Data Brokers: The Companies Selling Your Life—and How to Delete Your Data
Data brokers know 1,500+ facts about you. California DROP platform launches Jan 2026 to mass-delete. Complete opt-out guide for Spokeo, BeenVerified, and 500+ brokers.
By Compens.ai Editorial Team
Insurance Claims Expert
Data Brokers: The Companies Selling Your Life—and How to Delete Your Data
Updated: December 2025
Your Digital Dossier Is For Sale
Right now, companies you've never heard of know more about you than your closest friends. They know your address, your phone number, your email, your income, your health conditions, your political views, your purchasing habits, your relationship status, and hundreds of other data points about your life.
These companies are called data brokers, and they buy, compile, and sell your personal information to anyone willing to pay. Marketers, scammers, stalkers, employers, landlords—anyone with a credit card can purchase detailed profiles on nearly every American adult.
The industry is massive: an estimated $200+ billion market that trades in the personal details of billions of people worldwide. And until recently, there was almost nothing you could do about it.
That's changing. California's groundbreaking Delete Act creates a one-stop tool to remove your data from every broker in the state. The DELETE Request and Opt-Out Platform (DROP) launches in January 2026, giving consumers unprecedented power to reclaim their privacy.
This guide explains how data brokers work, what rights you have, and exactly how to delete your information.
The Data Broker Industry
| Statistic | Figure | |-----------|--------| | Estimated market size | $200+ billion | | Americans with profiles | 95%+ of adults | | Data points per person | 1,500+ average | | Registered CA brokers (2025) | 500+ companies | | DROP launch date | January 1, 2026 | | Penalty for non-compliance | $200/day per request |
---
Understanding Data Brokers
What Data Brokers Do
Data brokers are businesses that collect personal information from various sources, compile it into detailed profiles, and sell those profiles to third parties. They typically have no direct relationship with the people whose data they sell.
Where they get your data:
- •Public records: Court filings, property records, voter registration, marriage/divorce records, bankruptcy filings
- •Social media: Public profiles and posts scraped from Facebook, LinkedIn, Twitter, Instagram
- •Purchasing data: Credit card transactions, loyalty programs, online shopping
- •Location data: Apps that sell your GPS history to data aggregators
- •Web browsing: Cookies, trackers, and fingerprinting that follow you across the internet
- •Surveys and sweepstakes: "Free" contests that harvest data
- •Other data brokers: They buy and sell among themselves
What they know about you:
The average data broker profile contains 1,500+ data points per person:
- •Full name, aliases, and nicknames
- •Current and past addresses
- •Phone numbers (including unlisted)
- •Email addresses
- •Social Security Number (sometimes)
- •Date of birth
- •Family members and associates
- •Income and net worth estimates
- •Credit score ranges
- •Employment history
- •Education history
- •Political affiliation and donations
- •Religious affiliation
- •Health conditions (inferred)
- •Sexual orientation (inferred)
- •Purchasing preferences
- •Hobbies and interests
- •Vehicle information
- •Property ownership
- •Criminal records
- •Social media profiles
Major Data Brokers
Consumer Data Brokers:- •Acxiom: One of the largest, claims profiles on 2.5 billion consumers
- •Experian: Yes, the credit bureau is also a data broker
- •Oracle Data Cloud: Massive digital advertising data
- •LexisNexis: Legal and risk data
- •Epsilon: Marketing data giant
- •Spokeo: Aggregates public records
- •BeenVerified: Background check service
- •Whitepages: Phone and address lookups
- •Intelius: People search
- •PeopleFinders: Public records aggregator
- •Radaris: Comprehensive people search
- •TruePeopleSearch: Free people search
- •FastPeopleSearch: Quick lookups
- •CoreLogic: Property and real estate data
- •Equifax: Credit data (and data broker)
- •FICO: Credit scoring and data
- •TransUnion: Credit bureau and data broker
Who Buys Your Data
Marketers: To target you with ads based on your profile
Insurance companies: To assess risk and set premiums
Employers: To screen job applicants (often illegally)
Landlords: To vet potential tenants
Financial institutions: For fraud detection and credit decisions
Law enforcement: Often without warrants
Political campaigns: To microtarget voters
Scammers: To craft convincing fraud attempts
Stalkers: To locate victims
---
California's Delete Act: A Game Changer
What the Delete Act Does
Signed into law on October 10, 2023, California's Delete Act (SB 362) creates unprecedented rights for consumers to delete their data from data brokers:
The DROP Platform
The California Privacy Protection Agency (CPPA) built the Delete Request and Opt-Out Platform (DROP)—a single website where California residents can submit one request that goes to ALL registered data brokers.
