PP #014: State Regulators Are Testing Your Opt-Out Flow - Here's What They Find

Regulators hired PhDs, built audit teams, and are clicking your opt-out buttons to see what actually happens.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels delivers a dense operational briefing from the IAB Public Policy Summit and IAPP US State Privacy Law Workshop. She breaks down CalPrivacy's new enforcement capabilities, the Delete Act's impact on data brokers, and state-by-state nuances tripping up multi-state programs.

You'll learn how regulators are technically testing opt-out flows, why children's data is now an active enforcement priority, and what vendor oversight looks like beyond the DPA.

Question of the Day 🗣️

When was the last time you tested your own opt-out flow end-to-end - not just the UI, but what actually happens downstream? Tell us in the comments.

Key Take-aways

• CalPrivacy hired computer science PhDs and is walking through opt-outs as consumers would
• The California data broker registry hit 270,000 entities with Delete Act fines starting this fall
• Children's data is now an active enforcement priority across 10+ states
• Your cookie banner acknowledging GPC means nothing if your ad tech stack ignores it
• Legacy pixels and stale tags are the biggest source of violations being found right now

Timestamped Outline ⏱️

00:00 - Introduction and summit overview
00:32 - California enforcement - CalPrivacy and Tom Kemp
01:45 - Data brokers and the Delete Act
02:52 - California actionable items
03:30 - State-by-state nuances that actually differ
06:40 - Automated decision-making requirements
07:35 - Children's data as enforcement priority
09:09 - States really talk to each other
09:32 - Regulators are testing your opt-outs
10:23 - Wiretapping, SIPA, and pixel litigation
13:20 - Vendor management beyond the DPA
14:34 - Key takeaways and closing thoughts

Links & Resources 🔗

• Privacy Perspectives newsletter → https://redcloveradvisors.com/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe & leave a review on Apple Podcasts.

🎁 Get weekly privacy insights - what's shifting across the privacy landscape, what it means for your business, and how to stay ahead: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

You approved an AI tool 3 months ago. The vendor quietly updated the model. Your documentation is already out of date.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels breaks down the 2026 IAPP Global Privacy Summit.

You'll learn what boards actually want to hear about privacy, how to build AI governance that adapts when vendors update their models, and discover the enforcement shifts reshaping cookies, children's data, and advertising compliance.

Question of the Day 🗣️

What privacy topic from the IAPP Summit are you most focused on for your program this year - AI governance, advertising compliance, children's privacy, or something else? Drop it in the comments.

Key Take-aways

• Why static AI governance programs break within months and what monitoring-based governance actually looks like
• What boards want to hear about privacy, and what loses the room instantly
• How EU cookie enforcement shifted from banner design to technical behavior, with real fines
• CalPrivacy's new Audit division plus FTC priorities on algorithms, children, and deepfakes
• India's DPDPA deadlines and what makes its approach different from GDPR

Timestamped Outline ⏱️

00:00 - Introduction and IAPP Summit overview
01:04 - Opening keynotes: Maya Shankar and Salman Rushdie
02:19 - What boards actually want to hear about privacy
03:36 - Online advertising, wiretapping, and cookie compliance
05:06 - California enforcement and Global Privacy Control
06:21 - CalPrivacy audit division and FTC priorities
08:22 - India's DPDPA deadlines vs GDPR
09:59 - AI governance and why static programs break
11:58 - Age assurance as a global regulatory moment
15:51 - Closing thoughts

Links & Resources 🔗

• Jodi's LinkedIn Learning AI Governance Course → https://www.linkedin.com/learning/building-an-ai-governance-program
• Privacy Perspectives Newsletter → https://redcloveradvisors.com/

Connect & CTA 🎯

👉 Enjoyed this? Subscribe & leave a review on Apple Podcasts.

🎁 Join privacy professionals who get Jodi Daniels' "Practical privacy ops tips" every week:https://redcloveradvisors.com/

Credits

Host: Jodi Daniels © 2026 Red Clover Advisors. All rights reserved.

Your Q1 privacy to-do list is a highlight reel of good intentions - here's how to actually finish it.

Episode Summary

In this episode of Privacy Perspectives, host Jodi Daniels breaks down the 7 privacy tasks that most commonly slip in Q1 and what to do about each one.

You'll learn a specific action step for every gap, how to use Cisco's 2026 Privacy Benchmark data to frame your program's value to leadership, and discover why a simple regulatory calendar replaces reactive scrambling with consistent readiness.

Question of the Day

What is the one privacy task you have been putting off the longest? Drop it in the comments - you are probably not alone.

Key Take-aways

• Your data map is the foundation of almost every other privacy activity
• High training completion rates are not the same as effective training
• 99% of organizations report measurable benefits from privacy investments
• A regulatory calendar is the single habit that keeps your program current
• Q2 is for closing gaps, Q3 for resilience, Q4 for planning 2027

Timestamped Outline

00:00 - Introduction and the DYB philosophy
01:05 - Your Q1 to-do list - a highlight reel of good intentions
01:54 - Data mapping and inventory
02:25 - Vendor contract reviews
02:45 - Employee training
03:27 - Risk assessments and PIAs
04:00 - Privacy notice updates
04:29 - Consumer rights request process
04:56 - Policy reviews
05:44 - Why measuring your program matters
07:56 - Staying ahead with a regulatory calendar
08:49 - Your Q2, Q3, and Q4 roadmap
10:24 - The bottom line

Links & Resources

• Cisco 2026 Data Privacy Benchmark Study - https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-privacy-benchmark-study-2026.pdf
• Red Clover Advisors - https://redcloveradvisors.com/

Connect & CTA

Subscribe and leave a review on Apple Podcasts.

Join privacy professionals who get Jodi Daniels' practical privacy ops tips every week: https://redcloveradvisors.com/

Credits

Host: Jodi Daniels (c) 2026 Red Clover Advisors. All rights reserved.