Shoshana Rosenberg is a seasoned legal and strategic executive with over 20 years of experience, including over a decade in global C-suite roles for professional services and engineering firms. As Chief AI Governance and Privacy Officer and Deputy General Counsel at WSP USA, she leads the Office of Privacy, AI, and Information Governance and serves as lead counsel for Digital. Her portfolio includes AI, data strategy, intellectual property, cybersecurity, and regulatory compliance across all U.S. business lines.

Shoshana is also a Strategic Programs Advisor and lead trainer at Logical AI Governance and the creator of the PRISM™ Framework, a practitioner’s model for responsible AI. A frequent international speaker and co-founder of Women in AI Governance, she is known for adding clarity and insight, and is focused on lifting the voices of others.

Shoshana is also the founder of SafePorter, the only privacy-by-design company for feedback and diversity data, which is both a certified B Corp and the winner of a PICCASO EU Privacy Award.

Our guest holds a J.D. from Rutgers Law, an M.B.A. from UNC Kenan-Flagler, and executive education credentials from MIT, Harvard, and Berkeley in AI, ESG, and leadership. A U.S. Navy veteran, she has also served on multiple nonprofit boards and advisory committees, including NIST’s Privacy Workforce Working Group and IAPP’s Diversity in Privacy Board. Her forthcoming book, Practical AI Governance, will be published by Kogan Page in early 2026.

References:

* Practical AI Governance: Building a Program for Oversight and Strategy (Shoshana Rosenberg, to be released on May 26th 2026)

* Logical AI Governance: Training and Certifications

* Shoshana Rosenberg on LinkedIn

* Daniel Solove: On Privacy and Technology (Masters of Privacy, March 2025)

* Introducing AI Sentinel: AI Governance, simplified (Masters of Privacy toolbox).

Our interactions with generative AI tools start to affect our personal relationships, communication style, and mental health, as well as our own perception of each other’s capabilities. They also leave a new trace of signals that privacy professionals never had to contend with in the past.

As we approach the “personal agent” era, understanding where our individual freedoms and agency truly start and end becomes paramount. After a deeper offline conversation with Marina Taskova, we are today dipping our toes into a subject with profound implications for individual rights, freedom, data protection, commerce, advertising, and media. We will follow it up with other conversations on the topic, which falls right into our sweet spot.

Mirena is a senior expert in data governance, privacy, cybersecurity & AI as well as a lawyer. She was Chief Privacy Officer at Aura until recently, and has over 18 years of experience driving high-growth initiatives in privacy & data governance, AI, and enterprise technology, having held executive roles, including CPO and Managing Director positions. Mirena is a graduate of Stanford University in Law, Science & Technology and has worked in Europe and the US.

References:

* Mirena Taskova on LinkedIn

* Yngvi Karlson (Kin): the rise of the Personal AI Assistant (Masters of Privacy, August 2025)

* Google Assistant puts an end to impolite queries with ‘Pretty Please’ feature (The Next Web, 2018)

* Seven Lawsuits Allege OpenAI Encouraged Suicide and Harmful Delusions (WSJ)

* A.I. Is About to Solve Loneliness. That’s a Problem (The New Yorker, July 14 2025)

* The Myers-Briggs Type Indicator (Wikipedia)

* Kin AI

* New California ‘Companion Chatbot’ Law Imposes Disclosure, Safety Protocol and Annual Reporting Requirements (JD Supra, Skadden)

* Character.AI to Bar Children Under 18 From Using Its Chatbots (New York Times, October 2025).

Chiara Wirz is a dual-admitted lawyer (California-Switzerland) who advises on privacy, AI governance, and cross-border corporate matters. She has served as Corporate Counsel and AI Ambassador at eBay Inc., where she built AI governance frameworks, operationalized AI deployment at the use case level, and trained legal and compliance professionals.

Chiara holds triple IAPP certification, is completing a Professional MBA, and is Co-Chair of the WISP (Women in Security and Privacy) San Francisco Bay Area chapter. She is also an Executive Committee member of the New Lawyers Section and the Liaison of the Privacy Section of the California Lawyers Association.

Our guest is a published author and conference speaker on AI governance (PLI, SCCE, California Lawyers Association).

References

* Chiara Wirz on LinkedIn

* Women in Security and Privacy (WISP)

* EU AI Act-based AI Governance (with AI Sentinel)

* ISO 42001-based AI Governance (with AI Sentinel)

* NIST-based AI Governance (with AI Sentinel).

Can you imagine an all-encompassing dashboard that shows your progress across all three pillars of “digital confidence”: AI governance, privacy, and cybersecurity?

Amy Worley is Managing Director at BRG, a global leader in data protection, information security, and AI governance. A licensed attorney, certified privacy professional, and certified information systems security professional, She formerly served as the Chief Privacy Officer for a billion-dollar pharmaceutical and medical device company and now serves as a fractional Data Protection Officer for several multinational companies.

Our guest is the author of the newly-published book “The Confidence Advantage. Optimizing Privacy, Cybersecurity and AI Governance for Growth”, and we will discuss its contents, how they came to be, and how they apply to the real world.

