United States’ Postal Service “ Informed Delivery” plan puts consumers at risk World Privacy Forum Skip to Content Javascript must be enabled for the correct page display Home Connect With Us: twitter Vimeo email Main Navigation Hot Topics

United States’ Postal Service “ Informed Delivery” plan puts consumers at risk

The US Postal Service’s new Informed Delivery system has the potential to impact every household in the United States that receives mail. It’s important, and there are plenty of privacy issues. The World Privacy Forum wrote extensive comments to the United States Postal Service warning it about a variety of important consumer privacy and security risks of the Informed Delivery service. One of the most significant worries is that the system will allow new forms of phishing, among other concerns. Informed Delivery provides postal service customers with images of the front of letters and other envelopes that are scheduled to be delivered that day. Customers can see the scanned images of the outside of their mail on a mobile app.[1] The system is currently being tested in a handful of pilot locations and will expand to all zip codes in early 2017. [2] When the system goes nationwide it will also include images of catalogs and packages.[3] The Postmaster General described the Informed Delivery system, saying: “It gives every marketer the opportunity to attach a digital offer to mail pieces, and eventually packages. This is an incredibly powerful product for this industry.”[4] One of the chief concerns we raised in our comments relates to phishing and fraud. Informed Delivery potentially opens up fresh new opportunities for criminals, phishers, and spammers. News articles have noted that trials of the system have allowed for marketers to attach click here links to images of mailed letters. These links are said to deliver users directly to a marketing website.[5] We also raised issues about tracking, and the sharing of the information with credit bureaus, debt collectors, and credit risk assessment services, which the Postal Service is allowing for according to its notice. While we understand the impetus here, and do not object to marketing, we see serious concerns about how customers could be deeply impacted by altogether new and better forms of phishing based on this new US Postal Mail Informed Delivery system. We have particular concerns about vulnerable populations and seniors. Our comments detail many other questions, including those below: Will there be a click here link or QR code that takes the recipient of a USPS message directly from the image of their mail to a third party website? This is an extremely important point for public understanding and should not be glossed over. We note that USPS employees have described Informed Delivery as providing click here links directly from images of postal mail to marketing websites. We do not object to marketing. We do object to obscure language to describe the data controls and protections around marketing for postal mail.[6] Will USPS track if and/or when users read Informed Delivery email? If so, is the tracking aggregate? Is it by name or device ID? Does the tracking tie to a specific address? How is the tracking done, and how long is that data stored? Who gets to see that data? Do third parties outside USPS, for example, get to see that data? Who gets to see if a piece of mail was seen at a specific physical address? Because customers are verified, this becomes an especially important point. It appears to us that a user of Informed Delivery will look at the email message with images of the user’s postal mail and, along with the image, receive additional marketing messages or materials in some cases. We have asked the USPS if this is so. Will USPS track whether and when users read Informed Delivery email? Who or what businesses get that information? Is Informed Delivery going to be another surveillance system that allows USPS to track what users do and share the information with third parties? Additionally, the description of “interactive content” is incomplete and unclear. We request more information on what this means, and clarification on what this will be, specifically. Will information sent by one mailer be shared through Informed Delivery with another mailer? Will the USPS privacy policy be available directly on the Informed Delivery app? Will the notice disclose all tracking and third party sharing clearly? The full consequences of postal service customers using Informed Delivery need to be carefully explained to users. All postal service customers who use this system should be given an express choice about whether they are tracked and whether USPS can share any of their information with third parties when they use this system. It was surprising to learn that almost no one noticed or commented on this important system. We need a much broader public conversation about Informed Delivery before it rolls out nationwide so that the system does not become Informed Phishing. We also remain concerned about who and what third parties will have access to customer actions and information. If Informed Delivery information is being shared with credit bureaus and debt collectors, customers need to be well-informed of that before signing up. -Pam Dixon

Related

Read the WPF Comments on Informed Delivery to the US Postal Service

Endnotes

[1] See USPS Informed Delivery page http://realmail.usps.com/box/pages/intro/start.action. [2] Tim Echols, Meet the post office of the future, Atlanta Business Chronicle, 21 March 2016. [3] Al Urbanski, PMG Brennan hails the dawning of a digital age at the Postal Service, DM News, March 2016. [4] Comments of Megan J. Brennan, US Postmaster General at the 2016 National Postal Forum, USPS press release (Globe Newswire), 21 March 2016. [5] 81 Federal Register 58542, pp. 58542-58544, https://www.federalregister.gov/articles/2016/08/25/2016- 20189/privacy-act-of-1974-system-of-records. [6] Al Urbanski, Postal Service Debuts Digital Mail in New York, Direct Marketing News, 23 November, 2015: “[USPS] VP of Innovation and New Products Gary Reblin said that a group of business mailers were recruited for the New York test. “If a direct mailer wants to give us an HTML, then we can actually make that piece click through to their website, so it can create a buy-it-now experience. So not only would the end mailer get more impressions, but they also create the easy capability to be able to click through and purchase,” Reblin said in a Direct Marketing News podcast earlier this year.” Posted September 30, 2016 in Consumer Privacy, Cybersecurity, Mobile Apps, Modern Permanent Record, Online/Offline, Public Comments, Public Policy, US Postal Service Tags: Informed Delivery Service Next »WPF asks Office of Management and Budget to re-evaluate plan to request social media account information on entry/exit forms; requests pilot study « PreviousWPF asks US DOJ to retain Privacy Act fairness standards in new system of records WPF updates and news CALENDAR EVENTS

WHO Constituency Meeting WPF co-chair

6 October 2022, Virtual

OECD Roundtable WPF expert member and participant Cross-Border Cooperation in the Enforcement of Laws Protecting Privacy

4 October 2022, Paris, France and virtual

OECD Committee on Digital and Economic Policy fall meeting WPF participant

27-28 September 2022, Paris, France and virtual more Recent TweetsWorld Privacy Forum@privacyforum·7 OctExecutive Order On Enhancing Safeguards For United States Signals Intelligence Activities The White House https://www.whitehouse.gov/briefing-room/presidential-actions/2022/10/07/executive-order-on-enhancing-safeguards-for-united-states-signals-intelligence-activities/Reply on Twitter 1578431679592427526Retweet on Twitter 1578431679592427526Like on Twitter 1578431679592427526TOP REPORTS National IDs Around the World — Interactive map About this Data Visualization: This interactive map displays the presence... Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974 This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process. COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.