How it works:- •Visit the DROP platform (launching January 1, 2026)
- •Submit a single deletion request
- •All registered data brokers receive your request
- •They must delete your data within 45 days
- •You can submit new requests as needed
Data Broker Requirements:
- •Must register with California and pay $6,600 annual fee
- •Must check DROP every 45 days for deletion requests
- •Must process deletions within 45 days
- •Must report status: "deleted," "opted out," "exempt," or "not found"
Penalties That Bite
In October 2025, Governor Newsom signed SB 361, dramatically strengthening enforcement:
Per-request, per-day penalties: Data brokers face $200 per day for each unprocessed deletion request. This means:
- •1,000 pending requests × 30 days = $6 million potential penalty
- •Creates massive financial incentive for compliance
- •First-of-its-kind penalty structure in the US
- •Failure to register: Up to $200 per day
- •False registration information: Additional penalties
- •CPPA enforcement actions
Recent Enforcement Actions
The California Privacy Protection Agency has already taken action:
Data Broker Shutdown (February 2025)
A data broker promoting its ability to dig up "scary" amounts of personal information agreed to shut down after CPPA enforcement action. The broker had marketed services to locate individuals and compile detailed profiles without consumer consent.
Marketing Firm Fine (December 2025)
CalPrivacy fined a marketing firm for selling custom audience data without registering as a data broker—establishing that "audience" targeting constitutes data brokering.
---
Your Rights Under California Law
CCPA/CPRA Rights
Even before DROP launches, California residents have extensive privacy rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Right to Know- •What personal information businesses collect
- •Where they got it
- •What they use it for
- •Who they share it with
- •Request deletion of your personal information
- •Businesses must comply within 45 days
- •Must verify your identity first
- •Stop the sale of your personal information
- •Businesses must honor "Do Not Sell" requests
- •Global Privacy Control (GPC) browser signals must be honored
- •Request correction of inaccurate information
- •Must respond within 45 days
- •Control use of precise geolocation
- •Control use of race, religion, sexual orientation
- •Control use of health information
How to Exercise These Rights
Before DROP (Now through December 2025):
You must contact each data broker individually:- •Find the company's privacy policy
- •Locate their "Do Not Sell" or deletion request form
- •Submit a request with identity verification
- •Follow up if no response within 45 days
After DROP (January 2026+):
- •Visit DROP platform
- •Submit single request
- •All brokers receive notification
- •Monitor compliance
---
Step-by-Step: Delete Your Data Now
Strategy 1: Use Data Removal Services
Several paid services automate the opt-out process:
DeleteMe ($129/year)- •Removes data from 750+ sites
- •Quarterly scans and removals
- •Reports showing progress
- •Covers 180+ data brokers
- •Automated removal requests
- •Dashboard tracking
- •Continuous monitoring
- •Automated removals
- •Family plans available
- •Tiered service levels
- •Covers 200+ sites
- •Free basic scan
Strategy 2: DIY Opt-Outs (Free but Time-Consuming)
Priority targets (start with these major brokers):
1. Spokeo- •Visit: spokeo.com/optout
- •Search your name
- •Copy the URL of your listing
- •Submit opt-out request
- •Visit: beenverified.com/opt-out
- •Search your name
- •Submit removal for each listing
- •Verify via email
- •Visit: whitepages.com/suppression-requests
- •Find your listing
- •Verify ownership
- •Submit suppression
- •Visit: intelius.com/opt-out
- •Search your name
- •Submit opt-out form
- •Fax or mail required (yes, really)
- •Visit: peoplefinders.com/opt-out
- •Locate your record
- •Provide email for verification
- •Confirm removal
- •Visit: radaris.com/control/privacy
- •Create account (required)
- •Search for records
- •Request removal
- •Visit: truepeoplesearch.com
- •Find your listing
- •Click "Remove This Record"
- •Verify via email
- •Visit: fastpeoplesearch.com/removal
- •Enter name and state
- •Submit removal request
- •Verify via email
Strategy 3: California DROP Platform (Coming January 2026)
When it launches:- •Navigate to privacy.ca.gov (or direct DROP link)
- •Create account with identity verification
- •Submit single deletion request
- •All registered brokers receive notification
- •Track status through dashboard
- •California residents
- •Can request deletion and opt-out
- •Covers all registered data brokers (~500+ companies)
---
Rights in Other States
States with Data Privacy Laws
Virginia (VCDPA)- •Right to delete personal data
- •Right to opt out of sale
- •Effective January 1, 2023
- •Similar rights to California
- •Opt-out rights
- •Effective July 1, 2023
- •Deletion rights
- •Opt-out of sale
- •Effective July 1, 2023
- •More business-friendly
- •Limited deletion rights
- •Effective December 31, 2023
- •Comprehensive privacy law
- •Deletion and opt-out rights
- •Effective July 1, 2024
- •Strong consumer rights
- •Effective July 1, 2024
Montana, Iowa, Indiana, Tennessee, Delaware, New Jersey all have privacy laws taking effect 2024-2025.