References:

* Amy Worley on LinkedIn

* The Confidence Advantage (official website)

* The Confidence Advantage (Amazon.com)

* Amy Worley: US privacy compliance for B2B startups, cross-border AI regulation, and a first glance at the American Privacy Rights Act (Masters of Privacy, April 2024)

* NIST-based AI Governance with AI Sentinel (explanatory video)

* DPO Central on TODO.LAW

It is time for a seasonal update at the intersection of Marketing, Data, Privacy and Technology. We will stick to our usual five blocks: ePrivacy & regulatory updates; MarTech & AdTech; AI, Competition and Digital Markets; PETs, Zero-Party Data and Customer Centricity; Future of Media.

This season’s update includes:

* EU, UK, and California fines (Free, Reddit, Disney, PlayOn)

* Progress on the Digital Omnibus

* Important CJEU cases (WhatsApp vs. EDPB)

* AI capabilities spreading fast through MarTech and AdTech

* OpenClaw, Moltbook, Manus, WebMCP

* Fresh DSA and DMA enforcement in the EU (Google, TikTok)

All references and links can be found in a separate blog post available to paid Masters of Privacy subscribers on our website’s Newsroom section (Newsroom Notes: Winter 2026).

Our usual disclaimer: the voice that joins Sergio today is a text-to-speech output generated with Eleven Labs.

John Harman (CIPP-US, CIPP-E, CIPM, FIP) is senior privacy counsel at a major global entertainment company (NBCUniversal), where he advises on emerging privacy challenges at the intersection of AI, biometric data, film marketing and consumer-facing technologies. With a background spanning both legal analysis, incident response, and cross-functional collaboration with product and engineering teams, John helps organizations navigate complex regulatory frameworks including BIPA, the amended COPPA Rule, U.S. privacy laws, and the EU AI Act’s biometric prohibitions. John is known for translating regulatory complexity into actionable guidance, helping teams audit API architectures for biometric data creation, assess AI-driven inference risks, and build privacy-by-design practices that align business objectives with evolving global standards. He emphasizes early engagement with product teams and operational controls that satisfy both enforcement authorities and product goals, positioning privacy as a business enabler rather than a compliance checkpoint.

With John we will start discussing recent news like the networks of Ring cameras working together across neighborhoods and the new features of Meta glasses, to then go into practical ways to deal with innovation in AI, AI governance frameworks, and more.

References:

* John Harman on LinkedIn

* Doorbell cams, surveillance tech face growing backlash (Axios)

* The Legal Case Against Ring’s Face Recognition Feature (EFF)

* Can Federal Law Enforcement Access Your Ring Doorbell Videos (Consumer Reports)

* Meta will ruin its smart glasses by being Meta (The Verge)

* Illinois Legislature Passes Major BIPA Amendment (Paul Hastings, May 2024)

* Introducing AI Sentinel for Masters of Privacy subscribers

How does Google Consent Mode affect ePrivacy compliance, opt-in signals, traffic sampling, marketing performance, and CIPA claims? What are the most common technical mistakes in the configuration of Tag Managers, tracking rules, and consent banners? Where is “do not train” (LLMs) going? Does agentic traffic ruin analytics or the premises of consent?

We have gone through all of this with a true Google Analytics, Google Tag Manager, and website auditing expert.

Phil Pearce is founder of MeasureMinds and creator of ConsentModeMonitor. He started in paid search for CreditCards.com managing a multi-million dollar PPC account, before shifting to Privacy & Analytics about 8 years ago, when he did a series of talks about Black Hat Analytics. More recently, he has been helping brands with technical defence against CIPA & ePrivacy/PECR and GDPR claims. Prior to building his business, Phil worked for ConversionWorks, Jellyfish & Sitemakers as a Google Analytics and Search Specialist. He is a top authority in Google Analytics and Google Tag Manager and is the author of the GTM developer guide as well as host of the GA4ward, GTM4ward and Privacy4Marketers conferences.

References:

* Phil Pearce on LinkedIn

* Consent Mode Monitor (Masters of Privacy Toolbox), free website scans for three months

* Compliance Briefs (Masters of Privacy Toolbox), $500 discount for our listeners

* Lineberry v. AddShopper, Inc. (3:23-cv-01996), May 29, 2025

* MCP Manager by Usercentrics

* Introducing DPO Central: AI-powered privacy program management

* Sealmetrics: cookieless, consentless analytics

Taylor Bloom is a partner at Baker & Hostetler LLP with significant experience operating at the intersection of law, technology and business, with a keen focus on international data protection, data privacy and governance. A certified privacy professional (CIPP/E, CIPP/US and CIPM) and the former in-house counsel at an advertising technology company, Taylor’s diverse strengths include coordinating and leading the implementation of global privacy and data security policies and programs; advising on compliance issues, negotiating agreements with vendors and business partners; and maintaining a deep knowledge of the advertising technology ecosystem and related privacy issues, including those surrounding geolocation and cross-device tracking interest based advertising practices. Taylor brings this experience to advising clients on the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA) and the Colorado Privacy Act (CPA).

References:

* Taylor Bloom at Baker & Hostetler LLP

* Taylor Bloom on LinkedIn

* California Won’t Let It Go: Attorney General Bonta Announces $2.75 Million Settlement with Disney, Largest CCPA Settlement in California History (February 2026)

* Attorney General Bonta Announces Largest CCPA Settlement to Date, Secures $1.55 Million from Healthline.com (July 2025)

* Seneca: MarTech & AdTech Privacy Case Law Research (TODO.LAW)