Jodi Daniels is the Founder and CEO of Red Clover Advisors, a boutique data privacy consultancy and one of the few certified Women’s Business Enterprises focused solely on privacy. She is a Certified Informational Privacy Professional (CIPP/US) with over 20 years of experience helping a range of businesses — from solopreneurs to multinational companies — in privacy, marketing, strategy, and finance roles. She has worked with numerous companies throughout her corporate career, including Deloitte, The Home Depot, Cox Enterprises, Bank of America, and many more. Jodi is also a national keynote speaker, a member of the Forbes Business Council, and co-host of the She Said Privacy/He Said Security podcast.
Here’s a Glimpse of What You’ll Hear:
- [03:22] Jodi Daniels talks about how targeted online ads pioneered modern data privacy concerns
- [07:29] Why privacy and cybersecurity are different and vital
- [09:34] The evolution of global privacy laws from GDPR to today
- [12:12] Practical steps for tracking privacy regulations impacting your business
- [14:14] Why most websites get cookie banners completely wrong
- [22:51] The hidden risks of uploading confidential data to AI tools
- [25:24] How AI note-takers can compromise legal and private meetings
- [26:47] Why your everyday software could expose confidential information
- [31:12] Understanding the trend of companies moving AI processing back in-house
In this episode…
AI is moving faster than most businesses can keep up, and the rush to adopt new tools often hides the very real risks lurking underneath. Companies are plugging sensitive data into platforms they barely understand, assuming privacy will simply take care of itself. But what happens when the tools meant to make our lives easier open the door to entirely new vulnerabilities?
According to Jodi Daniels, a longtime authority on digital privacy, the risks aren’t theoretical — they’re already happening. She explains that privacy challenges usually emerge when companies collect or use data in ways people never expected. Jodi emphasizes that the real issue isn’t just technology; it’s whether companies are thoughtful about how data is collected, shared, and protected. Her core message is clear: in an AI-driven world, responsible data practices aren’t optional — they’re a competitive and ethical necessity.
Tune in to this episode of the Smart Business Revolution Podcast, as John Corcoran interviews Jodi Daniels, Founder and CEO of Red Clover Advisors, to discuss managing privacy risks in the age of AI. They talk about the evolution of data regulation, how businesses can avoid common privacy missteps, and what companies should know before using AI tools. Jodi also provides insights on evaluating software vendors and protecting sensitive information.
Resources mentioned in this episode:
- John Corcoran on LinkedIn
- Rise25
- Jodi Daniels on LinkedIn
- Justin Daniels on LinkedIn
- Red Clover Advisors: Website | LinkedIn | Facebook | Email
- She Said Privacy/He Said Security podcast
Quotable Moments:
- “That’s how I got into privacy as I stalked you for cars.”
- “It’s very challenging for any organization to be 100% protected.”
- “The California law started the evolution here in the United States, and today we have 19 state comprehensive privacy laws.”
- “It’s why we put out a significant amount of content to try and simplify that information.”
- “And I encourage everyone listening to really think about what kind of data are you collecting and what would you be okay with that company having access to it?”
Action Steps:
- Assess which privacy laws apply to your business: Understanding your data, customers, and industry helps you determine the regulations you must follow.
- Evaluate every software tool’s data practices: Reviewing how vendors collect, store, and use your information prevents accidental exposure of sensitive or confidential data.
- Establish clear internal AI usage guidelines: Setting boundaries around what data can be uploaded into AI tools protects client trust and minimizes legal risk.
- Strengthen cybersecurity fundamentals: Investing in robust security practices reduces your vulnerability to bad actors who often target smaller businesses with weaker defenses.
- Review and update cookie and tracking practices: Ensuring your website’s tracking aligns with applicable laws helps you avoid penalties, demand letters, and unnecessary compliance risk.
Sponsor: Rise25
At Rise25 we help B2B businesses give to and connect to your ‘Dream 200’ relationships and partnerships.
We help you cultivate amazing relationships in 2 ways.
#1 Podcasting
#2 Strategic Gifting
#1 Our Predictable Podcast ROI Program
At Rise25, we’re committed to helping you connect with your Dream 200 referral partners, clients, and strategic partners through our done-for-you podcast solution.
We’re a professional podcast production agency that makes creating a podcast effortless. Since 2009, our proven system has helped thousands of B2B businesses build strong relationships with referral partners, clients, and audiences without doing the hard work.
What do you need to start a podcast?
When you use our proven system, all you need is an idea and a voice. We handle the strategy, production, and distribution – you just need to show up and talk.
