Can it be that my ISP is reading my emails?

[amauri]

Yesterday I exchanged emails with a friend and we talked about piston rings for a motorcycle engine project.
Today I received junk mail from Mahle piston rings.
I have not searched for piston rings in years, and I clear my browsing data & cookies frequently.

I realize that it is legal for an ISP to sell my browsing history to third parties, but the data in my emails...
Or could it just be a coincidence and I'm just paranoid.

 

[mountainears]

Yesterday I exchanged emails with a friend and we talked about piston rings for a motorcycle engine project.
Today I received junk mail from Mahle piston rings.
I have not searched for piston rings in years, and I clear my browsing data & cookies frequently.

I realize that it is legal for an ISP to sell my browsing history to third parties, but the data in my emails...
Or could it just be a coincidence and I'm just paranoid.

Quite likely. Who hosts your email? I’m guessing you’re not paying for it, just remember, nothing is free.


Sent from my iPhone using Tapatalk

 

[Brutal_HO]

More likely your browser history.

Then a free email service that will tie your browser login/cache/IP history to your marketing fingerprint, which is going to include your email address.

 

[silver billet]

If you're using IMAP over TLS or SSL then your ISP cannot read your email unless your ISP also hosts it. If you're using webmail from gmail/hotmail/protonmail etc, then no they can't read that either.

If you're using plain old unencrypted IMAP or POP then yes they could in theory intercept the data and read it, though whether they're doing that or not is a different story.

 

[amauri]

Thanks, that makes sense.

For years I've been using Outlook configured with POP3 and SSL/TLS, with the mail server hosted by AOL.
A few days ago AOL decided to change it's password encryption and would not allow me to download email to my Outlook.
I was forced to temporarily use their webmail app, and that is when the "spying" began.

 

[Docwagon1776]

That's how free email services make money. If you aren't paying for a product, you are the product.

 

[silver billet]

Thanks, that makes sense.

For years I've been using Outlook configured with POP3 and SSL/TLS, with the mail server hosted by AOL.
A few days ago AOL decided to change it's password encryption and would not allow me to download email to my Outlook.
I was forced to temporarily use their webmail app, and that is when the "spying" began.

AOL is probably reading your email and marketing it. Same with gmail/hotmail. They're hosting the content on their servers so doesn't matter how you access it (pop/imap over ssl, webmail, outlook etc) they can read it. Most ISP's couldn't be bothered especially if they're small operators, but again they absolutely can't read it anyway if you're using some form of encryption which you said you are.

 

[amauri]

"

That's how free email services make money. If you aren't paying for a product, you are the product.

I get that nothing is free, and I agreed to let them use my browsing history as they wish.
But if they are reading the contents of my emails, and I'm just supposed to accept that and let it go... then what's next?

What would you do if you found out that your neighbor has been opening your mailbox in front of your house, reading your mail, and selling the info to all the businesses in your town?

 

[silver billet]

I get that nothing is free, and I agreed to let them use my browsing history as they wish.
But if they are reading the contents of my emails, and I'm just supposed to accept that and let it go... then what's next?

What would you do if you found out that your neighbor has been opening your mailbox in front of your house, reading your mail, and selling the info to all the businesses in your town?

You can switch to an email provider that guarantees privacy and security. Most of those have free plans but have drawbacks like low storage.

I've used protonmail for a while, it's one of my favourites for anything important:

ProtonMail vs Gmail: The Ultimate Comparison Guide

Gmail and ProtonMail are both great email providers, but they're very different. Learn the differences with this ultimate comparison guide.

kinsta.com

But note that email is two way, meaning, even though protonmail doesn't sell your information, if you're using proton to send to a recipient who uses gmail, then google still has access to those emails you've sent to gmail/google.

Not much you can do except encourage others to switch, or use Signal instant messaging where nobody (even Signal) can read your messages other than you and the recipient.

 

[silver billet]

What would you do if you found out that your neighbor has been opening your mailbox in front of your house, reading your mail, and selling the info to all the businesses in your town?

