
Privacy Huddle: A Data Privacy & AI Governance Podcast
Privacy Huddle breaks down what actually matters in the fast-moving world of data privacy — GDPR, CCPA, AI regulation, consent management, enforcement actions, litigations, and the expert shaping the future of privacy law and tech.
Episodes
Ep. 98 - Your Cookie Banner Won’t Save You From Demand Letters
Raise your hand if you've received a demand letter. Spoiler: you’re not alone. When we ask in privacy conference sessions, 70 - 80% of the room shoots their hand up. Dealing with demand letters has become part of the privacy program norm. In this week's Privacy Huddle, Host and Head of Marketing Colleen Barry and Co-founder & Head of Product Maxwell Anderson break down exactly what privacy tea
Ep. 97 - Buy your CISO a coffee: Advice on CCPA, Amendments, Identity & More
Privacy enforcement is evolving quickly — and brands can no longer rely on “vendor limitations” as an excuse.
In this episode of The Privacy Huddle, Colleen Barry sits down with Ezra Sternstein (AMC Global Media) and Max Anderson (Ketch) to unpack the latest privacy enforcement trends, identity management challenges, vendor accountability, and the growing convergence of privacy and cybersecurity.
Ep. 96 - The SECURE Data Act, Demand Letters & the U.S. Privacy Summit
Some days, the content is great but the tech has other plans. Please bear with the video quality on this one.
In the latest Privacy Huddle, Colleen Barry sits down with Alysa Hutnik, Partner at Kelley Drye, to cover three things on every privacy leader's radar right now:
The SECURE Data Act. Not because it's crossing the finish line anytime soon, but because the elements inside it, particularly
Ep. 95 - What Regulators Are Saying Now (IAPP Privacy Summit 2026)
Frictionless opt-outs keep coming up.
Now we’re hearing what that actually means in practice.
In this week’s Privacy Huddle, Maxwell Anderson joins Colleen Barry live from the Ketch booth at IAPP to break down what’s coming directly from regulators and recent enforcement conversations.
The headline isn’t new. The expectations are just getting more specific.
Regulators are focused on how opt-out
Ep. 94 - What the Latest Enforcement Actions Signal
Everyone predicted the enforcement wave. Now it’s here. In this week’s Privacy Huddle, Alysa Hutnik, from Kelley Drye, joins Colleen Barry to break down what the latest settlements from Texas and California are signaling for privacy teams.
Ep. 93 - Inside the CLA annual privacy summit: hot topics
Privacy enforcement in California is accelerating — and companies are feeling the pressure.
In this episode of Privacy Huddle, recorded at the California Lawyers Association Annual Privacy Summit at UCLA, Ketch Head of Marketing Colleen sits down with privacy experts Celine and Max to break down the biggest themes emerging from the conference.
The conversation covers the growing role of regulato
Ep. 92 - Children's Privacy (U.S. requirements)
In this week's episode of the Privacy Huddle, we’re diving into the topic that kept resurfacing at Privacy State of the Union: children’s privacy and age signals.
If you think this is just a COPPA (under 13) issue, think again. Between app store age verification laws, state-level opt-in requirements, and evolving enforcement expectations, brands are now dealing with:
Jurisdiction-specific obl
Ep. 91 - Privacy Hot Topics with CompliancePoint
In our latest episode of Privacy Huddle, we sat down the morning after Privacy State of the Union to keep the conversation going, this time with Matthew Dumiak from CompliancePoint and Maxwell Anderson joining Colleen Barry from Ketch. Coming off a day of candid regulator and practitioner discussions, we dig into what’s really top of mind as teams head into 2026:
Important nuances across U.S.
Ep. 90 - Privacy State of the Union | Key Takeaways
In #PrivacyHuddle Episode #90, Alysa Hutnik joins Colleen Barry to discuss takeaways from the Privacy State of the Union event on January 27, 2026 in Washington, DC. They discussed:
How enforcement expectations are getting more concrete (and more technical)
Why kids’ privacy and age-related controls are becoming central, not edge cases
Where teams continue to struggle bridging policy, UX,
Ep. 89 - CCPA rulemaking updates: ADMT & risk assessments
In hashtag#PrivacyHuddle Episode #89, Alysa Hutnik joins Colleen Barry to discuss CCPA rulemaking, state sweeps, and more:
1️⃣ ADMT + Risk Assessments: New rules under hashtag#CCPA are not just more of the same. Think executive sign-offs, a clear distinction between "new" and "existing" processing, and ADMT implications that go beyond consumers to employees and B2B contacts.
2️⃣ The multi-state
Ep. 88 - Privacy UX in Auto Industry Ranked: Rivian, Honda & More with Privacy4Cars
What does GOOD privacy UX look like in the auto industry? For the first time, we have real benchmarks—thanks to a massive new report from Privacy4Cars.
In this episode of #PrivacyHuddle, Colleen Barry sits down with Merry M. and Andrea Amico (founder of Privacy4Cars) to unpack their groundbreaking research into privacy user experience across 49 automotive brands. From cookie banners to web portal
Ep. 87 - New CCPA Cybersecurity Requirements
Ep. 86 - California Privacy Law Patchwork Expands?
Don't miss this deep dive into California privacy compliance with Alysa Hutnik and Celine Guillou, Special Counsel at Kelley Drye and former CPPA enforcement attorney. Colleen Barry leads a candid discussion on:
Celine’s unique perspective transitioning from CPPA enforcement to private practice—and the top challenges for in-house privacy teams today, including CIPA litigation and opt-out compl
Ep. 85 - Takeaways from the California AG's latest settlement (Healthline Media)
In the latest privacy huddle, Max Anderson and Alysa Hutnik focus on the recent $1.55 million settlement involving Healthline Media due to privacy violations. The California Attorney General highlighted issues with consumer opt-out processes and the company's failure to adhere to CCPA requirements. The discussion revealed that many companies struggle with misconfigured privacy settings and lack kn
Ep. 84 - Must-dos for modern opt-out compliance
Opt-out compliance is under intense scrutiny—and getting it wrong comes with real risks. In this Privacy Huddle episode, Alysa Hutnik and Colleen Barry walk through 7 critical tips for getting opt-out compliance right. Based on Alysa’s upcoming article, the conversation covers key topics like data flow mapping, CMP configurations, avoiding dark patterns, and why ongoing training and monitoring are
Ep. 83 - Do US state privacy laws require a data map?
In Episode 83 of the Privacy Huddle, Alysa Hutnik returns to tackle one of the most common questions from privacy professionals.
Colleen Barry and Alysa discuss:
- Whether data mapping is essential under current US privacy laws.
- Key state-by-state regulatory updates.
- A noteworthy enforcement insights report from Connecticut that privacy leaders should not miss.
If you're managing a privacy pro
Ep. 82 - CCPA rulemaking: cybersecurity & automated decision-making
In part two of our conversation with privacy expert Jenny Lynn Sheridan, Colleen Barry dives into key insights from recent California Privacy Protection Agency (CPPA) board meetings.
Topics in focus:
Cybersecurity requirements and the debate around zero trust network architecture
Automated decision-making technology (ADMT) and what’s on the horizon for businesses
If your business engages with Cali
Ep. 81 - CPPA rulemaking: assessments, cybersecurity & ADMT change
In the latest episode of Privacy Huddle, Colleen Barry sits down with privacy expert Jenny Lynn Sheridan (CIPP-EU, CIPP-US, AIGP) to explore the California Privacy Protection Agency’s (CPPA) evolving rulemaking. Part one of this two-part series dives into key takeaways from recent CPPA board meetings, with a focus on upcoming risk assessment requirements under CCPA/CPRA. Jenny outlines the types o
Ep. 80 - What regulators won't overlook in 2025
At IAPP Global Privacy Summit, U.S. regulators delivered a clear message: they're looking out for the consumer, and the grace period is over for complying with tablestakes requirements.
In the Ketch booth, Colleen Barry sat down with Red Clover Advisors Founder & CEO (and privacy podcast host) Jodi Daniels to unpack the biggest takeaways from this year’s regulator panels.
🔥 Here are the high
Ep. 79 - IAPP Global Privacy Summit Buzz
Ep. 78 - What US State AGs really want from brands
"More activity doesn’t mean more enforcement." When Paul Singer tells us what U.S. state attorneys general are focused on, we listen👂
If your privacy strategy treats regulators and enforcers like boogeymen, it’s time to rethink your playbook.
In the latest hashtag#PrivacyHuddle, Paul tells Colleen Barry what U.S. state AGs really want from brands. Key takeaways:
💡 Why “being a good corporate ci
Ep. 77 - Honda enforcement order and consumer inquiry trends
