One unified privacy program beats 20 patchwork state programs every time - here's how to build it.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels tackles the question every multi-state company is asking: do you need a separate privacy program for each state law? With 20 state privacy laws now on the books, Jodi breaks down why one right-sized program built to the strictest standard covers you everywhere - and shares a practical framework for getting there.

Question of the Day 🗣️

Are you building your privacy program to the strictest applicable standard, or are you still managing state-by-state? Drop your approach in the comments.

Key Take-aways

• Build one unified program to the highest standard instead of 20 separate state programs
• The HR and tax analogy makes multi-state privacy compliance click instantly
• Coverage thresholds vary by state and catch companies off guard
• Assign one privacy owner and build a review cadence to stay current
• Use a living tracker to keep pace as new state laws pass

Timestamped Outline ⏱️

00:00 - A thank you to this community
00:23 - The question every company asks
00:52 - The privacy law landscape right now
01:46 - The patchwork is real and growing
02:33 - From 1 state to 20 in seven years
03:07 - Privacy is like HR and tax
04:09 - One program built for variations
04:26 - Build to the highest standard
05:03 - Where state laws actually differ
06:18 - Coverage thresholds that catch companies off guard
06:54 - Where to start depends on where you are
07:25 - Step 1: Assign one owner
07:41 - Step 2: Use the right resources
07:59 - Step 3: Build a review cadence
08:13 - Step 4: Keep a living tracker
08:31 - One program built to last
09:04 - Your starting point this week

Links & Resources 🔗

• Privacy Perspectives newsletter - weekly privacy insights for your business → https://redcloveradvisors.com/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe & leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

If you stepped away for two weeks, would your privacy program keep running - or stall completely?

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels shares a deeply personal story about losing her father and her dog within 24 hours - and what that unexpected absence revealed about her own business.

You'll learn why most privacy programs are more fragile than they appear, how to spot the warning signs of single-point-of-failure risk, and five practical steps to build a program that keeps moving without you.

Question of the Day 🗣️

If you had to step away from your role for two weeks with no notice, what part of your privacy program would stall first?

Key Take-aways

• Being pulled away unexpectedly reveals if your program is resilient or fragile
• Two warning signs: bottlenecks in approvals and complete misses on requests
• Programs built around a person instead of a process carry hidden risk
• Cross-training, light automation, and documented workflows reduce single-point failures
• The goal is resilience, not perfection - start simple and build from there

Timestamped Outline ⏱️

00:00 - Losing my father and my dog in 24 hours

00:20 - Red Clover's "Chief Canine Officer"

01:11 - A daddy's little girl and what my dad shaped in me

01:41 - My dad was in sales his whole life

02:04 - Saturday afternoons in his office as a kid

03:01 - Learning to build genuine relationships

03:37 - His mantra - Do Your Best (DYB)

04:39 - The week I stepped away from business

04:52 - What happened next - a business owner's dream

05:32 - Shifting from personal to privacy

06:10 - What being pulled away reveals about your program

06:32 - One privacy contact - what happens when they're out?

07:01 - Bottlenecks and complete misses

07:53 - When things go unnoticed until it's too late

08:24 - Built around a person instead of a process

09:01 - Step 1: Create one simple intake point

09:19 - Step 2: Cross-train at least one backup

09:31 - Step 3: Add light automation

09:43 - Step 4: Document the essentials

09:53 - Step 5: Spot check for misses

10:05 - The goal is resilience, not perfection

Links & Resources 🔗

• She Said Privacy, He Said Security podcast → https://redcloveradvisors.com/podcasts/
• Subscribe to Privacy Perspectives → https://redcloveradvisors.com/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe and leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

69% of consumers worry their biometric data could be compromised. So should you trust CLEAR with yours?

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels walks through exactly how a privacy professional evaluates a company like CLEAR - from cookie banners and privacy policies to trust centers and AI disclosure.

You'll learn what to look for when evaluating any company's privacy practices, why CLEAR's approach mostly impressed but missed on AI transparency, and the framework every privacy decision ultimately comes down to: do you trust the company?

Question of the Day 🗣️

Would you sign up for CLEAR? What would it take for you to trust a company with your biometric data? Share your take in the comments.

Key Take-aways

• CLEAR capitalized on TSA PreCheck uncertainty with targeted, well-timed marketing
• Cookie banners, privacy commitment pages, and FAQs all factor into a privacy evaluation
• The one gap in CLEAR's transparency: no AI disclosure
• Trust centers are the future of customer confidence and competitive differentiation
• Every privacy decision comes down to one question: do you trust the company?

