Just days after email startup Superhuman was embroiled in controversy over its use of tracking pixels that let users see when and even where recipients opened their emails, company CEO Rahul Vohra is thoroughly apologizing — and promising to change his company.

Effective immediately, he writes, Superhuman will stop tracking location, will delete existing location information, and will turn off read receipts by default.

“I have come to understand that there are indeed nightmare scenarios involving location tracking,” writes Vohra, adding later: “I wholeheartedly apologize for not thinking through this more fully.”

Here is Vohra’s official blog post, and some additional apology in his tweets:

2/ I know I have come under fire for being quiet. I had to take the time to think deeply and from first principles. I hope our community will understand that. — Rahul Vohra (@rahulvohra) July 3, 2019

4/ We are making some big changes to @Superhuman. We are:



• removing location tracking

• deleting location data

• turning read statuses off by default

• building an option to disable remote images



Please see https://t.co/T5YekM2iyM



I've written this in detail there — Rahul Vohra (@rahulvohra) July 3, 2019

Vohra’s apology post is remarkable in that it tackles many of the concerns leveled at read receipts head-on. He admits that Superhuman was using pixel trackers, spells out how they work, admits they could have been abused by bad actors, and generally doesn’t come across as particularly defensive.

“It made sense for read statuses to be on by default when our user base was early adopters,” he writes. Now that the company has realized they’d come as a surprise even to Superhuman users, they’ll be off by default instead.

The company’s response is also a bit surprising considering how Superhuman’s use of pixel tracking isn’t all that unusual. While a viral blog post from former Twitter VP Mike Davidson thrust Superhuman into the spotlight for secretly tracking email recipients by default (a prominent New York Times article also didn’t hurt), it’s hardly the only email app that uses pixel tracking to quietly spy on whether or not you’ve opened an email, nor even the only one to tell users where you were when you opened it.

Which is also probably why the company isn’t getting rid of pixel tracking for good. Here’s the paragraph where Vohra justifies the decision to keep read receipts around:

We are still keeping the feature, as Superhuman is business software for email power users. In the prosumer email market, read statuses have been “must have” for many years. See MixMax, Yesware, Streak, Hubspot, and Mailtrack. These products alone have 3M+ users, and each one provides read statuses by default.

“In our market, the demand for read statuses is so high that it has now become table-stakes,” he adds.

So they’re not going away, but they will be opt-in — at least on the part of Superhuman users. Recipients will still have to block them if they want to opt-out, though Vohra writes that he’d “love to find better technology to solve this problem” and invites others to email him about it.

Vohra also writes that his company will need to “deeply consider the overall ecosystem when designing software as fundamental as email,” which feels like a direct response to the thrust of Davidson’s blog post about building companies with a positive “ethical trajectory.”

Pixel tracking, which also goes by other names including “web beacons” and “pixel tags,” are a pretty simple way to tell when someone’s accessed a particular website or opened a particular email. When your web browser or email client automatically downloads these practically invisible images — like, say, when you open an email — it necessarily tells that image server that you’ve downloaded them.

Voila: they now know you’ve opened the email, and your IP address can give them an eerily specific idea of where you were when you opened it.

If you want to know more about tracking pixels, we just published an entire FAQ earlier today. Fundamentally, some of the main privacy concerns still exist, because recipients can’t easily opt out. Superhuman has opened a can of worms for the entire email industry, apology or no.