A Cursory Look at Personally Identifiable Information in Retail Email Campaign Links
Recently I’ve made a habit out of reading my email subscriptions. Occasionally, I even click on the links. After clicking on a few I started to notice some trends. All links followed the same structure:
First, they hit a separate dedicated server
… for tracking your click. It usually contains some hashes. REI had a particularly insane one:
But they can be pretty simple too:
As for subdomain naming, out of my eleven, two chose “link”, another two chose “email”, and Anthropologie opted for “email2”. (I’d hedge email1 went the way of R1-D1.)
Second, they all redirect
… immediately to the appropriate page on the site, filling in params for further tracking. Most kept the personal information out of there — so gold stars to Anthropologie, Birchbox, Kate Spade, Macy’s, Madewell, Nordstrom Rack, REI, the Reformation, and Sephora.
“She has a knack for not exposing her customer’s personal information to the browser”, Kate Spade might say.
It’s Loft and Everlane that fell short and ended up exposing some PIIs.
Why is having Personally Identifiable Information (PII) in the request not the best idea?
- Your information could end up in ad requests. Google DoubleClick explicitly warns for them here.
Let’s take a closer look:
Here you can see my first name, last name, and email all in plain text. Three pieces of personal identifying information. I doubt they need all three; if they need any I’d recommend a hash. Although from what I’ve seen no other campaigns except Loft keeps around the clickthrough email, hashed or not.
I took a look at Everlane and found two requests to DoubleClick and a few to Google Analytics, which makes #1 a valid concern.
Loft exposes my email too, but not my first or last name. Actually what’s interesting is my email already appears hashed in the original link:
So what happened? Loft also exposes my email in the unsubscribe link:
Like Everlane, Loft also makes several requests to DoubleClick.
And the others
Overall I’m pleased with how undecipherable the rest of the tracking params are, even the unsubscribe links! So I’ll keep on merrily clicking my way on to savings. Thanks email campaigns; now if you could only fix your too-low-res-for-retina images then you’ll have my wallet completely your mercy.