Six Lines

Home Address versus Email Address

Posted by Aaron Massey on 28 Oct 2015.

I was listening to episode 15 of the Cortex podcast, and Myke, one of the co-hosts, said something at about the 1 hour 23 minute mark I wanted to respond to because I think it is a common mistake people make when evaluating their privacy interests. It was in response to C.G.P. Grey describing a program Google has for serving ads to specific people based on their email address. It was also a part of a broader, ongoing dicussion surrounding the use of adblockers online:

It’s just like somebody sending a piece of mail to your home. That’s all that is. I used to work in marketing. That was what I did for a living before this. So I know the power of data and why it’s good to have this.

Part of the problem with web ads is that they are too general. They have the tracking data for you, but they are still advertising to a broader audience. One of the great things about targeted email ads and targeted mail, like postal mail, is that you can give someone something that is more specific to them. So when it’s used in the right scenarios, this could be really good. You could get a tailored offer from your supermarket, which could be of benefit to you. But the fact that they already have this email address, they are going to advertise to you anyway. Maybe it’s best if the advertising is targeted to you more specifically.

Because to me it’s like nobody gets really creeped out that they get junk mail or these offers sent to their home. That doesn’t freak people out. That is your home address that these people have! That is way more dangerous than an email address! But it doesn’t bother anyone. People don’t like that they get it, but they’re not like, “I need to move! I need to put an address blocker on my home and hide my door number!” Nobody does that. But it’s the same, if not worse, in my view. And there will be millions of people who will disagree with me, but that’s how I feel about these things.

I strongly agree with the part of this that claims there could be a win-win scenario with targeted advertising. It was a core part of my book chapter on the ethics of behavioral advertising.1 However, Myke makes two critical factual errors, which have prompted this post.

First, advertisers having access to your home address does bother people, and it poses an extremely serious risk: identity theft. Every reputable identity theft advocacy organization strongly recommends that you purchase a shredder and use it liberally on your junk mail. Here’s a quote from an interview with one example in the New York Times about five years ago:

You will want to shred some of your junk mail and any old bills, statements or tax documents you’re getting rid of. Shredders that are mid-range or better can also make mincemeat of old credit cards, as well as CDs and DVDs.

When it comes to junk mail, some people destroy anything with their name and address on it. But according to the resource center, the most important things to destroy are offers from financial-services companies, like pre-approved credit cards, especially if they have barcodes for automated processing. Thieves have been known to sign up for cards using these documents and then submit a new address, so victims don’t discover the problem until their credit ratings are ruined.

In fact, so many American consumers wanted to stop receiving this junk mail that the FTC decided to create a mechanism for consumers to opt-out of receiving prescreened offers of insurance and credit. From their website:

If you decide that you don’t want to receive prescreened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years or opt out of receiving them permanently.

To opt out for five years: Call toll-free 1-888-5-OPT-OUT (1-888-567-8688) or visit www.optoutprescreen.com. The phone number and website are operated by the major consumer reporting companies.

To opt out permanently: You may begin the permanent Opt-Out process online at www.optoutprescreen.com. To complete your request, you must return the signed Permanent Opt-Out Election form, which will be provided after you initiate your online request.

There’s a lot more information about your options on the FTC website, so you should definitely take a look if you’re interested.

Second, and probably more important, it is objectively wrong to think that an advertiser having access to a home address is more sensitive or “worse” than their having access to an email address. Email addresses are both more sensitive and more easily attacked than home addresses. Most home owners provide banks with an email address, including the bank with which they have a mortgage account. If an attacker knew your email address and could crack it, then they could potentially access investments, retirement, savings, and checking accounts–all of which are more liquid than the random objects lying around your house.

Having access to an email account could also result in other terrible things. Just ask Mat Honan. Worse, this attacker could to that from virtually anywhere in the world, whereas an attacker interested in breaking into your physical house is limited to a pretty narrow range of geography. I’m not talking about a theoretical scenario here; email hacks happen all the time. It simply isn’t possible to comprehensively list everyone who’s had their email hacked. It would be like, well, trying to create a list of everyone who’s had their home broken into. Hacking an email account is easier than you might think, thanks to the incredibly weak and frustratingly common password reset system used by many email accounts. As Chris Soghoian tweeted:

What did the hacks of CIA Director Brennan, @SarahPalinUSA and @mat all have in common? Password reset questions. They are the weakest link.

It happened to the Bush family. It happened to Scarlett Johansson. It happened to Selma Hyack. Etc, etc… When Gordon Ramsey’s email was hacked, he was justifiably worried about work-related materials available there. If you had to guess where you would be more likely to find valuable work-related materials, and you had to pick between a home address and an email address, which would you choose?

Worse, you don’t even have to hack an email address to exploit it. Just as mass marketers send targeted advertisements, criminals send targeted phishing attacks, called spear phishing, to trick people into providing them with sensitive financial or corporate information that they can exploit further.

Another way to compare home addresses and email addresses is to apply the logic that Bruce Schneier has used for over a decade in his argument for writing down passwords. We know how to secure small pieces of physical paper. Everyone with Internet access can attack an online login. Therefore, it is worthwhile to use a complicated password that you don’t remember and keep a physical copy of it somewhere safe. We’ve already talked about the first implication here: email addresses have a much larger attack surface simply because anyone with an Internet connection could attack them. The second part is new: which is more likely to be repairable? We know how to handle home break-ins. This is something local police have been doing for decades and decades. Do you believe that your local police department will be able to help you if your email address is hacked?

Myke is just objectively wrong about this. I sympathize with his position that targeted advertising can be a good thing, but the rest of his argument is extremely dangerous.

  1. More information about this book chapter is available on my academic website or at this DOI