The Rise25 podcasting solution is designed to help you build a profitable podcast. This requires a specific strategy, and we’ve got that down pat. We focus on making sure you have a direct path to ROI, which is the most important component. Plus, our podcast production company takes any heavy lifting of production and distribution off your plate.
We make distribution easy.
We’ll distribute each episode across more than 11 unique channels, including iTunes, Spotify, and Amazon Podcasts. We’ll also create copy for each episode and promote your show across social media.
Cofounders Dr. Jeremy Weisz and John Corcoran credit podcasting as being the best thing they have ever done for their businesses. Podcasting connected them with the founders/CEOs of P90x, Atari, Einstein Bagels, Mattel, Rx Bars, YPO, EO, Lending Tree, Freshdesk, and many more.
The relationships you form through podcasting run deep. Jeremy and John became business partners through podcasting. They have even gone on family vacations and attended weddings of guests who have been on the podcast.
Podcast production has a lot of moving parts and is a big commitment on our end; we only want to work with people who are committed to their business and to cultivating amazing relationships.
Are you considering launching a podcast to acquire partnerships, clients, and referrals? Would you like to work with a podcast agency that wants you to win?
Rise25 Cofounders, Dr. Jeremy Weisz and John Corcoran, have been podcasting and advising about podcasting since 2008.
#2 Our Comprehensive Corporate Gifting Program
Elevate business relationships with customers, partners, staff, and prospects through gifting.
At Rise25, thoughtful and consistent gifting is a key component of staying top of mind and helps build lasting business relationships. Our corporate gift program is designed to simplify your process by delivering a full-service corporate gifting program — from sourcing and hand selecting the best gifts to expert packaging, custom branding, reliable shipping, and personalized messaging on your branded stationary.
Our done-for-you corporate gifting service ensures that your referral partners, prospects, and clients receive personalized touchpoints that enhance your business gifting efforts and provide a refined executive gifting experience. Whether you’re looking to impress key stakeholders or boost client loyalty, our comprehensive approach makes it easy and affordable.
Discover how Rise25’s personalized corporate gifting program can help you create lasting impressions. Get started today and experience the difference a strategic gifting approach can make.
Email us through our contact form.
You can learn more and watch a video on how it works here: https://rise25.com/giftprogram/
Contact us now at support@rise25.com or message us here https://rise25.com/contact/
Episode Transcript
Intro: 00:00
All right. Today we’re talking about the privacy risks of AI that you should be aware of for you and for your clients. My guest today is Jodi Daniels. She is an expert in privacy, especially online, and I’ll tell you more about her in a second. So stay tuned.
John Corcoran: 00:16
Welcome to the Smart Business Revolution Podcast, where we feature top entrepreneurs, business leaders, and thought leaders and ask them how they built key relationships to get where they are today. Now let’s get started with the show.
John Corcoran: 00:32
All right. Welcome everyone. John Corcoran here I am, the host of the show. And you know, if you’ve listened before, hopefully you have that every week. We have smart CEOs, founders and entrepreneurs from all kinds of different companies.
We’ve had Netflix and Grubhub and Redfin and Gusto Kinkos. Go check out the archives. Lots of great episodes for you to check out. And this episode, of course, brought to you by Rise25. At Rise25, we help businesses to give to and connect to their dream relationships and partnerships.
How do we do that? We do that by helping you to run your podcast. We’re the easy button for any company to launch and run a podcast. We do three things strategy, accountability, and full execution. In fact, we invented what some called the Wix of B2B podcasting.
It’s our platform podcast Co-Pilot. So to learn more about that, you can go to our website, rise25.com or email our team at support@rise25.com. All right. My guest here today is Jodi Daniels.
She is the founder and CEO of Red Clover Advisors. It is a leading data privacy consultancy. And she’s got an MBA from Emory in over 25 years of experience in marketing, strategy, finance and of course, privacy. And she has helped everything from startups to fortune 500 companies to build privacy programs. And today, in the age of AI, it’s more relevant than ever how you can protect your privacy for yourself and your clients.
So we’re going to be talking about that here today. And Jodi Love, you know, excited to have you here today. And I always love to get to know what people are like as a kids as a kid first. And so you said that you did a bit of babysitting here or there, But what interested me is that your father was an entrepreneur, had some kind of amorphous business. We’re not quite sure exactly what he did.
Something involving office work. And you’re not quite sure if he paid you either. So apparently it was some kind of indentured servitude that you had from your father. Making you work in this office job in corporate, in the corporate world. So tell me a little bit about what that experience was like.
