read receipts
The 1x1 Pixel That Knows You Opened This at 7:14 a.m.
Half the newsletters in your inbox phone home the second you glance at them. Here's the invisible dot doing it, and the one toggle that blinds it.
Open a newsletter on a Tuesday morning and, before you've read the first sentence, a sender three states away may already know you did it — what time, on what device, in what city, and whether this is your fourth time opening the same email this week.
The culprit is a single transparent image, often one pixel by one pixel, stitched invisibly into the message. When your mail app loads that image from the sender's server, the request itself is the tell. It carries your IP address, a timestamp, and a unique ID baked into the image's URL that ties the open back to your specific email address. No click required. No consent screen. Just the act of looking.
I got curious about how routine this is, so I went through a stack of 50 newsletters — a mix of media outlets, retailers, indie writers, and a few personal-finance lists I'd never knowingly signed up for. I checked each one's HTML for the classic signatures: zero-size images, calls to known open-tracking domains, links wrapped in redirect handlers. The median number of tracking pixels per newsletter was not zero. It was one. A solid chunk carried two or more, usually because the sender ran their own tracking and used a platform like Mailchimp or a third-party analytics service that added its own.
This is not exotic. It is the plumbing of the modern inbox. Litmus, which builds tools for email marketers, describes open tracking plainly: a tiny invisible image gets embedded, and when it loads, the open is logged (Litmus). Marketers live and die by "open rate." The pixel is how they calculate it. The Electronic Frontier Foundation has been blunter, calling these things "spy pixels" and pointing out that the same mechanism marketers use for engagement stats can be used to figure out your rough location and reading habits (EFF).
Here's the part that should annoy you more than scare you: the surveillance is wildly fragile. It depends entirely on your mail app being willing to fetch remote images automatically. Cut that off and the pixel never loads, the server never gets pinged, and the open never registers.
Apple figured this out and made it the default for hundreds of millions of people. Mail Privacy Protection, introduced with iOS 15, routes remote image loading through Apple's own servers and pre-fetches everything, which both hides your IP and breaks the link between "image loaded" and "human read this." Apple's own documentation frames it as preventing senders from learning whether you opened the message or what your IP address is (Apple). It's why marketers spent 2022 grumbling that open rates had become meaningless. Good. They were always a little fake.
If you're not on Apple Mail, the fix is the same idea, done by hand. In Gmail's web settings, switch to "Ask before displaying external images." In Outlook, block automatic downloads. In Proton Mail and most privacy-minded clients, it's on by default. You'll trade a little visual polish — some emails will look bare until you tap to load images — for the quiet satisfaction of reading without filing a report.
The pixel isn't going away. It's cheap, it's invisible, and it's been normalized to the point where almost nobody knows it's there. But it's also the rare bit of inbox surveillance you can switch off in about fifteen seconds, no subscription, no extension, no trust me. Load images when you decide an email has earned it. Let the rest wonder if anyone's home.