TrustArc Blog

Meet the Leading Players in the Privacy Ecosystem: Gabe Totino, President & CTO, AssertID

August 19, 2015

gabe_blog

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy. 

What is your organization’s role in the privacy ecosystem?

AssertID provides a web-based self-serve consent platform for consumers, educators and businesses. The platform coordinates the consent process ensuring compliance with regulations such as COPPA and FERPA. It promotes transparency between the parties and encourages the use of best-practices so that businesses can act responsibly and consumers can have a degree of control in their online privacy.

 

What key goals/issues is your organization focused on tackling?

Consumers need to trust that their privacy is not being undermined when online. Businesses need to know that they can get access to information that is integral to providing their service. Our goal at AssertID is to create an effective communication & control channel between the consumer and the provider so that the consumer becomes engaged in privacy matters, and the provider has an opportunity to earn the consumer’s trust and business. We are currently concentrating on facilitating compliance with the COPPA and FERPA laws and engaging parents and educators with the goal of protecting children’s online privacy. This provides us with a good starting point to raise awareness about online privacy and get consumers to become more involved in protecting their privacy while online.

 

How have your organization’s goals/focus changed over the years to address evolving technologies or challenges?

Our focus has not changed considerably over the years. The goal remains the same – to be a catalyst in a movement where businesses become more responsible and open about their practices and consumers become more savvy about their privacy. To that end, we continue to keep abreast of new challenges that businesses face with compliance and continuously evolve the platform to remove any roadblocks they might present.

Looking ahead — what are the most important data privacy issues/concerns you think need to be addressed by the industry and/or government legislation?

Legislators need to continue to put pressure on industry to be mindful of consumer’s privacy. I am not a proponent of too many regulations to the point of stifling industry, but I do believe that some pressure and accountability is needed to ensure that the consumer is protected. At a minimum, the consumer needs to know what data is collected and how it’s being used. And, this information needs to be clearly stated at a level that everyone understands and has access to.

 

What is the biggest current threat (to consumers or businesses)?

I believe that consumer profiling is one of the big threats to an individual’s privacy. Collecting information to ensure a good online experience and perform a few targeted ads is good to a certain point, but amassing data in an attempt to profile and pigeon-hole that individual is dangerous. Best case scenario, it gets very boring for the consumer. Worst case scenario, it’s an assault on the consumer and artificially limits his/her choices and experience.

 

How do you think the Privacy Ecosystem will/needs to evolve over the next 3-5 years to be fit for purpose?

As the number of connected devices increases, so will the amount of information collected. Better tools and more automation are needed to keep in step with the exponential increase in the amount of data. It’s already challenging for privacy managers to deal with current data volumes, they need better tools to handle future growth.

 

Tell us about your role at AssertID.  How did you start working in the privacy field and why do you enjoy it?

I’ve been involved in some aspect of security or privacy for many years. I’ve worked on VPN access networks, PKI infrastructures and identity management systems. I came to AssertID when we were experimenting with an online identity management system based on social network verification. As CTO at AssertID I ensure that our consent platform delivers powerful features in an easy to use format. My personal goal is to eliminate all barriers that hinder compliance with privacy laws and to help in promoting transparency to the benefit of business and consumer.

 

What do you wish more people, business, etc. knew about privacy?

There is nothing wrong with collecting information but people have the right to know how it’s being used. When they understand how it’s used and trust that it’s for a legitimate purpose, they are not as apprehensive about using a service and everyone wins.

 

Privacy_Ecosystem_081815