction and tracking capabilities without changing your primary email address.
  • Monitoring is Key: Regularly monitoring the unique addresses for spam or phishing attempts is crucial for identifying data sharing.

Key considerations

  • Implementation Effort: Setting up and maintaining multiple unique email addresses requires effort and organization.
  • Service Compatibility: Some services may not support plus addressing or may strip email aliases.
  • Privacy: Consider the privacy policies of alias services and password managers used for generating email addresses.
  • Security: Using virtual credit cards with burner emails adds an extra layer of financial security in case of vendor data breaches.
Marketer view

Email marketer from Reddit shares that they use plus addressing (e.g., myemail+vendor@gmail.com) or domain aliases to create unique email addresses for each vendor. If they start receiving spam at a specific address, they know which vendor shared their data.

January 2024 - Reddit
Marketer view

Email marketer from Email Geeks shares that he changed his gmail.com account to a personal domain (fernandofigaro.com) and created extensions like fbf+service1@fernandofigaro.com to sign up for newsletters or create e-commerce accounts to track vendors that shared his data with others.

June 2022 - Email Geeks
Marketer view

Email marketer from Privacy.com suggests using burner email addresses in combination with virtual credit cards. This approach allows you to not only track which vendors are sharing your email data but also limit financial exposure if a vendor's security is compromised.

July 2023 - Privacy.com
Marketer view

Email marketer from 419eater forum suggests using a honeypot email address to bait spammers. This address is never used for legitimate purposes, so any email received at that address indicates unauthorized sharing or selling of data.

April 2021 - 419eater
Marketer view

Email marketer from Slashdot suggests owning your own domain name. This gives you complete control over email addresses, allowing you to create unique addresses for each vendor and easily track data sharing.

September 2021 - Slashdot
Marketer view

Email marketer from Email Geeks explains that on his personal domain, anything before the @ goes to his mailbox, so he uses a different address for everything he signs up for - normally the name of the service to see if data is shared. He notes that his "main" address has already found its way onto some dodgy lists.

November 2021 - Email Geeks
Marketer view

Email marketer from Mailfence suggests using encrypted email services with unique addresses for different vendors. While encryption primarily protects content, using unique addresses helps identify the source if you receive spam or phishing attempts.

October 2023 - Mailfence
Marketer view

Email marketer from Reddit suggests using a password manager that generates unique email addresses for each site. This approach helps track which services are sharing your email address if you start receiving spam.

November 2023 - Reddit
Marketer view

Email marketer from Superhuman details that their Email Insights feature helps track who is reading your emails and when. While not directly tracking data sharing, it provides insights into email activity that can indirectly suggest if a vendor is forwarding your information.

January 2023 - Superhuman
Marketer view

Email marketer from Stack Overflow explains the strategy of using unique email addresses (e.g., vendorname@example.com) when signing up for services. This allows you to identify the source if you receive spam or unsolicited emails at a specific address.

April 2022 - Stack Overflow
Marketer view

Email marketer from PrivacyTools.io recommends using a combination of privacy-focused email providers, alias services, and password managers to create unique and trackable email addresses for each vendor you interact with.

April 2022 - PrivacyTools.io

What the experts say
3Expert opinions

Tracking vendor data sharing involves using unique email addresses. This can be achieved through tagged addresses, subdomains, or plus addressing. While unique addresses are effective, some data sellers may strip tags or find the data elsewhere. Monitoring these distinct addresses helps pinpoint the source of unwanted emails, indicating data sharing or selling. Email harvesting is common, so proactive use of distinct addresses for different interactions is recommended.

Key opinions

  • Unique Addresses are Key: Using unique email addresses (tagged, subdomains, or plus addressing) is crucial for identifying data sharing.
  • Tag Stripping Exists: Data sellers might strip tags or find your email address through other means, limiting the effectiveness of tagged addresses.
  • Email Harvesting is Prevalent: Companies actively harvest email addresses, often leading to them being shared or sold.

Key considerations

  • Address Tracking Limitations: Despite efforts to use unique addresses, data sellers may circumvent tracking methods.
  • Monitoring is Essential: Continuously monitoring email addresses is essential to detect data sharing activities promptly.
  • Proactive Approach: Employing distinct email addresses from the outset can mitigate the impact of email address harvesting.
Expert view

Expert from Word to the Wise discusses tactics of email address harvesting where companies intentionally acquire email addresses from various sources, which are often then shared or sold. To combat this, it is recommended to use distinct email addresses for different interactions. Monitoring which addresses receive unwanted mail can help pinpoint the source of the leak.