In our latest Privacy Huddle, we break down the California Privacy Protection Agency's Honda enforcement order—from the consumer perspective 💡
Regulators are pressure-testing the consumer journey. Counting clicks. Reading confirmation emails. Asking: “Would a normal person—not a privacy lawyer—understand this?” (Spoiler: often, no.)
Alysa Hutnik and Colleen Barry cover:
🚗 Honda and the consumer
Ep. 76 - Code scanning: what is it, and do you need it?
We're interrupting this red hot privacy enforcement news cycle to break down an ALL too buzzworthy topic du jour: "code scanning"
It sounds comprehensive. It sounds deep, man. But does it actually give privacy leaders the full picture of what’s happening with your data?
In the latest #PrivacyHuddle, Colleen Barry sits down with Ketch Co-founder and Head of Product Maxwell Anderson to unpack the
Ep. 75 - Regulator priorities: notice, consent & opt outs
Privacy enforcement is increasing, and regulators are getting more specific. Here’s what they’re focused on right now:
💡 Is your business giving consumers clear, obvious notice? This is the #1 complaint regulators receive from consumers–they can't figure out how to exercise their privacy rights. From banners, to policies, to preference centers: make your language clear and options accessible.
💡
Ep. 74 - DOGE privacy concerns, LiveRamp, CLA Summit
We never thought we'd be talking about DOGE on the hashtag#PrivacyHuddle but here we are 😬 This week, Alysa Hutnik and Colleen Barry dive into:
▪️ Why Alysa's watching the DOGE data access concerns, and what that has to do with AG enforcement bandwidth and priorities
▪️ The interesting analyst questions coming to Alysa's inbox in advance of this week's LiveRamp RampUp conference in San Francisco
Ep. 73 - IAB Annual Leadership Meeting Recap
After an action-packed trip to Palm Springs, Jonathan Joseph and Alysa Hutnik are here with the TL;DR from the IAB Annual Leadership Meeting ⬇️
✍ What marketers are talking about, from measurement to social media
✍ A new consumer insights survey shared by David Cohen
✍ An informative session with CPPA enforcer Michael Macko on enforcement priorities, from data brokers to sensitive data.
Ep. 72 - Unpacking the Texas AG action against AllState
“This is the first enforcement action I’ve seen where the consumer pain is acutely real."
"People’s insurance premiums are going up. Coverage is being denied. And they could have opted out.”
In today’s Privacy Huddle, Alysa Hutnik and Jonathan Joseph break down the big enforcement news out of Texas: AG Paxton taking action against AllState and Arity for sharing driver location and behavior data
Ep. 71 - What Makes a Data Broker, a Data Broker? (New CCPA Requirements)
Did California pull a fast one on us? Because the expanded data broker definition was supposed to be live in April…and it’s live now.
Alysa Hutnik and Jonathan Joseph are kicking off the Privacy Huddle in 2025 with an important, messy (it’s ok you two–it’s not your fault) discussion on how the CPPA is defining a data broker.
Possible brand scenarios:
You have very little first party dat
Ep. 70 - 2024 privacy review and 2025 predictions
Before we turn the page to 2025, let’s break down the biggest topics in data privacy this year.
In the latest Privacy Huddle, Alysa Hutnik and Colleen Barry dive into:
📍 State Laws: If 2024 felt like whack-a-mole, brace yourself—more laws, more enforcement, and Oregon's unique requirements are coming in hot.
📍 Data Broker Laws: Expect broader definitions and behavioral nudges for brands reconsi
Ep. 69 - 2025 US State privacy laws - What to know
We're approaching 2025, which means new U.S. privacy laws are around the corner. On this week's Privacy Huddle, Alysa and Jonathan are diving in ⬇️
5 U.S. state privacy laws come into effect in January 2025:
✔️ Delaware Personal Data Privacy Act (DPDPA)
✔️ Iowa Consumer Data Protection Act (ICDPA)
✔️ Nebraska Data Privacy Act (NDPA)
✔️ New Hampshire Privacy Act (NHPA)
✔️ New Jersey Data Privacy
Ep. 68 - Clean room and privacy - What the FTC left out
Clean rooms and privacy–what the FTC left out of their recent blog 👀
The FTC’s blog this month, "Data Clean Rooms: Separating Fact from Fiction," stirred the pot—but left a lot unsaid. In this episode of the hashtag#PrivacyHuddle, Alysa Hutnik and Jonathan Joseph dig into the current reality of privacy concerns and clean rooms.
Three key takeaways:
1️⃣ It’s still early days. Clean rooms are a n
Ep. 67 - CPPA Board meeting recap: data brokers and automated decision making
