We’ve all done it. That horrifying moment when you press "send," and realize that picture of your face photoshopped into a child’s dinosaur costume went to someone with the same first name as the person who was actually meant to receive it. (This is a true story. It was only funny after 24 hours of extreme shame.) That’s probably not the worst thing that can happen in the history of the email reply function, and probably not the worst that will.
That’s one of the reasons why a new tool could change how we use email. A sent email take-back feature is just one element of Virtru, a plug-in for Gmail, Yahoo, Outlook, and Mac Mail built by a former National Security Agency employee to keep messages out of reach from prying government data collectors.
Will Ackerly worked on cloud security at the NSA for eight years before quitting in 2012 to go into business with his brother John, the former director of the Office of Policy and Strategic Planning at the U.S. Department of Commerce under George W. Bush. While Will Ackerly was at the NSA, he came up with a program called the Trusted Data Format, or TDF, that effectively acts as both a leash and a shield on sent messages.
A basic explanation of how it works: If you send a message using Virtru, TDF acts as an encrypted wrapper around the message. The encryption keys are sent to the receiver of the email, and the sender can revoke those keys at any time. Encryption also prevents the email from being read by those looking into, say, Google’s servers.
"Just by using an email account, you're giving your expectation of privacy up legally, because a copy of that email is being saved on a third party server," Will Ackerly says. "And we think individuals should be able to email, and just like sending a letter, should have a process that ensures it's not being read by someone else."
TDF might sound complicated, but the brothers wanted to make it as simple and accessible to the average email user as possible. Instead of downloading an entirely new email service, Virtru simply appears as a switch on your email browser. Turn it on, and you’re letting the receiver of your message know it’s sensitive, or authentic, depending which features you choose to use.
"What we've done over the past year and a half is to integrate very advanced encryption technology into a tool that people use every day," John Ackerly explains. "There have been lots of encryption technologies on the marketplace with very strong encryption, but they take a computer science PhD in order to use effectively."
The latter isn’t quite true. Several other tools, like PGP, use reliable encryption, and you don’t have to have a degree to use them—just a little persistence. Virtru, however, might be one of the few to add encryption to existing email service providers in a particularly user-friendly way.
Still, anyone could technically subvert Virtru by taking a screen shot of an email, or simply using copy-paste. But there's also another major problem that arises with encryption keys: The government can demand a company fork them over, and sometimes, that government court order comes with a gag provision. That’s what happened to Lavabit, a secure messaging service that chose to shut down and fight the court order through an appeal process rather than hand over the keys.
It’s a telling precaution that the creators of Virtru have already considered this possibility, and have been working with lawyers from the Electronic Frontier Foundation to draft up a response before something like it might happen. They’ve also created a FAQ in which they promise to fight requests like these in court—unless the warrant is individualized, and cites probable cause.
"I think we stand on very strong legal footing, and we will fight if organizations are making requests. A very large community also agrees with us," John Ackerly said.
That remains to be seen, but the $4.3 million company has gained the financial support of Robert Pittman, the CEO of ClearChannel and one of the first investors in AOL. The Ackerly brothers don’t want to stop at email, either. Next, they say the same type of technology could be applied to hard drives.