So, this is probably naive of me, but so far I haven’t really been able to find the answer on the web.
Recently I subscribed to a personal info removal company called Incogni, only to find out that they sent a staggering 123 removal requests on my behalf. I never imagined there were that many companies in that business. So far in 20 days, 70 requests have been fulfilled, but 53 are still pending.
Which made me wonder… given my personal data seems to be sold, re-sold and re-re-sold without my express consent, or ability to opt out… if I knew I’ve informed my legit service providers, plus those I have legit obligations to (employer, state, etc.)… how easy would it be to obfuscate it on a regular basis, by simply providing a new, creative address, to entities I don’t get mail communication, or deliveries, from?
So, has anyone tried to trace the map by which a new address, cell phone number, etc. makes its way through the 123 or so data brokers? What are the ‘input nodes’ to that graph?
I’m not sure but it is a good question and a good project if none already exists.
If looking at work history from employee of these companies on linkedin we might discover more.
You can go to inteltechniques and peruse their data removal guide. That is basically a massive list of brokers / sites that may have your data.
Yeah, I have considered doing this and I just don’t have the time and patience for it. I currently pay $20/year for easyoptouts and it’s been one of the best decisions I’ve ever made. I believe they check back and scrape periodically throughout the year and it’s very effective.
The only concern with easyoptouts is they will send requests to brokers they are not sure of, which can lead to data brokers who had no data on you now being sent it. This is not a specific problem for them, as other services do this as well.
I’ve searched the web for my name, home, and phone number. Haven’t found anything on myself yet.
Your information is already out there, they could’ve easily have found the information by indexing the other sites as well, they didn’t have to wait for you to submit a request with info they could’ve found online.
Same thing with Easyoptouts, these guys don’t ask for anything other than the information you want removed already public online, they don’t ask for ssn or any other private info.
“I’ve searched the web for my name, home, and phone number. Haven’t found anything on myself yet.”
All this means is your not very good at finding that info. You even stated there are 53 pending brokers, meaning that info is available online.
“Your information is already out there”
This is kind of an odd line of reasoning to hide behind. One one hand you are willing to pay to have your data removed, on the other hand you don’t mind a service actively handing over data because its “already out there”
Again this isnt specific to easyoptouts. Other data removal services do this as well. It would be less of an issue if once your data is removed its permanent but there is nothing stopping brokers from re-adding you, and now your on the radar of new brokers.
I’d like to reverse engineer, where they get the data from, in the first place. But thanks for the great resource!!
There’s a state the required that data brokers sign up onto a list if they wished to sell data from residents of that state. Rhode Island I think. Not sure if the list is publicly accessible or not.
I used to work for a data broker. The main problem here is that profiles are created and compiled from public data. There aren’t any P.I.s at work here… Just massive amounts of data dumps that anyone could access. If you include PII data like socials, then there are limitations on who can view it… But not really that hard to circumvent. A human could not possibly compile profiles from terrabytes of public data, but our programmers could… And this is the real problem. much of this data was public before current computer logic existed and no one foresaw the huge privacy implications.
For my company, only requests that come from persons living in California were honored…and only the person could request removal, not a 3rd party on behalf of the person. Sux.
And FYI, any searches for certain people would be reported to the authorities… Like if you searched Donald Trump with SSN Inclusion, we had to report it to secret service.
Anyone know if incogni is legit?
It’s much better to go through the list of data brokers manually and submit your information twice a year, if you have the time. Like doing taxes, but for privacy.
What makes you think your data has even been sold at all? Most likely a majority of those companies are just resellers of TransUnion, Equifax, or Experian. The 3 big credit bureaus. So while incogni sent then requests the smaller companies may host no data of yours, just the other 3.
Money is clearly being made using our personal aggregated data. Search for “data brokerage market”, and you’ll stumble upon articles and PR along the lines of “Data Brokers Market Estimated to Reach US$ 462.4 billion by 2031”, for example: https://www.globenewswire.com/news-release/2022/08/01/2489563/0/en/Data-Brokers-Market-Estimated-to-Reach-US-462-4-billion-by-2031-TMR-Report.html
I’m aware that money is made. Most of the time companies are buying API feeds of data from the big 3. So unless someone specifically looked you up, then I am saying your data is probably just sitting in their databases.
Let me take a real life example here. Let’s say I’m worried about SIM-swapping schemes, and I go and get a phone number for my banking, and my banking only. If THAT number suddenly shows up in the midst of the 123+ so data brokers, then clearly, me getting a phone number dedicated to avoiding SIM-swapping, is useless. That’s one of the use cases. Makes sense?