March 2021 - Word to the Wise
Expert view

Expert from SpamResource.com explains that using a unique email address for each vendor is a good method. Using subdomains or plus addressing (if supported by your email provider) can help to filter mail and quickly determine who shared or sold your information if you start receiving unsolicited emails.

May 2022 - SpamResource.com
Expert view

Expert from Email Geeks explains that she uses tagged addresses for everything. She highlights that data sellers don’t respect that and have stripped tags off her address, found it elsewhere, or created fake data for her.

June 2024 - Email Geeks

What the documentation says
4Technical articles

Using email alias services such as SimpleLogin, DuckDuckGo Email Protection, Firefox Relay, and AnonAddy is a recommended strategy to track which vendors share your email data. These services provide unique email aliases for each service you sign up for, allowing you to easily identify the source of spam or unwanted emails. DuckDuckGo Email Protection also removes trackers from incoming emails. These alias services help protect your primary email address and pinpoint the source of data leaks.

Key findings

  • Email Aliases for Tracking: Email aliases enable precise tracking of which vendors are sending you emails and potentially sharing your data.
  • Protection of Primary Address: Alias services safeguard your primary email address from direct exposure and potential spam.
  • Spam Source Identification: The ability to quickly identify which alias is receiving spam helps pinpoint the source of data sharing.
  • Tracker Removal: Some services like DuckDuckGo Email Protection also remove trackers from incoming emails, adding an extra layer of privacy.

Key considerations

  • Service Reliability: Relying on a third-party alias service means you are dependent on its uptime and continued operation.
  • Setup and Management: Setting up and managing aliases for each service requires some initial effort and ongoing maintenance.
  • Privacy Policies: Reviewing the privacy policies of the alias services is essential to ensure they align with your privacy goals.
  • Feature Limitations: Some alias services may have limitations on the number of aliases you can create or the features they offer.
Technical article

Documentation from AnonAddy explains their open-source email forwarding service. You can create unlimited aliases and track which ones are receiving spam, thus identifying the source of the data leak.

November 2024 - AnonAddy
Technical article

Documentation from Firefox Relay explains their service, which allows you to create email aliases that forward to your real email address. If you start receiving spam at a specific alias, you know which site sold your data.

October 2021 - Firefox Relay
Technical article

Documentation from SimpleLogin explains the use of email aliases to protect your primary email address and track which services are sending you emails. You can create a unique alias for each service and easily identify the source of spam or unwanted emails.

September 2021 - SimpleLogin
Technical article

Documentation from DuckDuckGo explains their Email Protection service, which provides a private DuckDuckGo email address that forwards emails to your personal address while removing trackers. This can help identify which senders are tracking you and potentially sharing your data.

May 2021 - DuckDuckGo

Related resources
4Resources

Use of Online Tracking Technologies by HIPAA Covered Entities ...
Use of Online Tracking Technologies by HIPAA Covered Entities ...

The Office for Civil Rights at the U.S. Department of Health and Human Services is issuing this Bulletin to highlight the obligations of Health Insurance Portab

HHS.gov
Protecting Personal Information: A Guide for Business | Federal ...
Protecting Personal Information: A Guide for Business | Federal ...

Most companies keep sensitive personal information in their files—names, Social Security numbers, credit card, or other account data—that identifies customers or employees.This information often is necessary to fill orders, meet payroll, or perform other necessary business functions. However, if sensitive data falls into the wrong hands, it can lead to fraud, identity theft, or similar harms. Given the cost of a security breach—losing your customers’ trust and perhaps even defending yourself against a lawsuit—safeguarding personal information is just plain good business.

Federal Trade Commission
User Privacy and Data Use - App Store - Apple Developer
User Privacy and Data Use - App Store - Apple Developer

The App Store is designed to be a safe and trusted place for users to discover apps created by talented developers around the world.

Apple Developer
Vendors A-H
Vendors A-H

Supplemental Information for Parents About DOE Agreements With Outside Entities

web

Related questions