Timestamped Outline ⏱️

00:00 - Would you trade your data to skip the line?
00:57 - TSA PreCheck closure sparks a CLEAR opportunity
01:42 - CLEAR's clever marketing campaign
02:27 - How a privacy pro evaluates CLEAR
02:48 - Cookie banner and consent review
03:35 - CLEAR's privacy commitment page
04:47 - Why CLEAR needs a trust center
05:50 - Reading the actual privacy policy
07:28 - What security and privacy pros think of CLEAR
08:28 - The pinnacle of a privacy program - trust

Links & Resources 🔗

• Identity Theft Resource Center Biometric Data Report - https://www.idtheftcenter.org/publication/itrc-biometric-consumer-attitude-report/
• Mike Hintz's Blog on Washington My Health My Data Act - https://hintzelaw.com/mikehintze
• She Said Privacy, He Said Security Podcast (trust center episode) - https://redcloveradvisors.com/podcasts/
• Jodi Daniels on LinkedIn - https://www.linkedin.com/in/jodihoffmandaniels/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe and leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

Your privacy notice is posted and consent banners are live - so why is your organization still carrying unmanaged risk?

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels uses a health insurance analogy to expose why most privacy programs look good on paper but fail in practice. Coverage and health are not the same thing.

You'll learn how fragmented ownership across departments creates hidden risk, the 4 practical steps to move from checkbox compliance to coordinated privacy care, and why shared accountability is the only model that scales.

Question of the Day 🗣️

What's one preventative privacy step you'd recommend to a fellow privacy pro? Drop it in the comments!

Key Take-aways

• Having privacy artifacts in place doesn't mean your program is actually healthy
• Fragmented ownership across marketing, legal, IT, and HR creates hidden, unmanaged risk
• Privacy leaders should act as the primary care physician, coordinating across specialists
• Preventative care beats constant firefighting - design for resilience, not reaction
• Four steps: define checkups, establish triggers, simplify intake, measure system health

Timestamped Outline ⏱️

00:00 - Privacy is a lot like health insurance
01:01 - Coverage is not the same as health
01:59 - Real examples of privacy gaps in organizations
03:18 - The fragmented care model
04:53 - Every department manages its own body part
05:42 - Privacy leaders are the primary care physician
06:26 - Preventative care vs. constant firefighting
08:22 - Practical steps to coordinated privacy care
10:05 - Establish clear engagement triggers
11:14 - Measure system health, not just activity
12:03 - Designing for resilience

Links & Resources 🔗

• Jodi Daniels on LinkedIn - https://www.linkedin.com/in/jodihoffmandaniels/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe and leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

Ring spent millions on a heartwarming Super Bowl ad. What they didn't mention changes everything.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels breaks down the privacy firestorm behind Ring's Super Bowl ad. Every compatible Ring camera was silently enrolled in an AI-powered neighborhood scanning network - no consent required.

You'll learn how Ring's Search Party feature actually works, why the opt-out design choice turned innovation into a PR crisis, and what privacy professionals can take back to their next business meeting.

Question of the Day 🗣️

What opt-in by default technology have you seen that has you frustrated? Drop a comment - Jodi may feature it in a future episode (your name is optional).

Key Take-aways

• Ring enabled Search Party by default, enrolling millions into an AI scanning network without consent
• Ring has a history of sharing footage with law enforcement without warrants
• The backlash came from customers, not just privacy advocates - a listening problem
• Opt-in vs. opt-out is a design choice with massive trust consequences
• This is the case study privacy pros can use to advocate for privacy inside their organizations

Timestamped Outline ⏱️

00:00 - Ring's Super Bowl ad that backfired
00:58 - How Search Party actually works
01:45 - The opt-out problem - enabled by default
02:34 - Ring's history with law enforcement
03:29 - Ring's response and dropped partnerships
03:57 - Why wasn't Search Party opt-in like Familiar Faces?
04:37 - This is a listening problem
05:38 - The takeaway for privacy professionals
06:48 - Companies that win in the AI era

Links & Resources 🔗

• Jodi Daniels on LinkedIn - https://www.linkedin.com/in/jodihoffmandaniels/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe and leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

Your privacy policy is on a shelf while your teams make data decisions in the dark. Training is the fix.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels explains why cookie and web tech governance training is the bridge between policy on paper and privacy that actually works in practice.

You'll learn why training is a business accelerator (not a compliance checkbox), how the Ebbinghaus forgetting curve proves one-time training fails, and how to get started without over-engineering your approach.

Question of the Day 🗣️

Does your company treat privacy training as a one-time checkbox or an ongoing program? What's worked (or not) for you?

