Privacy enforcement is evolving quickly — and brands can no longer rely on “vendor limitations” as an excuse.

In this episode of The Privacy Huddle, Colleen Barry sits down with Ezra Sternstein (AMC Global Media) and Max Anderson (Ketch) to unpack the latest privacy enforcement trends, identity management challenges, vendor accountability, and the growing convergence of privacy and cybersecurity.

Ezra shares unique insights from his background at the New York Attorney General’s Bureau of Internet & Technology, where he investigated privacy and cybersecurity violations firsthand. The conversation dives into recent Disney and Sling settlements, cross-device identity requirements, CCPA cybersecurity amendments, data mapping strategies, and how privacy leaders should prepare for the next wave of regulation.

If you work in privacy, security, compliance, adtech, martech, or legal operations, this episode offers practical guidance on what regulators actually care about — and what organizations must do now to stay ahead.

Some days, the content is great but the tech has other plans. Please bear with the video quality on this one.

In the latest Privacy Huddle, Colleen Barry sits down with Alysa Hutnik, Partner at Kelley Drye, to cover three things on every privacy leader's radar right now:

The SECURE Data Act. Not because it's crossing the finish line anytime soon, but because the elements inside it, particularly around third-party auditing and compliance certification, are signals worth paying attention to now, before they show up elsewhere.

Demand letters. They're not going away. But having the right consent management setup, clean tag configuration, and a defensible banner isn't just good hygiene, it's what gives legal teams something to work with when the letters land.

The U.S. Privacy Summit is back. October 15th, San Francisco, Convene. Free to attend. The anti-conference returns for year two.

Watch the full episode.

Frictionless opt-outs keep coming up. Now we’re hearing what that actually means in practice.

In this week’s Privacy Huddle, Maxwell Anderson joins Colleen Barry live from the Ketch booth at IAPP to break down what’s coming directly from regulators and recent enforcement conversations.

The headline isn’t new. The expectations are just getting more specific.

Regulators are focused on how opt-outs are implemented, not just whether they exist. And that’s where things start to break down.

Frictionless doesn’t mean “easier UX.” It means removing barriers entirely: ✔️ One-click opt-outs, not multi-step flows ✔️ No unnecessary data collection to process a request ✔️ No redirect loops or buried links ✔️ No conflicting paths between banners, forms, and systems

Because if the process introduces friction, it introduces risk.

There’s also a broader signal behind all of this: responsibility sits with the business, not the vendor.

If your implementation doesn’t hold up, it’s your name on the investigation.

We also got into a recurring source of confusion across teams: this isn’t a cookie banner problem.

It’s about how clearly you present “Do Not Sell or Share,” and whether that choice is actually enforced across your environment.

Everyone predicted the enforcement wave. Now it’s here. In this week’s Privacy Huddle, Alysa Hutnik, from Kelley Drye, joins Colleen Barry to break down what the latest settlements from Texas and California are signaling for privacy teams.

Privacy enforcement in California is accelerating — and companies are feeling the pressure.

In this episode of Privacy Huddle, recorded at the California Lawyers Association Annual Privacy Summit at UCLA, Ketch Head of Marketing Colleen sits down with privacy experts Celine and Max to break down the biggest themes emerging from the conference.

The conversation covers the growing role of regulators, why enforcement actions are increasing, and what companies are getting wrong about consent management platforms (CMPs) and privacy vendors. They also discuss why storing consent signals only in the browser may not meet regulatory expectations — and how companies should rethink record-keeping, vendor accountability, and technical architecture.

The episode also explores an important new development: California’s DELETE Act, the state’s data broker law introducing the upcoming DROP deletion mechanism and new compliance obligations starting August 1.

If you work in privacy, legal, compliance, or data governance, this discussion highlights key risks regulators are focusing on and how organizations should prepare.

In this week's episode of the Privacy Huddle, we’re diving into the topic that kept resurfacing at Privacy State of the Union: children’s privacy and age signals.

If you think this is just a COPPA (under 13) issue, think again. Between app store age verification laws, state-level opt-in requirements, and evolving enforcement expectations, brands are now dealing with:

• Jurisdiction-specific obligations (under 13, 15, 16, 17… it depends)
• Age signals flowing in from app stores and potentially browsers
• The reality that “we’re 18+” is no longer a strategy

And perhaps the hardest part? There’s no “easy button.”

Age gating isn’t just a widget. It touches consent, identity, data use, and downstream enforcement. If you can tie identity together for advertising, regulators will expect you to do it for compliance, too.

Watch as Alysa Hutnik, Maxwell Anderson, and Colleen Barry break down what brand leaders should be thinking about now, and why 2026 is shaping up to be a pivotal year for kids’ privacy.

In our latest episode of Privacy Huddle, we sat down the morning after Privacy State of the Union to keep the conversation going, this time with Matthew Dumiak from CompliancePoint and Maxwell Anderson joining Colleen Barry from Ketch. Coming off a day of candid regulator and practitioner discussions, we dig into what’s really top of mind as teams head into 2026:

• Important nuances across U.S. state privacy laws
• How to handle third-party disclosure obligations
• Common blind spots in website data collection
• Moving beyond the basic cookie banner

Watch the full Privacy Huddle for a practical take on where privacy programs are heading, and what it will take to keep up.

Featuring: - Matt Dumiak, CompliancePoint - Maxwell Anderson, Co-Founder and Head of Product, Ketch - Colleen Barry, Head of Marketing, Ketch

In #PrivacyHuddle Episode #90, Alysa Hutnik joins Colleen Barry to discuss takeaways from the Privacy State of the Union event on January 27, 2026 in Washington, DC. They discussed:

• How enforcement expectations are getting more concrete (and more technical)
• Why kids’ privacy and age-related controls are becoming central, not edge cases
• Where teams continue to struggle bridging policy, UX, and backend execution
• What regulators are really looking for when they test programs in practice