I get your point, but the analogy is not all that accurate which is where part of the problem lies. A better analogy is: your neighbour has a business sending and receiving mail for free, no postage required. You ask him to send and receive your mail, and he says "sure, but the catch is I get to read your mail and do whatever I like with whatever information I obtain". You agree. That's aol/gmail in a nutshell.

 

[amauri]

Thanks for all the helpful details.
I've been very naive in thinking that my emails are private.

 

[Docwagon1776]

"


I get that nothing is free, and I agreed to let them use my browsing history as they wish.
But if they are reading the contents of my emails, and I'm just supposed to accept that and let it go... then what's next?

What would you do if you found out that your neighbor has been opening your mailbox in front of your house, reading your mail, and selling the info to all the businesses in your town?

I didn't agree to let my neighbor read my email. You did agree to keyword advertising as a function of using their service. Your terms of service include this, or some variation of this:

“We’ve updated how we collect and use data. We’ve updated some of the ways we collect and analyze user data in order to deliver services, content, and relevant advertising to you and protect against abuse.
This includes: Analyzing content and information (including emails, instant messages, posts, photos, attachments, and other communications) when you use our services. This allows us to deliver, personalize and develop relevant features, content, advertising and services Linking your activity on third-party sites and apps with information we have about you ...”

They are not "reading" the contents of your email. They don't care about you or your email in the slightest. They are using an algorithm via software to scan for key words then personalize advertisements to you. This is how they make money to provide you the service. Any free service you use, from Google search engine to terrestrial radio is free because of advertising, data mining, or both.

If you don't wish to agree to those terms, don't use their service. Simple enough.

 

[Will_T]

On a related note, my wife, on her own computer, did some research looking for historical information on a stuffed chair she bought at a 2nd hand store. I never use that computer and do not share any accounts or anything with her. The only think in common I guess might be the same router/ip address gateway to the internet? Anyway, shortly after she did this research, I started getting targeted ads on my computer for upholstered chairs and recliners, furniture stores, etc. So Google made the connection from me to her searches on her own computer somehow.

I suppose Google may have made a connection sometime in the past that she and I were married. So, they show ads to both of us figuring that if one person is searching information on chairs, the other person will also be interested.

 

[Docwagon1776]

On a related note, my wife, on her own computer, did some research looking for historical information on a stuffed chair she bought at a 2nd hand store. I never use that computer and do not share any accounts or anything with her. The only think in common I guess might be the same router/ip address gateway to the internet? Anyway, shortly after she did this research, I started getting targeted ads on my computer for upholstered chairs and recliners, furniture stores, etc. So Google made the connection from me to her searches on her own computer somehow.

I suppose Google may have made a connection sometime in the past that she and I were married. So, they show ads to both of us figuring that if one person is searching information on chairs, the other person will also be interested.

IP address based.

Google and the others have assigned you the equivalent of a client ID if you have an account or not. They may or may not know who you are in reality, but again they don't care, you are just a faceless advertising receiving revenue source. If there isn't enough info, or anything relevant, to serve up then you'll get geo fenced advertising. Anyone with an IP in that given region will get the ads. I get a lot of Spanish language ads and some Portuguese language ads just due to hooking up at hotel wifis abroad, searching for lodgings, etc. for several months once I return to the US.

You can always test it by using another browser and/or incognito browsing to see if it's cookie based, account based, geo based, or random happenstance. This site is advertising "temu" to me, some online junk chinese website regardless of browser, for example.

 

[mountainears]

Also along the same lines of IP addresses. They have a unique identifier for you as was mentioned, and your wife. But likely your traffic is originating from the same Ip address since you’re on the same network. They can then associate the two of you together as a result.

Lots of algorithms at play. One of the scariest examples I heard at a data scientist conference was a person who complained to a big box store that their 14 year old daughter received a coupon book in the mail for expecting mothers.

After complaining to the managers it was learned that this store will data mine the shopping habits of newborn mothers and look for common threads months before they gave birth so they could start targeting advertising better.

Well it turned out it worked, by the time the dad found out this news he also found out his 14 YO was indeed pregnant.


Sent from my iPhone using Tapatalk