I think that my new business SaneBox will have a real challenge surrounding the issue of trust.

SaneBox automatically labels envelopes that are in your google Inbox:

• top - must be looked at right away 
• sane - should be looked at in a timely manner 
• later - things you can put off for a convenient moment

This requires our servers to analyze your email history and queue and contacts.

It is this access that people struggle with. Email is a very very personal thing. In many ways, it is a diary of most peoples lives and to potentially open that up to someone you don’t know can be hard, if not impossible.  I’d love to come up with some mechanisms and some reassuring words to make people feel more comfortable.

Here are some loose notes about the company and our technology that I hope are reassuring:

There are exactly 5 humans with VPN credentials to the servers.  All of them have worked for me or been friends for at least a decade, some for longer, most for the majority of their adult lives. They are good people.  We are the only software company on earth where every employee has a toddler or baby (it’s hard to be full of hubris and evil when you spend some part of every day changing a diaper - shit is the great leveler).

The server is an HP blade array in a locked down CDW facility in Wisconsin. The OS is Ubuntu with all unused ports locked down. We have redundant cisco firewalls keeping out the riff-raff. The databases and mailservers are all on a firewall-ed-off subnet that doesn’t allow inbound traffic from the Internet.  You just can’t get there from here.

Our software never looks at the content of your emails only the envelopes. And even the envelopes are not cached on our servers only the meta data encapsulating the statistical essence of your relationships.

The authorization credentials (not password) you give us from google (this is the 2nd click in the sign up process) only allows access to your gmail and contacts from SaneBox.com servers. And you can revoke those credentials at any time. If those credentials were put on a different server elsewhere on the Internet, they would simply not work. Here is the google page to see what websites you log into using your google credentials and which you have authorized to access elements of your account.

There is a “Cancel my account” button on the bottom of the very first page you get to every time you log back into http://SaneBox.com. This triggers us to clear any labels we’ve added to your envelopes and remove your account from our servers. It would be as if we never existed.

I started this business because I saw so many of my friends in pain over their ever growing email queue and wanted to help.  And so far, it has helped.  And the process of helping them has produced a service that is helping a bunch of strangers (new friends?).

This is my 4th commercial business.  All employees have health insurance and all the various big business benefits.  Everyone gets paid a competitive wage (not startup salaries).  I’ve never laid off anyone in my professional career. Fired yes.  Laid off no.

Every alpha tester has received all my contact info including phone number. I’ve encouraged them to reach out with any concerns they might have. But, as the business scales, I’m not sure that that approach is going to scale as well. Maybe it will. I’ve been around for a while.  I remember when the Internet really did feel like a family of friends.  Maybe it can be that again.

Maybe this is an evolutionary thing and there just isn’t a way to resolve it.  As an engineer that is a hard thing for me to believe so I’ll keep trying to “solve” the problem.