Alysa Hutnik and Jonathan Joseph break down the latest CPPA board meeting hot topics: Automated decision-making, expanding the definition of data broker, and CPPA Executive Director Ashkan Soltani's resignation.
➡️ Automated decision-making. Headlines might infer it's a done deal, but CPPA board members are not aligned yet. We don't know what they key dates are, but it's reasonable to expect some
Ep. 66 - Republican leadership impact on data privacy - Post 2024 US Election
The U.S. election is in the rearview mirror, and we're facing a Republican administration and congress. What data privacy changes might be ahead?
In today's Privacy Huddle, Jonathan Joseph asks Alysa Hutnik what the new Republican administration means for privacy and data governance.
As the balance of power shifts, here's what's on the horizon:
➡️ Changes in House committee leadership. New play
Ep. 65 - Will brands need to register as data brokers?
🚨 Breaking: Does the California Privacy Protection Agency (CPPA) think your brand is a "data broker?" Maybe.
This Friday's CPPA meeting could rewrite the rules on what it means to be a "data broker." 😩
The quick summary: even if your brand has a first-party relationship with consumers, if you’re purchasing or appending data from third parties, you might now be considered a data broker under the
Ep. 64 - Looking upstream: big tech and data brokers
This week, Jonathan Joseph discusses large tech companies and data brokers with Raashee Gupta Erry, ex-Federal Trade Commission (FTC) leader and Founder & CEO at Uplevel.
Ep. 63 - Data collection on the web: cookies, pixels and tags
This week, Jonathan Joseph discusses cookies, pixels, tags, and data collection in general with Raashee Gupta Erry, ex-Federal Trade Commission (FTC) leader and Founder & CEO at Uplevel.
Ep. 62 - Sensitive data types and FTC regulation priorities
This week, Jonathan Joseph discusses sensitive data types and FTC regulation priorities with Raashee Gupta Erry, ex-Federal Trade Commission (FTC) leader and Founder & CEO at Uplevel.
Ep. 61 - Regulatory perspectives from an ex-FTC regulator
This week, Jonathan Joseph discusses regulatory perspectives with Raashee Gupta Erry, ex-Federal Trade Commission (FTC) leader and Founder & CEO at Uplevel.
Ep. 60 - New research preview: digital data collection
This week, Jonathan and Alysa discuss a recent study conducted by Ketch on data collection and opt-out practices across 170 websites. The findings revealed a significant increase in web trackers over the past decade, with some sites hosting up to 250 tags. After testing opt-out mechanisms, it was found that 40% of trackers, particularly advertising-related ones, continued collecting data despite o
Ep. 59 - Live from the IAB privacy compliance salon
In this episode of the PrivacyHuddle, Jonathan and Alysa talk address the hot topics at the IAB privacy compliance salon.
Ep. 57 - The CA Age Appropriate Design Code
In this episode of the Privacy Huddle, Jonathan and Alysa talk about the CA Age Appropriate Design Code.
Ep. 56 - Should your cup of coffee cost you your data?
Should ordering a cup of coffee cost you your personal data? ☕️ Jonathan Joseph doesn't think so, and many of you agreed in his viral post ⬇️
In this episode of the #PrivacyHuddle, Jonathan and Alysa Hutnik talk about why brands and companies seem to insist on asking for consumers' personal data whether it makes sense in the context of the buying experience or not.
Tune in to learn:
▶️ Why are
Ep. 55 - Unlocking the Oracle privacy settlement
In this episode of the #PrivacyHuddle, we’re diving into the biggest news in privacy of the week (so far!): the Oracle privacy settlement! Alysa Hutnik and Jonathan Joseph break it down:
✔ The details of the settlement
✔ Oracle’s exit from the data business
✔ What this means for data collection on the internet
Tune in to catch the full discussion
Ep. 54 - Wiretapping laws or privacy laws?
No more manual tasks or basic pop-ups. Make data privacy a flexible, on-brand experience that puts your customer in control. Book a Demo today: https://content.ketch.com/request-demo?utm_campaign=Youtube%20Channel%20Optimization&utm_source=youtube&utm_medium=social
Wiretapping cases are marching through the courts with State AGs leading the charge like they’re in a legal pep rally. The bi
Ep. 53 - Wiretapping wasn't left at the discotech
No more manual tasks or basic pop-ups. Make data privacy a flexible, on-brand experience that puts your customer in control. Book a Demo today: https://content.ketch.com/request-demo?utm_campaign=Youtube%20Channel%20Optimization&utm_source=youtube&utm_medium=social
