The Potential for Consumer AI

February 5, 2026

Friends,

We are excited to share edited excerpts from our October 9th Ideas & Networking Conference fireside chat with my longtime friend Sumit Agarwal, founder and CEO of Ario, a start-up focused on data enablement for consumer AI.  Sumit was previously the co-founder of Shape Security, a cybersecurity company acquired by F5 Networks in January 2020 for $1 billion.  Prior to that, he co-founded and sold a start-up out of MIT, led mobile product development at Google in its early years, and helped oversee cybersecurity strategy for the Department of War.  He also served as a Major in the U.S. Air Force.

Sumit shared numerous lessons from his background as an entrepreneur and discussed the current AI landscape and how he sees it evolving.  He also provided details on his new start-up, Ario, which is building the data-enablement layer for consumer AI.  Enjoy!

Best Regards,

William C.  Martin

Topics in this Issue of An Entrepreneur’s Perspective:

 

**

Interview with Sumit Agarwal, Founder & CEO of Ario: The Potential for Consumer AI

This fireside chat originally occurred on October 9, 2025.  ChatGPT was used to format and lightly edit the original discussion, using a “formal conversation” prompt. 

Welcome!  What do you make of everything going on in AI today?

Honestly, my head’s exploding.  I’ll highlight a few things that stand out.  In my 27 years in tech, I’ve never seen companies like OpenAI and Anthropic move so quickly and so broadly across the stack.  They’re not content to focus on just hardware or infrastructure — they’re going all the way from proprietary chip design to niche consumer applications, from healthcare tools to personal assistants.

They’re building toward what I’d call “an agent for every human”, a professional assistant that can evolve into specialized agents across different fields.  What’s remarkable is how fast this is happening.  In past revolutions such as the Internet or mobile it took 20 years for eco-systems to form.  This time, it’s unfolding within two or three years of the first major product launches.  The pace and ambition are unlike anything I’ve seen before.

What do you think of Sam Altman’s idea to make OpenAI the prompt for all of your apps; e.g., instead of going to Zillow, you’d just ask OpenAI your question.  Do you think that strategy works?

I’m completely bullish on that.  For two years, we’ve been saying that the AI assistant that helps you is effectively the last app.  We’re entering a post-app world.  On my phone, I have no idea what’s on most of my screens anymore.  I think I have seven screens beyond the home page.  I used to spend time organizing them, now I don’t.  I either tap the few apps I can reach with my thumb or I just pull down and search.  That’s what I call app bankruptcy.

In that context, the idea of a single, universal prompt — not “show me four-bedroom homes in 94403,” but “show me what I should care about in real estate” — is a profound shift in how we interact with technology.

Shouldn’t Apple (NASDAQ: AAPL) have thought of that?  They’ve got hundreds of apps.  Was this not obvious?

For a while people thought Google was having a Xerox moment.  The original transformer paper came from them in 2017, but another company, OpenAI, launched the AI revolution. In this case, though, I’m still very bullish on both Google and Apple, mainly because of distribution.  They’re not asleep at the wheel.

Six months ago, Gemini’s integration into Google Search was rough.  You’d get a Gemini answer, and the very next link would contradict it.  Meanwhile, OpenAI was already providing more accurate, validated responses.  But that was then.  Today’s Gemini integration is smooth and impressive.

ChatGPT hitting 800 million users is an extraordinary achievement; they’ve reached escape velocity.  However, Google is about to put AI in front of three billion people.  The next two billion users won’t even know they’re using AI; it’ll simply be built into Search, Safari, or Chrome on every iPhone.

So no, Apple and Google aren’t fading into irrelevance anytime soon.  They still own the key control points — the App Store, Search, email, calendar, Docs.

Sumit and I first met at the peak of the internet bubble in 1999.  You were at MIT at the time.  Can you walk us through your first business?

I was 22, I didn’t know much, but I had this unshakeable sense that the way to make something meaningful in life would be through startups.  Truthfully, I knew nothing about infrastructure, services, or really any business.  What I did know was science fiction, and I imagined flying through a virtual version of the real world.  That led my co-founders and me to start a company helping people navigate the physical world, but that didn’t work out. We wanted to start something like Google Street View but we were way too early,

We pivoted to something more tactical: an API services business in 1999 that did IP geolocation.  Essentially, if a website like BMW North America had a visitor, we could turn their IP address into a highly accurate physical location.  It was simple by today’s standards, but very useful.  Within three years, both Microsoft and Google were customers.  That small technology is still widely used today, though it’s changed hands a few times.

Tell us about your early Google days?

Early Google was fascinating.  It taught you to think at global scale.  In 2004, someone in Larry and Sergey’s inner circle asked, “Why can’t we scan all the books in the world?” They didn’t overthink it.  A colleague grabbed a textbook from a shelf, counted the pages he could turn in 30 seconds, and from that, extrapolated how long it would take to scan the entire Library of Congress. They decided they could do it with a 100-person team in 10 years, or something along those lines.

A year later, I discovered the secret Google Books lab inside a building at Google.  They had Home Depot aluminum frames, DSLR cameras mounted on top, and people wearing masks to scan books one-by-one.  Robots from across the country were tested to automate page turning: sticky-tack fingers failed, silicon fingers failed, but air suction worked.  Within a few years, machines were scanning millions of books.

That was typical at Google: dozens of skunkworks projects running simultaneously, one in ten world-changing, one in twenty transformative.  It was a culture of rapid experimentation at scale.

I remember meeting Larry Page at a Gilder Conference in 2002.  His presentation was incredibly wonky — he explained how he could duplicate Walmart’s IT system for $500,000 when they were spending billions at the time, all using open-source software like Linux.  Amazing.

One more story from the early internet days: Google was famously frugal.  They built servers out of Legos, and the original logo looked like Lego blocks.  They realized data center providers charged on a 95% monthly average, so they’d move hundreds of gigabytes once a month to stay under the cap. Thousands of creative hacks like this fueled what became a trillion-dollar company.

Tell us about launching Shape Security.

I feel lucky to have witnessed three hundred-billion-dollar revolutions: consumer internet, mobile, and now AI.  By 2009, after seven years at Google, I joined the Pentagon, part of the Obama administration’s effort to bring Silicon Valley talent into government.  At the Pentagon were seeing nation-state cyber-attacks on unclassified military systems.  One key insight: in cyber, offense is favorable.  The defender must stop every attack, while the attacker only needs to succeed once to gain a foothold.

My future co-founder and I realized that nation-state-grade capabilities would quickly diffuse to organized crime.  We wrapped up government service in 2012 and founded Shape Security, starting with a tiny $6 million seed round.  Over the next decade, we raised $200–300 million, built the leading platform defending against automated attacks, served 50% of the Fortune 500, and sold the company to F5 Networks (NASDAQ: FFIV) for about $1 billion in January 2020, which was excellent timing.

Any lessons from Shape that you’re applying to your current business?  Despite your success, it was a slog at times, and it took capital and persistence.

It was a Bataan Death March.  One critical lesson was how we approached decision-making against adversaries.  We used the OODA loop — observe, orient, decide, act — from fighter pilot strategy: if you make better decisions faster than your adversary, you tend to win over time.

The biggest impediment for security vendors isn’t technical; it’s customer approval.  At Shape, we told customers: you can hire us and can fire us whenever you want, but in day-to-day operations, we make the tactical calls.  We operated at line speed, faster than the adversary.  Customers had to step back to an oversight role, or we couldn’t be effective.

That principle, having a clear theory of defense and operating faster than the attacker, was pivotal to our success.  It’s the key lesson I share with other security startups: remove friction, empower rapid decision-making, and learn at the speed of your adversary.

You sold Shape for $1 billion.  Why not retire to the beach instead of starting another venture?

The seeds of Shape were planted during my Pentagon stint in 2010, and that grew into a decade-long journey.  Likewise, the ideas behind my current start-up, Ario — the data-enablement layer for AI applications and agentic workflows — were sown while I was still at Shape in 2017–2019.  We had early inklings of this pre-AI.

At Shape we protected Fortune 500 consumer-facing businesses from criminals who log in as real users to extract data, money, or other assets hidden behind user interfaces.  Ironically, the same techniques used by attackers — logging in as a real user and harvesting transactional history — are precisely what enable us to help consumers extract their own data securely and in a compliant way.  With consent, we can log into your email, Amazon, DoorDash, etc. and build a rich, actionable record of your transactions.

There can be hundreds or thousands of data points per person, and we move that data wherever the consumer wants it, so it can be used beneficially.  The problem today is that large enterprises often withhold data that would enable useful consumer-centric services.  This is not because they are malicious, but because those uses aren’t in their direct interest.  Meanwhile, the big tech firms enjoy massive data advantages.

Many enterprises outside the top internet companies aren’t awash in high-quality proprietary data.  The constraint for most of my customers today is data availability, not compute or algorithms.  Back in 2016–2017 the challenge was managing big data; now it’s having enough clean, proprietary data to train and operate high-value AI.

So we flipped roles: from defenders to white-hat adversaries.  We know how the defenses work because we built them.  That expertise lets us extract data on behalf of consumers — even from systems that were designed to block precisely this behavior — and deliver it to places where it becomes far more useful to the person who owns it.

Do companies make it difficult to download your own data?  Why would they let you extract this data?

We don’t ask — they’d likely say no.  But regulatory frameworks like GDPR and the California Consumer Privacy Act now require enterprises to provide data download capabilities.  The law says you must provide access, but it doesn’t specify how.  Most companies bury it behind cumbersome flows.  Spotify, for example, tucks “download your data” under “delete your account”, a classic dark pattern.

Our AI agents don’t care.  They know where the data is hidden and log in on your behalf to extract it.

Do consumers come to your app, or do enterprises use you as middleware?

We’re middleware. Like Plaid in financial services, we provide API services for workflows.  For instance, REI, a recreational equipment retailer, might offer personalized discounts if you share your Amazon Sporting Goods history.  The consumer never interacts with us directly — they just authorize two clicks through an Ario interface, and their data is pulled and transferred securely to benefit them.

Are companies actually using this?

A few dozen are in trial or discussions, like the enterprise relationships we had at Shape.  The analogy I use: first-party data is the fuel.  If you have one gallon and put it into a Camry, you get 30 miles.  Upgrade your systems to an AI-powered “Lamborghini” stack, but keep the same fuel, and you may get only eight miles.  AI can generate thousands of outputs, but without more high-quality data, it won’t go far.  We provide that fuel by consolidating and moving data from multiple sources, leveling the playing field for everyone outside the top internet ten.

So you help smaller companies better compete with the Googles and Metas of the world?

Exactly.  If you’re not a top-ten internet company, more data is a key attraction.  That’s the space we serve.

How do you think about competing with the AI giants?

That’s a key question for all AI startups.

Think back to 2014 when Shape Security emerged.  We wrote proprietary software line-by-line and sold it to JP Morgan, Citibank, REI, etc. for $1–5 million a year.  That code was ours and it had durability and defensibility.

Contrast that with most AI startups today: they’re building on top of 80–90% OpenAI or Anthropic infrastructure, adding only 10–20% of unique business logic, interfaces, or prompt tuning.  The problem is that everyone, including your own customer, can access that underlying AI.  For example, a Fortune 500 company might license OpenAI directly instead of paying you for a thin layer of customization.  The result: low margins, limited differentiation, and fragile survivability.  It’s a very different landscape than 2014, when proprietary stacks had real staying power.

Is there a risk to the open web? If I had data, I wouldn’t be sharing it openly.

Absolutely.  This is a big challenge.  Companies like Cloudflare (NASDAQ: NET) are trying to protect the open web by giving their millions of customers tools to prevent crawlers from scraping content.  AI crawlers such as Google and OpenAI create massive data and value-leak problems.  If you build an audience of a million people but your content is freely fed into AI engines without access to the end user, your business model collapses.

Ads have long funded free content online.  Cloudflare is trying to preserve that, but Google and others require crawlability to remain discoverable, creating intense tension.  The bright spot: Google has an enormous ad business to protect, which forces them to be thoughtful.  I expect they’ll find a way to “thread the needle.”  One solution may be running ads within AI interfaces, similar to AdSense, to fairly distribute revenue, akin to music royalties.  That could maintain incentives for content creators while feeding AI systems.

Audience Question: When you grab data through your company, is it just a snapshot, or do you give it to the customer?

Take Bill and REI as an example.  REI says, “Bill, link your Amazon sporting goods purchase history so we can serve you better and give you a discount.”  Bill logs in via an Ario-powered interface.  We then have access to one year of historical data plus one year of future purchases.  Everything Bill buys related to sporting goods during that period is shared with REI through Ario, per Bill’s consent.  It’s persistent, permissioned, and directly benefits the consumer.

Audience Question: In cybersecurity, where the threat landscape is always changing, how does it look today and what’s evolved since you ran Shape Security?

Security has gone from next to nothing to a quarter-trillion-dollar industry.  One way to see this is that the size and sophistication of security problems scale with online activity.  In 2003–2005, online activity was small; many banks didn’t even have online banking.  Today, even small companies are targets.  AI has made attacks far more sophisticated.  For example, criminals have automated systems that target new employees who join companies within a week of joining.  They receive perfectly tailored phishing emails, so convincing that one of my employees last year sent $300 in gift cards to an attacker.  I reimbursed him personally.

Audience Question: AI is real, but with all the CapEx being poured in, is the industry going to see a reasonable ROI?  What could cause OpenAI to fail?

I’m bullish on OpenAI and the big five.  The question isn’t whether the gains will show up in five years, they likely won’t, but whether the company can weather the dip.  Great companies with deep resources can survive long enough for the full impact to play out.  The $3 trillion potential gain is more like a 10-15-year journey, not five.  Agentic AI revenues aren’t going to flow that fast.  But OpenAI doesn’t need to rely on revenue alone, they have investors, like Saudi backers, to fund the long runway.

Perfect.  Thank you so much.  Good luck!

 

**


Favorite Books & Media

The Problem with Feminising Society – Triggernometry Podcast

This thought-provoking podcast argues that “woke” policies are not a transitory political agenda, but rather the result of women coming to increasingly dominate many institutions, including colleges and law schools, corporations, and government.  Highlighting differences in how men and women approach problems, the podcast notes that women tend to be more consensus- and relationship-oriented, with the goal of finding outcomes that satisfy all parties, as opposed to men, who are often more black-and-white in their thinking.

I would further observe that:

  1. Many men are now raised in “feminine”-dominant households that lack an active, engaged father; and,
  2. Women without children (a rapidly growing group) are channeling their nurturing energy and anxiety into other domains.

For further insight on these themes, I would recommend George Gilder’s Men & Marriage, which remains as prescient and important as ever.

https://podcasts.apple.com/ch/podcast/the-problem-with-feminising-society-helen-andrews/id1375568988?i=1000743346627&l=en-GB

 

Invest Like the Best: Henry Ellenbogen – Man Versus Machine

Ellenbogen was the legendary manager of the T. Rowe Price New Horizons Fund until he left in 2019 to start Durable Capital Partners.  He focuses on public and private early-stage growth companies and was famous for his long-term holdings in companies like Amazon and Netflix.  Ellenbogen discusses some of the attributes he looks for in management, including “Act II” entrepreneurs, as well as insights he has gathered over the years from figures like Jeff Bezos.

Below, I have highlighted Durable Capital’s top 20 holdings as of Q3.  Notably, my friend Shaun Currie was recently appointed to run the New Horizons Fund. I once (unsuccessfully) tried to hire Shaun, and I am confident he is going to do a great job leading New Horizons.

https://podcasts.apple.com/us/podcast/henry-ellenbogen-man-versus-machine/id1154105909?i=1000741500776

 

Durable Capital – Top 20 Holdings:

 

 

Invest Like the Best: Gavin Baker – NVIDIA vs. Google, Scaling Laws, and the Economics of AI

As I shared on Twitter, listening to Gavin Baker discuss AI and technology is even better than opening presents on Christmas morning.  Baker provides a strong overview of the latest developments in AI and is very bullish on NVIDIA maintaining its technology leadership.  He notes that NVIDIA’s latest GPUs, Blackwell, represent a step-function improvement over the prior generation, which should soon lead to further gains in AI models and accelerate the United States’ lead over China in the AI race.

I was skeptical of Baker’s views on data centers in space, however, despite my respect for Elon Musk.

https://podcasts.apple.com/us/podcast/invest-like-the-best-with-patrick-oshaughnessy/id1154105909?i=1000740378679

 

Fairfax India Podcast: Bangalore International Airport (BIAL)

Fairfax India (OTC: FFXDF) is effectively a closed-end fund managed by Fairfax Financial (FFH.TO) that focuses on investments in India.  I have a long-term position in the company that I established during COVID and recently added to.  Notably, Fairfax India has launched a podcast series that will focus on some of its core holdings.

The first episode focused on its controlling position in Bangalore Airport, which is the third-largest airport in India and the fastest-growing in the country.  I believe it is likely that this asset will go public in the coming years and unlock significant value for Fairfax India.

https://www.fairfaxindia.ca/podcast/

 

Andrew Ross Sorkin: 1929 (Book)

I thoroughly enjoyed Andrew Ross Sorkin’s first book, Too Big to Fail, and his follow-up, 1929, did not disappoint.  The book focuses on many of the key personalities involved in markets and politics in the years before and after the 1929 Crash.  Like today’s crypto markets, it highlights the Wild West speculation and trading behavior that were commonplace at the time, along with various “gray zone” activities, including tax-loss wash sale strategies, that were later outlawed under the Glass-Steagall Act and other New Deal regulatory actions.

I found it notable how much damage negative anticipation around FDR’s New Deal policies, including a potential gold devaluation, did to the banking system in the four months between the 1932 election and the inauguration.  Interestingly, according to surveys at the time, the leading campaign issue in 1932 was not the economy but actually the elimination of Prohibition, which Hoover opposed.

**


A Selection of Recent Tweets from @RagingVentures:

**

“Gold does not rise; the dollar falls” – Murray Rothbard

 

 

 

 

Published By