BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Former NSA Security Architect Pushes Email Encryption For The Masses

This article is more than 10 years old.

Since former NSA contractor Edward Snowden began divulging information on how vulnerable our personal digital data is – and how much of it security organizations have been helping themselves to – the average web surfer has begun to think a bit more cynically about cyber security. That newfound suspicion creates a headache and a PR-fiasco for the NSA but opens doors for entrepreneurs in the world of online privacy.

Two such entrepreneurs are brothers Will and John Ackerly. The Ackerlys and their startup venture, Washington D.C.-based Virtru, are two weeks into the launch of a product that lets internet users encrypt any and all of their emails for free. Unlike competitors, the service acts as an add-on to your web browser and does not require the email recipient to have signed up for the service. That feature alone makes Virtu notable.  

“What we’ve tried to do – and what’s different from what a lot of encrypted communication tools out there have done – is really spend time to integrate the encryption technology directly into Gmail, Yahoo, Outlook.com,” John Ackerly said.

There is no shortage of privacy and security products out there, but the brothers felt that if they created a simple system that required little technical know-how it would catch on with the tech-dyslexic and tech-savvy alike. “86% of Americans, while concerned about the privacy of their personal information, have not taken action because they don’t know where to go.”

Here’s how it works:

I downloaded Virtru as a Firefox add-on and a mobile app. On Firefox, each new email contains a small unobtrusive switch on the top right corner of the message window which turns encryption on (yes, it is opt in). Press “send” and Virtru encrypts the contents on your device with standard AES 256, then sends it to the recipient but separates the encryption key from the message. The recipient does not need to have downloaded Virtru to get the key but does need to confirm his or her identity by email address. Virtru holds the key to that decryption process and won’t fork it over without verification.  According to Will Ackerly: “We also have a firewall that makes sure that every keystroke that you type inside the compose window never gets to the server.” Normally, he said, every single keystroke is recorded and sent to Google servers when using Gmail.

On smartphone, the user can send out emails via the Virtru mail app that links to, say a Gmail app but only after verifying your identity on the device. Other free services include the ability to control whether your recipient can forward your message and the power to revoke access to the message after a chosen period of time, a la Snapchat.

The two brothers are in a unique position to build security solutions. Will Ackerly, the 33-year-old CTO, spent 8 years working as a cloud security architect for the NSA before taking his talents to the private sector in 2012. John, who is 39 and is Virtru’s CEO, served as associate director of the National Economic Council and director of the Office of Policy and Strategic Planning at the Commerce Department under President George W. Bush and.

Will Ackerly’s primary focus with the NSA was developing technology to protect data. “After my experience at NSA I really gained an appreciation for how hard it was for people to protect their data and an acute awareness that there’s a lack of tools out there for individuals to be able to protect their data.”

John Ackerly’s tenure under President George W. Bush coincided with September 11, 2001. Following the attacks on the World Trade Center, actions were taken concerning security that had long-lasting impact on the right to privacy, he explained. Massive technological change happening at the same time as major policy decisions led to an undeveloped sense of how much privacy a person can expect, how much data a third party should have access to and what the government is allowed to see. “It was a wonderful moment for me, from the policy perspective, to be talking to my brother around the kitchen table about technology that he was building at the NSA that very clearly could have a transformative impact on the way people feel about communicating online.”

The Ackerly brothers financed the company with their own money early on before raising $4.2 million from angel investors including Bob Pittman, CEO of ClearChannel. John was working for private equity firm Lindsay Goldberg in New York at the time and left to head the young firm. The extra money helped build out a team of developers and the company now stands at 11 full-timers and 24 part-time platform builders. It is a developer-heavy crew and some have experience working with Will at the NSA.

Email encryption is free (“and it will always be free,” they say) but the duo have formulated a revenue model consisting of soon-to-come paid features like attachment security, domain-level enterprise data management platforms, as well as the licensing of their technology to organizations that want to manage their own security keys.  The fees themselves have yet to be determined but will be announced in the second quarter.

The majority of its angel round is still in place but the company is not profitable. Remaining cash will likely see Virtru through 2014 but the company could look to raise more money from investors after that.

Will Ackerly and his team have spent the past 18 months making sure the product works in all the top webmail providers and building out mobile apps. So far Virtru has launched its email privacy product as an add-on to Chrome, Firefox and iOS—and user numbers have reached the tens of thousands in less than a month (70% in the U.S.). That’s a limited app, to be sure, but in the coming weeks compatibility will spread to Internet Explorer, Safari and Android, as well as plugins for Outlook and Mac Mail.

 Whistleblower Edward Snowden’s highly publicized disclosures of global surveillance and metadata interception has put the focus on privacy and products that can provide it. That attention has been a boon for the Ackerly brothers and their team, as it has for other security app products from new companies. Says John: “Having that ecosystem of players, we think that’s a great thing. We think that 2014 is going to be the year of encryption and of people embracing it for their personal lives. We think that’s one of the silver linings of the Edward Snowden revelations.”

Follow me on Twitter @KarstenStrauss