Jodi Daniels: 02:16
Well, then totally make me. And he had a variety of different businesses that I was aware of, but sort of less relevant because he was always doing a variety of things. My mom also had a real estate business, and I spent a lot of time in in the office, and I would file. I also thought using a computer, which they had back then, was really cool in a typewriter, and I loved pressing all the keys, and therefore I found ways to to actually do that. We had, if anyone ever remembers, actual manila folders, and then you had these little labels that you could type on a typewriter and feed it through.
So I did a lot of filing, a lot of organizing, I thought answering the phone was also really fun and cool, and as well as using a calculator, which I guess was maybe early on because I ended up as an accountant in the beginning of my career. I must have just really liked playing with all the the keys on the keyboard.
John Corcoran: 03:10
And did this like. Kind of preview and interest in privacy. Do you think that there this this led to some kind of interest or. Absolutely not I absolutely not. Okay.
Jodi Daniels: 03:22
Not even close. No. The the privacy story is more one of my roles was building a targeted advertising network for Autotrader.com. So I basically stalked you for cars before Facebook did. Nowadays, people are used to going online.
They’re looking for their shirt or their blender and their pillows, and it follows you around the internet. Well, I did that for cars quite a while.
John Corcoran: 03:45
This is like 20 years ago. This is like late 2000. You’re doing.
Jodi Daniels: 03:48
Late 2000.
John Corcoran: 03:48
That’s right. Yeah. So very early days. Okay.
Jodi Daniels: 03:51
And I, I had many other companies vying for our automotive data because we were the leader in that space, and I told them all, no, it’s our data. So fast forward, the online advertising industry basically banded together and self-regulation, they could kind of see what was potentially coming with actual regulation. And they said, no, no, no, we’re going to police ourselves. So long story short, I was responsible for what this online advertising industry required of the different participants. That’s how I got into privacy.
I then could see how it was evolving. More data, more targeting. The regulation was starting to come to fruition, and nowadays we actually have a number of different laws globally really focused on it. But that’s how I got into privacy as I stalked you for cars. So you’re welcome.
John Corcoran: 04:41
Everyone. I’m wondering, like in those early days, it sounds like you could see that regulation was going to come at some point. What was the conversation like with you talking to other executives and saying, look, one day, this data, this information is going to be really important or paid attention to or people are going to care about it. And, you know, if we’re not careful about it, then regulation is going to really restrict what we can do with it. What was it like when you were did you feel like you were, you know, you know, making a loud noise about it and people weren’t listening to you?
What were those conversations like?
Jodi Daniels: 05:15
I do feel that a lot of the time some people would listen. Some people got it and understood that, and it didn’t really matter which part of the business I was in or just in general. People understood. If I have data and I give it to a company that they don’t know all the nuance, but they kind of expect the company is going to use the data just for me and give me whatever it is that exchange incorporated. So if data was going to be used in a way that might have surprised an individual, that’s where people would run into challenges and companies did that.
You could go in the news and see company A collected this kind of data, but then they also collected more. For example, there was an app. It was a flashlight app. That was a really popular example. Well, it’s a flashlight, so why would it need your contact information?
That was an app that collected contact information. People downloaded it because they wanted a flashlight. Right. There’s there’s where there’s a massive disconnect. And there were oodles of stories just like it.
And at the time people didn’t really get privacy. They kind of thought, well, when I have to deal with it, I’ll deal with it. But until then, I’m just going to keep amassing all the data because I can. And trying to get people to think individual first, not company first, is tricky and challenging, especially here in the United States, where we’re very capitalistic society and companies are all many of them are for profits. That makes sense.
What is in the best interest of the company? It’s taken a lot of mishaps, B corporations, social responsibility, variety of other things, not even just in the privacy space for companies to to start flipping that model. And then globally where they’re required to flip that model. So the privacy laws, for example, in the EU are essentially short version individual first, company second.
John Corcoran: 07:09
So I want to ask about, you know, flash forward 20 years. There have been so many of these large data breaches that have happened. Looking back now, do you think that companies underinvested in privacy programs and didn’t put enough resources into protecting private information?
Jodi Daniels: 07:29
Well, first I’m going to separate privacy and security. They are intertwined. They’re two sides of a coin. Pick whichever analogy you want, but they are actually really different. Security is going to be about protecting the information.
And those are cyber security programs. Then you’re going to have privacy, which is I have all this information and maybe I’ve protected it. Well, can I use it? Should I use it? Did I tell you what I’m doing with it?