Federal Protection (Limited)
No comprehensive federal data broker law exists. However:
Fair Credit Reporting Act (FCRA): Covers consumer reporting agencies (like credit bureaus) but not general data brokers
Gramm-Leach-Bliley Act: Covers financial institutions' data sharing
HIPAA: Covers health information (narrow definition)
Children's Online Privacy Protection Act (COPPA): Protects children under 13
---
Protecting Yourself Proactively
Reduce Your Data Footprint
Limit what you share:- •Use aliases for non-essential accounts
- •Create separate emails for shopping, subscriptions
- •Don't enter real birthdate unless required
- •Use a P.O. box or mail forwarding service
- •Review social media privacy settings
- •Make profiles private or delete unused accounts
- •Remove personal info from posts (past address, birthdate)
- •Google yourself and address exposed information
- •Use privacy-focused browsers (Firefox, Brave)
- •Enable Global Privacy Control (GPC)
- •Use VPN to mask IP address
- •Avoid loyalty programs that track purchases
- •Pay cash when possible
Technical Privacy Tools
Browser Settings:- •Enable "Do Not Track" (limited effectiveness)
- •Block third-party cookies
- •Use private/incognito mode
- •Clear cookies regularly
- •Privacy Badger (EFF)
- •uBlock Origin
- •DuckDuckGo Privacy Essentials
- •Ghostery
- •Use email aliases (SimpleLogin, AnonAddy)
- •Avoid "Sign in with Google/Facebook"
- •Create dedicated emails for signups
- •Don't give real number for store signups
- •Use a Google Voice number for non-essential
- •Review app permissions regularly
---
Fighting Back: Legal Options
If a Broker Refuses to Delete
California residents:- •Document the request and refusal
- •File complaint with CPPA: cppa.ca.gov/complaint
- •Note that you may have private right of action for certain violations
- •Check if your state has a privacy law
- •File complaint with state AG
- •Document for potential class action
Class Actions
Data brokers have faced numerous class actions:
- •Spokeo: Multiple settlements over FCRA violations
- •LexisNexis: FCRA accuracy lawsuits
- •Background check sites: Regular litigation
Check topclassactions.com for active cases.
When It Rises to Stalking/Harassment
If someone is using data broker information to:- •Stalk or harass you
- •Threaten your safety
- •Commit identity theft
- •File police report
- •Document all incidents
- •Contact data brokers about emergency removal
- •Consider protective order
- •Contact domestic violence resources if applicable
Some states have laws requiring expedited removal for stalking victims.
---
The Business Model Problem
Why Data Brokers Exist
The data broker industry exists because:
- •Data has value: Your information is worth money to marketers, insurers, and others
- •Collection is easy: Public records, web scraping, and purchase from other brokers
- •Regulation was nonexistent: Until recently, no laws required consent or deletion
- •You're not the customer: You're the product being sold
The Economic Reality
For data brokers:- •Low cost of collection
- •High margins on sales
- •Recurring revenue from subscriptions
- •Network effects (more data = more valuable)
- •No compensation for data use
- •Privacy violations at scale
- •Difficulty opting out
- •Information used against you (insurance, employment)
What Would Real Reform Look Like?
Opt-in, not opt-out: Require explicit consent before collecting data
Data ownership: Legal recognition that you own your personal information
Payment for data: Compensation when your data generates value
Strict liability: Automatic penalties for violations
Private right of action: Let individuals sue directly
Federal law: Consistent national standards
---
Resources
California Privacy Resources
- •CPPA: cppa.ca.gov
- •DROP Platform (Jan 2026): privacy.ca.gov
- •Data Broker Registry: cppa.ca.gov/data_brokers
- •File Complaint: cppa.ca.gov/complaint
Privacy Advocacy
- •Electronic Frontier Foundation: eff.org
- •Electronic Privacy Information Center: epic.org
- •Privacy Rights Clearinghouse: privacyrights.org
- •Consumer Reports Privacy: consumerreports.org/privacy
Opt-Out Tools
- •Simple Opt Out: simpleoptout.com (free directory)
- •Just Delete Me: justdeleteme.xyz (account deletion links)
- •Have I Been Pwned: haveibeenpwned.com (breach checker)
State Privacy Resources
- •Virginia: oag.state.va.us
- •Colorado: coag.gov/privacy
- •Connecticut: portal.ct.gov/ag
- •Your state AG: naag.org (directory)
---
Conclusion: Take Back Your Data
The data broker industry has operated in the shadows for decades, profiting from your personal information without your knowledge or consent. That era is ending.
California's Delete Act represents a fundamental shift in the balance of power. For the first time, consumers will have a simple, effective way to remove their data from hundreds of brokers at once. Other states are watching—and following.
What you can do now:
- •Use opt-out services or manually contact major brokers
- •Prepare for DROP by monitoring privacy.ca.gov for launch
- •Reduce your footprint by limiting what you share online
- •Exercise your rights under state privacy laws
- •Advocate for stronger laws in your state and federally
Your personal information has been treated as a free resource to be harvested and sold. It's time to reclaim what's yours.
The data brokers have profited from your life. Now you can take it back.
---
This guide provides general information about data privacy rights and does not constitute legal advice. Laws vary by state and are subject to change. Consult with a privacy attorney for specific situations.
Sources: California Privacy Protection Agency, Privacy.ca.gov, Electronic Frontier Foundation
Last Updated: December 2025