Key Take-aways

• Training is a business accelerator, not a compliance checkbox
• Cookie governance isn't just a marketing problem - IT, product, and analytics all play a role
• The Ebbinghaus forgetting curve proves one-time training doesn't stick
• Guardrails let teams move faster, not slower - think brakes on a car, not roadblocks
• Start with real scenarios customized to each stakeholder group

Timestamped Outline ⏱️

00:00 - LinkedIn post sparks a deeper dive
00:44 - The bridge between policy and process
01:36 - Training is a business accelerator
02:11 - Why cookie governance training is surging
03:39 - What different stakeholders care about
05:23 - Training as enablement, not enforcement
07:04 - The brakes analogy from IAPP
07:59 - Why one-time training doesn't work
10:39 - Training reduces risk upstream
11:26 - How to get started without over-engineering
12:52 - Why this matters now

Links & Resources 🔗

• Jodi Daniels on LinkedIn - https://www.linkedin.com/in/jodihoffmandaniels/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe and leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

Regulators are checking your privacy notices, your opt-out flows, and even the date on your policy. Here's what they said.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels recaps the key takeaways from the first-ever 2026 Privacy State of the Union summit hosted by Red Clover Advisors alongside Kelley Drye and Ketch.

You'll learn what state and federal regulators are prioritizing, why age verification is about to get much harder, and what practical steps every privacy team should take right now.

Question of the Day 🗣️

What area of privacy regulation are you most focused on heading into 2026? Drop it in the comments.

Key Take-aways

• State privacy laws continue expanding - know which states to watch and which bills are moving
• SEPA lawsuits and demand letters are creating a new wave of enforcement pressure
• FTC priorities center on children's data, age verification, and COPPA compliance
• Operationalizing age assurance state by state will be one of the hardest challenges ahead
• CTV, media, and ad tech face new privacy scrutiny around sensitive data and inferences

Timestamped Outline ⏱️

00:00 - Travel chaos and getting to DC
00:40 - What is the Privacy State of the Union
02:01 - State privacy law expansion
02:49 - SEPA lawsuits and demand letters
03:16 - Federal bills: COPPA 2.0, age verification, chatbots
04:21 - FTC priorities and children's data
06:25 - Age verification challenges for privacy pros
08:12 - Regulator perspectives: Delaware AG and Texas AG
10:18 - CTV, media, and ad tech privacy
11:44 - CalPrivacy enforcement with Michael Macko
14:16 - Key takeaways for 2026

Links & Resources 🔗

• Newsletter on Privacy Risk Assessments - https://redcloveradvisors.com/what-does-my-inbox-say-about-privacy-these-days/
• Jodi Daniels on LinkedIn - https://www.linkedin.com/in/jodihoffmandaniels/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe and leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

Some companies are cutting privacy budgets while others are hiring - here's what's really happening and what it means for you.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels shares real-time observations from her weekly conversations with privacy teams and breaks down why privacy risk assessments need your attention now.

You'll learn why AI governance questions lead directly to risk assessments, what CCPA's January 2026 deadline requires, and practical steps whether you're starting from nothing or updating what you have.

Question of the Day 🗣️

Where is your organization on the privacy risk assessment continuum - no process, manual, basic software, or fully automated? Drop a comment below.

Key Take-aways

• Privacy teams face a "seesaw" in 2026 - some companies cutting, others actively hiring
• AI governance questions lead directly back to privacy risk assessments
• CCPA's privacy risk assessment deadline is catching companies off guard
• Threshold assessments reduce the burden on business teams without sacrificing rigor
• Your data inventory and risk assessments are interconnected - you can't do one well without the other

Timestamped Outline ⏱️

00:00 - What I'm hearing from companies this week
00:24 - Privacy roles are shifting
01:49 - The privacy "seesaw" prediction
03:10 - AI governance meets privacy risk assessments
05:16 - CCPA's risk assessment deadline is surprising companies
05:50 - The privacy maturity spectrum
06:56 - Threshold assessments to reduce the burden
08:20 - Why privacy is a "spider web"
09:55 - Do you need software?
10:32 - Practical next steps for your organization

Links & Resources 🔗

• Blog: How to Evaluate Privacy Software - https://redcloveradvisors.com/how-to-evaluate-privacy-software/
• David Staus's Peak Privacy Post on LinkedIn - https://www.linkedin.com/newsletters/the-peak-privacy-post-7418043766282014721/
• Jodi Daniels on LinkedIn - https://www.linkedin.com/in/jodihoffmandaniels/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe and leave a review on Apple Podcasts.

🎁 Every week, Privacy Perspectives breaks down what's happening in privacy, what it means for your business, and how to stay ahead. Subscribe so you don't miss the next one: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.