Did I give you choices? Privacy is about the the collection, use, sharing and basically choices of the data. And it involves an element of protection. Cybersecurity is one of those that for a long time has been underinvested in a number of companies, but not all companies. Many companies really do take security very seriously.
And it’s also one of those areas where the bad actors are often a step ahead and just continue to find all different ways to be able to exploit whichever new technology and hole that they can possibly find. It’s very challenging for any organization to be 100% protected. It’s it’s just one of those you have to continuously invest and train in people. And as the tech evolves and new new ways of using data and sharing data. Companies have to keep moving with it.
So some companies are moving with it. Some companies are still under-invested and just think especially small companies. If any of you listening are a small business, I highly encourage you to make sure you have your cybersecurity practices in a good place. Because bad actors love small companies. Why?
Because they know that they don’t likely have what is needed in place to protect them, so they’re happy to go and exploit. They have nothing else to do. It makes them happy.
John Corcoran: 09:13
And you you mentioned regulation in Europe. I know California is another one that had an early privacy law. Can you give us. Sure. This could be an hour long presentation on this topic.
But but what has been the the evolution of regulation after, you know, you got involved 20 years ago and kind of saw it start to evolve?
Jodi Daniels: 09:34
Yeah. So the short version is there’s a privacy law in Europe and the UK called the GDPR General Data Protection Regulation and it was effective in 2018. That dates pretty important because that’s kind of the date for modern privacy laws. It’s a really.
John Corcoran: 09:51
Started your company in 2017. So like right before that. Yeah I did.
Jodi Daniels: 09:55
And it’s a really strict law. It requires companies to really think first can they use this data. Significant disclosures. It’s kind of the reason we have cookie banners all over the place. Whether you should or shouldn’t have them, that’s a whole different conversation.
But it was this pivotal moment in time for modern privacy. Other countries around the world copied it some word for word, some tweaks, different parts of it. It’s considered the gold standard right now of privacy laws. If we move forward to the United States, you mentioned the California law. The first comprehensive state privacy law is the California Consumer Privacy Act, CcpA, and it became effective in 2020.
It is not the same as the European privacy law. It’s really different. Both of them have some pieces that are similar, but they’re really different. If you comply with one, you are not 100% in compliance with the other. The California law started the evolution here in the United States, and today we have 19 state comprehensive privacy laws.
Then we have some additional state privacy laws in certain sectors, like if you’re listening and you’re in the health or health adjacent space, you have to worry about a lot in Washington state that is just focused on health and health, could be a yoga studio, could be supplements, could be a fitness app. It’s a very broad law. We have some other laws that focus on children, some on social media, and then we still have some of our federal laws. If anyone here has ever tried to unsubscribe from an email or a text message or a auto dialer, those are all national privacy laws. When you go to the doctor’s office, you get your HIPAA privacy notice.
For those of you here in the United States, if you have a bank account or a credit card statement, you have a certain privacy notice that I’m sure everyone here has read. They’ve never tossed it out or hit delete. But that comes from a financial privacy law. So we have a really patchwork approach here in the United States. And depending on the size of your company and the kind of data you process, you have to pay attention to all of those different laws.
John Corcoran: 11:59
Okay. So it all sounds really overwhelming. How do you keep track of it all? And then also, if I’m a business owner listening to this, how do I keep track of it all? And keep in mind whether it’s going to affect me or not?
Jodi Daniels: 12:12
It’s kind of following for many people the same in HR and tax. It kind of depends on where you are and where your business is. And it’s one of those you have to know enough to have the right people to pay attention. So for us, this is our job. It is our job to pay attention to these different privacy laws.
And our mission is all about simplifying privacy. That’s what we’re here to do. And just like I find HR and compliance overwhelming, I have to go and find the right HR and compliance advisors or tax advisors and rely on their expertise to be able to make sure that I’m doing what I’m supposed to be doing. So for us, we’re paying attention to all of these. We we have our methods of managing that and simplifying it.
It’s why we put out a significant amount of content to try and simplify that information. And anytime we’re talking to a company, our very first questions are trying to determine which laws even affect them because they don’t affect everybody. And then in terms of a business, what they should be doing, my very first suggestion is going to be understanding who you are, who your customers are. Are you a B2B business or B2C business? What type of data meaning are you in an e-commerce site?
Are you? Are you in the health related space? The financial space? The children’s space? Are you a technology company?
Because all of that determines which laws might affect you. And either find an advisor who can help you with that, or there are a lot. There’s so much information online with a little bit of a quick search, you might be able to help easily sort out. I need to worry about this law or that law. Then you can decide do you do a DIY approach or find an advisor to help you?
[continue to page 2]