🪩🕺 Long gone are the days of the discotech but some things from the 70s still live on...including wiretapping!
So why are we
Ep. 52 - TEMU and the Arkansas AG
Sure, those $4 shoes are cute, but are they worth sacrificing your privacy? Or your teen's privacy? 🤔
In this edition of the #PrivacyHuddle, Alysa Hutnik and Jonathan Joseph ask whether the Arkansas Attorney General is too harsh in calling TEMU a "data-theft business."
Tune in as they discuss the AG's new statement, and hear why Alysa compares this to "the flashlight app on steroids" 😳
Ep. 51 - Third party disclosures
In this episode of the PrivacyHuddle, Jonathan and Alysa talk third party disclosures.
Ep. 50 - Data minimization
In this episode of the PrivacyHuddle, Jonathan and Alysa address data minimization.
Ep. 49 - Updating privacy policies as new state laws come online
Ep. 48 - Washington My Health My Data FAQ: OTC medications and publishers
Ep. 47 - Dark patterns 101: Why deceptive user design matters — and consumers are the victims
In this Privacy Huddle, Alysa Hutnik, Attorney at Law and data privacy expert talks to Jonathan Joseph, Head of Solutions at Ketch, the next-gen data privacy software, about dark patterns and deceptive user designs.
Their conversation delves into the nuanced realm of dark patterns in digital design and the evolving landscape of privacy regulations. Exploring scenarios from button sizes to data co
Ep. 46 - Decoding US federal privacy legislation and the American Privacy Rights Act (APRA)
In this Privacy Huddle, Alysa Hutnik, Attorney at Law and data privacy expert talks to Jonathan Joseph, Head of Solutions at Ketch, the next-gen data privacy software, about the new US federal privacy legislation being discussed in congress: the American Privacy Rights Act or APRA.
Watch for a breakdown of spicy American Privacy Rights Act takes, including:
▪️ Types of data protected
▪️ Dark pa
Ep. 45 - Live at IAPP Summit: CPPA enforcement advisory, DSR data minimization, and synthetic data
Ep. 44 - SEC AI washing, chatbot security, and LexisNexis driving data
Ep. 43 - Anderson v. Stability AI and AI training data deletion obligations
Ep. 42 - Biden executive order on foreign location data sales and military data brokers
Ep. 41 - SEC AI washing, chatbot security, and LexisNexis driving data
Ep. 40 - California AG streaming and mobile app do-not-sell sweep
Ep. 39 - California Bar privacy summit, teen data, and enforcement accountability
Ep. 38 - FTC Rite Aid facial recognition and X-Mode geolocation enforcement
Ep. 37 - Five privacy priorities: enforcement, health data, and accountability
Ep. 36 - Australia privacy reform, private right of action, and EU AI Act
Ep. 35 - Connecticut AG on privacy policies, data retention, and measurement
Ep. 34 - Customer data platforms, opt-outs, and cross-context advertising
Ep. 33 - Biden AI executive order, watermarking, and FTC AI enforcement
Ep. 32 - TELUS ISO privacy certification and Pew research on AI trust
Ep. 31 - California Delete Act signed into law and data broker registry
Ep. 30 - IAPP AI panel on data minimization and end-to-end data management
Ep. 29 - Neural rights, brain-computer interfaces, and AI privacy principles
Ep. 28 - California Age-Appropriate Design Code injunction and First Amendment
Ep. 27 - State AG enforcement, Texas privacy law, NAI health advertising, and Delaware privacy law
Ep. 26 - How state AGs coordinate enforcement, Texas privacy law, and NAI health advertising
Ep. 25 - The California Delete Act and data broker regulation
Ep. 24 - Risk assessments, anonymization vs. deletion, and deleting data from AI models
Ep. 23 - US privacy update: attorneys general pulse, AI, and more
Ep. 22 - Zoom AI terms backlash and weaponized data subject requests
Ep. 21 - Zoom AI policy backlash, NatWest DSR bomb, healthcare FTC
Ep. 20 - California CPRA delay, Colorado enforcement, Washington health FAQs
Ep. 19 - EU-US Privacy Framework, Massachusetts location data, preemption
Ep. 18 - Post-workshop DPIAs, July enforcement, clean rooms
Recommended

Bad Friends

The Bill Simmons Podcast

The Joe Rogan Experience

Dubs Talk: A Golden State Warriors Podcast

Fashion Business Mindset

The Money Magnette

Soul Brothers

The Holistic Counselor

The Privacy Insider: Conversations on Data Privacy & AI, Compliance & GDPR

The Holistic Spiritual Counselor’s Podcast

The Psychology of Money: Why Smart People Make Dumb Financial Decisions

My MoneyLife