United States’ Postal Service “Informed Delivery” plan puts consumers at risk

The US Postal Service’s new Informed Delivery system has the potential to impact every household in the United States that receives mail. It’s important, and there are plenty of privacy issues. The World Privacy Forum wrote extensive comments to the United States Postal Service warning it about a variety of important consumer privacy and security risks of the Informed Delivery service. One of the most significant worries is that the system will allow new forms of phishing, among other concerns.

Informed Delivery provides postal service customers with images of the front of letters and other envelopes that are scheduled to be delivered that day. Customers can see the scanned images of the outside of their mail on a mobile app.[1] The system is currently being tested in a handful of pilot locations and will expand to all zip codes in early 2017. [2] When the system goes nationwide it will also include images of catalogs and packages.[3] The Postmaster General described the Informed Delivery system, saying: “It gives every marketer the opportunity to attach a digital offer to mail pieces, and eventually packages. This is an incredibly powerful product for this industry.”[4]

One of the chief concerns we raised in our comments relates to phishing and fraud. Informed Delivery potentially opens up fresh new opportunities for criminals, phishers, and spammers. News articles have noted that trials of the system have allowed for marketers to attach click here links to images of mailed letters. These links are said to deliver users directly to a marketing website.[5] We also raised issues about tracking, and the sharing of the information with credit bureaus, debt collectors, and credit risk assessment services, which the Postal Service is allowing for according to its notice.

While we understand the impetus here, and do not object to marketing, we see serious concerns about how customers could be deeply impacted by altogether new and better forms of phishing based on this new US Postal Mail Informed Delivery system. We have particular concerns about vulnerable populations and seniors.

Our comments detail many other questions, including those below:

Will there be a click here link or QR code that takes the recipient of a USPS message directly from the image of their mail to a third party website? This is an extremely important point for public understanding and should not be glossed over. We note that USPS employees have described Informed Delivery as providing click here links directly from images of postal mail to marketing websites. We do not object to marketing. We do object to obscure language to describe the data controls and protections around marketing for postal mail.[6]
Will USPS track if and/or when users read Informed Delivery email? If so, is the tracking aggregate? Is it by name or device ID? Does the tracking tie to a specific address? How is the tracking done, and how long is that data stored? Who gets to see that data? Do third parties outside USPS, for example, get to see that data? Who gets to see if a piece of mail was seen at a specific physical address? Because customers are verified, this becomes an especially important point.
It appears to us that a user of Informed Delivery will look at the email message with images of the user’s postal mail and, along with the image, receive additional marketing messages or materials in some cases. We have asked the USPS if this is so.
Will USPS track whether and when users read Informed Delivery email? Who or what businesses get that information?
Is Informed Delivery going to be another surveillance system that allows USPS to track what users do and share the information with third parties?
Additionally, the description of “interactive content” is incomplete and unclear. We request more information on what this means, and clarification on what this will be, specifically.
Will information sent by one mailer be shared through Informed Delivery with another mailer?
Will the USPS privacy policy be available directly on the Informed Delivery app? Will the notice disclose all tracking and third party sharing clearly?

The full consequences of postal service customers using Informed Delivery need to be carefully explained to users. All postal service customers who use this system should be given an express choice about whether they are tracked and whether USPS can share any of their information with third parties when they use this system.

It was surprising to learn that almost no one noticed or commented on this important system. We need a much broader public conversation about Informed Delivery before it rolls out nationwide so that the system does not become Informed Phishing. We also remain concerned about who and what third parties will have access to customer actions and information. If Informed Delivery information is being shared with credit bureaus and debt collectors, customers need to be well-informed of that before signing up.

-Pam Dixon

Read the WPF Comments on Informed Delivery to the US Postal Service

Endnotes:

[1] See USPS Informed Delivery page http://realmail.usps.com/box/pages/intro/start.action.

[2] Tim Echols, Meet the post office of the future, Atlanta Business Chronicle, 21 March 2016.

[3] Al Urbanski, PMG Brennan hails the dawning of a digital age at the Postal Service, DM News, March 2016.

[4] Comments of Megan J. Brennan, US Postmaster General at the 2016 National Postal Forum, USPS press release (Globe Newswire), 21 March 2016.

[5] 81 Federal Register 58542, pp. 58542-58544, https://www.federalregister.gov/articles/2016/08/25/2016- 20189/privacy-act-of-1974-system-of-records.

[6] Al Urbanski, Postal Service Debuts Digital Mail in New York, Direct Marketing News, 23 November, 2015: “[USPS] VP of Innovation and New Products Gary Reblin said that a group of business mailers were recruited for the New York test. “If a direct mailer wants to give us an HTML, then we can actually make that piece click through to their website, so it can create a buy-it-now experience. So not only would the end mailer get more impressions, but they also create the easy capability to be able to click through and purchase,” Reblin said in a Direct Marketing News podcast earlier this year.”

Posted September 30, 2016 in Consumer Privacy, Cybersecurity, Mobile Apps, Modern Permanent Record, Online/Offline, Public Comments, Public Policy, US Postal Service
Tags: Informed Delivery Service

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.

United States’ Postal Service “Informed Delivery” plan puts consumers at risk

Related:

Read the WPF Comments on Informed Delivery to the US Postal Service

Endnotes: