The person who developed the free email encryption software Gnu Privacy Guard in 1997, which was used by famous NSA whistleblower Edward Snowden and so many other journalists, security officials and dissidents worldwide, is going broke. Yes you read it right! He needs money to keep this amazing project alive.

The software was developed by Werner Koch and since then he single-handedly has been keeping it operational using patches and upgrades while being at his home in Ekrath, Germany. At 53, it is understandable that he is running out of money and also patience.


Koch attended a talk in 1997, arranged by free software evangelist Richard Stallman, who at that time was visiting Germany. Stallman compelled the crowed to provide their personalized version of PGP.

This inspired Koch and he decided to give it a try. Within a few months Koch even released an introductory version of the software and named it Gnu Privacy Guard. This version was inspired from PGP and was more like homage to Stallman’s offering.

Koch’s software was an instant hit although it ran only on Unix OS but since it was free and the underlying software code was open due to which developers received a chance to inspect and improve it.

Underfunded but not Demotivated—says Koch:

“I’m too idealistic,” stated Koch in one of his recent interviews at a hacker convention in December, 2014, in Germany. “In early 2013 I was really about to give it all up and take a straight job.” But after the news about Snowden broke down I realized “this was not the time to cancel.”

Just like majority of other security software developers, Koch also agrees that giving an underlying software code for free is the best strategy for depicting that there aren’t any hidden backdoors that may give access to spying agencies or hackers. However, this also involves voluntary developing and maintenance of computer security tools.

Even one year after Snowden’s leaks, Koch is still trying to raise sufficient funds to keep the software running and to achieve his dream of employing a full-time programmer.

Since 2001, Koch has only managed to rake in $25,000 per annum. This is a mere fraction of what he could have earned in private industry.

Koch launched a fundraising campaign in December, which garnered around $43,000 only whereas he expected to achieve the target of $137,000.

The Rising Problem of Underfunded Security Software:

Many of the Internet Security software are underfunded and the issue is becoming severe every passing day. Last year when the Heartbleed bug happened, it was reported that the United States spends approx. $50billion per annum on intelligence and spying programs but the money goes to Internet security.

The bug exposed a startling fact that a widely used encryption program (from Twitter to Amazon) was being maintained by four programmers, and only one of them worked full-time to keep it running. When the news was revealed a group of tech firms stepped in to sponsor it.

All Popular email security programs are underfunded:

Most of the popular email encryption programs like GPGTools, GPG4Win and Enigmail are used by Koch’s code. GPG4Win is another program solely run by Koch. Nicolai Josuttis, developer of Enigmail, states that “If there is one nightmare that we fear, then it’s the fact that Werner Koch is no longer available. It’s a shame that he is alone and that he has such a bad financial situation.”

Enigmail is also suffering lack of funds. Enigmail is maintained by just two developers that too, not on a full-time basis because both are employed in other full-time jobs. Patrick Brunshwig, the lead developer of Enigmail, receives just around $1,000 per annum as donations. This is merely enough to keep the website running.

Similarly, GPGTools, which allow encryption of emails from Apple Mail, changed its policy and announced in October that users will be charged with a small fee from then on.

Facts about Email Encryption:

Email Encryption was firstly introduced to users in 1991 with a free program called Pretty Good Privacy (PGP), released by Phil Zimmermann.

Before that software was released, computer-enabled encryption was a privilege availed by large firms and governmental agencies which could pay its license fees.

The United States government later investigated Zimmermann for violating arms marketing laws since highly strong encryption was subjected to export limitations.

Koch’s software, on the other hand, was not subject to the export restrictions by the US law.


Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.