What exactly do data brokers sell?

Data brokers sell consumer profiles containing your name, current and past addresses, phone numbers, email addresses, date of birth, relatives and associates, property records, marriage records, criminal history, social media profiles, estimated income, estimated net worth, purchasing behavior, browsing habits (from tracker networks), and health interests (from pharmacy and insurance data). Buyers include advertisers, landlords screening tenants, employers screening applicants, insurance companies, and scammers running phishing and identity theft operations.

Is it legal for brokers to sell my data?

In the United States, data brokers operate under a framework of laws that vary by state. Vermont requires data brokers to register and allows consumers to opt out. California's CCPA and CPRA grant strong opt-out rights. Virginia and Colorado have similar laws. However, no federal law comprehensively regulates data broker collection and sale, and broker opt-outs under state laws are frequently incomplete — brokers can retain and share data for fraud prevention, legal compliance, and other exemptions.

How often do I need to repeat opt-outs?

Most broker opt-outs are not permanent. Brokers continuously re-acquire data from public records, commercial sources, and data exchanges. Plan to repeat manual opt-outs every 6 to 12 months, or use a service like DeleteMe that monitors and re-removes your data continuously. Even one-time opt-outs reduce your exposure meaningfully in the short term.

Do data broker removal services actually work?

Yes — services like DeleteMe and Kanary actively submit opt-out requests on your behalf and follow up on incomplete or ignored requests. Independent audits confirm these services remove data from the majority of major brokers. The limitation is that no service catches every broker, and data often reappears as brokers refresh their databases. Think of removal services as reducing exposure by 80-90% rather than achieving complete removal.

Data Broker Opt-Out 2026: Reclaiming Your Personal Data

Data brokers legally sell your personal information — address, phone, relatives, browsing habits — to anyone willing to pay. Manual opt-outs work but require persistence. Here is a step-by-step guide to removing your data in 2026.

Understanding the Data Broker Economy Data brokers operate in an industry that collected an estimated $239 billion in revenue in 2025. They aggregate personal information from public records, commercial transactions, loyalty programs, tracker networks, and data-sharing agreements with other services. This data is packaged into consumer profiles and sold to anyone willing to pay. The buyers are not just advertisers. Tenant screening services use broker data to evaluate rental applications. Employers use it for background checks. Insurance companies use it for underwriting. Scammers use it for social engineering attacks. The same profile that shows you have teenagers who need sports equipment to an advertiser shows a stalker your home address and a scammer your phone number and family members' names. The industry is legally opaque. Data brokers argue they are protected by First Amendment speech rights when selling public records. They argue they are not "consumer reporting agencies" under the Fair Credit Reporting Act because they do not provide reports for "credit, insurance, or employment purposes" — a narrow interpretation that allows massive data sales while avoiding FCRA compliance obligations. The Manual Opt-Out Process Manual opt-outs are free but time-intensive. The process for each broker follows a similar pattern: Step 1: Find yourself in the broker's database. Search using your name, address, phone number, and email. Brokers return profiles that may contain partial or incorrect information — claim the profile that best matches you. Step 2: Locate the opt-out mechanism. Many brokers bury opt-out links deliberately. Look for "Privacy," "Do Not Sell My Data," "Remove My Information," or "Opt Out" links in the footer or within the profile page. Some require you to create an account first; others require a form submission. Step 3: Verify your identity. Brokers require some form of verification — typically email confirmation, phone verification, or mailing a physical letter. Email verification is most common. Some brokers send a link you must click; others require a verification code entered on their site. Step 4: Confirm removal. After verification, you typically receive a confirmation email. The removal itself may take 2 to 8 weeks, during which time your profile remains in the broker's database. Step 5: Repeat quarterly. