Anne Toth has had a long career in the tech industry, thinking about privacy and security at companies like Yahoo, Google and Slack, working with the World Economic Forum and advising companies around Silicon Valley.

Last August she took on a new job as the director of Alexa Trust, leading a big team tackling a big question: How do you make people feel good using a product like Alexa, which is designed to be deeply ingrained in their lives? "Alexa in your home is probably the closest sort of consumer experience or manifestation of AI in your life," she said. That comes with data questions, privacy questions, ethical questions and lots more.

During CES week, when Toth was also on a popular panel about the future of privacy, she hopped on a Chime call to talk about her team, her career and what it takes to get users to trust Big Tech.

This interview has been edited and condensed for clarity.

How does the Trust team work? That's what it's called, right?

Yeah. I work on the Alexa Trust org, it's part of the Alexa organization overall. The team that I work on is responsible for building all the privacy features, all the privacy controls and settings, and thinking about privacy across Alexa, as well as accessibility. So the aging teams, the accessibility teams, Alexa for Everyone, all reside within this organization. And we're thinking about content issues and the whole gamut. So really all of the all of the policy dimensions and how they manifest in consumer-accessible controls and features is what this team thinks about.

Why is that one team? You just named a bunch of different, equally important things. What is the tie that binds all of those things?

Well … I think it's trust, right? It's, how do we develop trustworthy experiences? We are very much a horizontal organization that works throughout the Alexa org.

And the Alexa org actually is much larger than I even anticipated. When I first was interviewing with the organization, I was really surprised at how big and how quickly it's grown. So it's truly a horizontal effort to think about the customer experience, and all of these areas where there are potential trust issues, and try to deal with them very proactively.

That's a much bigger definition of trust than I would have guessed. I feel like we talk about trust a lot as sort of synonymous with privacy, and so "what do you do with my data" is the core question. But then when you put things like accessibility and ethics in there, it broadens the definition of what you're looking at in this really interesting way.

Yeah, it's a very expansive view. I have worked on privacy for most of my career. It often presents as a defensive issue for companies, right? And even the word "privacy" brings up a sort of connotation that makes you think about all the things you don't want people to know.

But I think of it really as an opportunity to innovate and to try to create more positive experiences, rather than to think of it as a defensive posture. How are we enabling the usage of data to help create better experiences for customers? Because that's really, ultimately what customers want: for you to use data to make this better for me. And I'm totally good with that. The concern is when I'm not sure what I'm getting out of you using my data, and you have it, and why do you have it? That's the area that's problematic. And what I see, and what we're trying to do, is to be very transparent, and to demonstrate time and again how your data is actually benefiting you in this product experience.

That's actually one of the things I wanted to talk about. You said in another interview that so much of privacy and security is basically just, like, don't screw up. There's no positive experience, it's just there until you ruin it. It's interesting to think about it the other way: to say, "What does it look like to be more proactive about privacy and data security?" What does that look like for you, in terms of how to actually put it in front of people in a way that feels useful, instead of just having pop-ups that say, "Don't worry, we're not using your data for bad things?"

Designing for privacy, or designing for trust more specifically, is about baby steps. It's like developing a relationship with a person, right? You have to earn the trust. And you have to do things in the beginning that over time become less important. So the wake word: We rely very heavily on the wake word. You have to invoke Alexa. But the use of the wake word, and the training around that, is in order to make people comfortable with the fact that we are only streaming your requests to the cloud once the wake word has been invoked.

That is about interjecting some conscious friction, to create a trusted experience so that later when we have more advanced features, more advanced conversational-type elements, you'll be in a place where you're comfortable with that experience. It moved you along that learning curve, and got to that place where you trust us to do that for you effectively.

I think it was on Twitter or on LinkedIn, I saw that there was an article that had gone viral. There was a security organization that did a breakdown of an Echo device because there was a theory the mic-off button was in fact just cosmetic. So they did a whole breakdown and sort of mapped out the electronics to prove, in fact, if the red light is on, the wiring to the mic is disabled. The red light and the mic cannot both be on at the same time and vice versa. That was a design choice. There are a lot of choices that are about getting people comfortable with the device, and feeling that degree of trust so that later down the road, we can introduce more features that people will be more likely to use.

But it's telling even that those sort of conspiracy theories exist, right? People think the same thing about Facebook turning on their microphone. Does it feel like there is this perception hole that every big tech company is in right now? That you, as Alexa, have to go out of your way to convince people that you're doing the right thing, as opposed to even starting in a neutral place? It just feels like we're in this place where people are learning to be suspicious about things that they don't understand.

I'm kind of a hardened cynic. That's just my natural disposition on things. So yes, I think we are in a period of time right now where skepticism is at an all-time high. And I think deservedly so, in the world we're living in at the present moment.

But what I'm often heartened by is that people have put this device into their homes, into their most sacred private spaces with their families with their loved ones. To do that is a big leap of faith and trust in Amazon and Alexa. So the mere fact that we're there is already a sign that people have extended to us the benefit of the doubt and have said "we trust you."

So it's not even so much about having to earn that trust in the first place as it is having to be worthy of that trust, right? Or be worthy of that privilege of being in that space. That's the goal for me: to make sure that we continue to be worthy of the trust they've already placed in us, which is not a hurdle everyone gets over.

What about as you think about things like default settings versus giving people choice? You can give people all the options in the world, but we know for a fact that most people are never going to change anything. So I'm suspicious of the idea that that's a solution to these problems, but it's definitely part of the solution. How do you think about making good decisions for people versus letting people make decisions?

First of all, no two people have the exact same notions of privacy. It's different generations, different cultures, different backgrounds, different experiences, all driving different expectations. No matter where you set a default, it's not going to be right for everybody. So there has to be the ability to change it. And you have to make that easy to find.

So in the Alexa context, voice-forward commands to try to make it as easy as possible to be able to say, "why did you do that," or "delete what I just said," or "delete everything I have ever said" — those kinds of interactions help reduce the friction in privacy, they make it easier for people to exercise those those options.

Your default settings generally represent your organizational bias, in one way or the other. And in this case, the default settings that we have reflect our ability to use data in a way that's going to improve the product and make it better for the customer. So that's where they are. And that's how they've been determined. But they're not immovable. And that's the most important part.

Well, that education piece seems hard, though. We've seen Facebook, for instance, try to explain why it collects a lot of data. And it doesn't necessarily track for a lot of people. There was this big dustup with WhatsApp, people lost their minds. Is it harder than you're making it sound to help people understand what you're doing with their data?

In some ways, I think that this product gives you a more immediate example of that data benefit than other products. I mean, I spent a lot of my career talking about the benefits of targeted advertising, and how if you're going to get an ad, better to get a targeted ad than one that's irrelevant. But the relative benefit to you as a customer, as an individual, for that use of your data doesn't really feel as meaningful as the types of experiences or improvements we're able to make.

And there's lots of data, particularly looking at introducing Alexa into new countries and languages and dialects, where the ability to use that voice data to dramatically improve our responses and our accuracy is something that is noticeable by people over time. I think people would recognize that, that trajectory.

That's fair. And it does seem like most people, when you explain it to them, will understand pieces of it like that.

This is why I love "Alexa, why did you do that?" Because Alexa doesn't always get it right the first time, and to be able to actually ask and get a response about what that reasoning was, and you can see it in real time — you can't do that with a lot of other experiences. That's a cool one that I hope more people use.

But we are faced with some real challenges under regulation about explainable AI. These technologies are getting more and more sophisticated, and when they work really well, sometimes we're delighted, and sometimes we're creeped out. It's that balancing act of like, "Wait a minute, that was really useful … should I be worried?" Which is why trust is so important to develop, so that when you get to that moment, you can offer a customer benefit without it being intrusive, or invasive or feeling somehow uncomfortable. Devices should learn!

You're a privacy person, so I have a current events question for you: We're in the middle right now of this privacy versus transparency debate, where it's either better to let people use encrypted services because they can't be watched or becomes a problem because bad people can do bad stuff in those encrypted services and nobody can find them. And obviously, this shows up in lots of scary ways recently. Where do you fall on the debate?

I will have to speak to this on a personal level, but all the messaging apps I use are end-to-end encrypted for primary messaging. I think it's important, and I think that there's a role that they play that is important. There are lots of people who think that people aren't really concerned about privacy in the world, and we've passed that moment where privacy is an issue. Just based on the number of people that I've seen crop up on Signal and Telegram in the last week, I can tell you that people really are paying attention. So I think that if that's the indicator that we should be looking at, then I would say privacy is not dead. People really do care. And it's something everybody should be paying attention to.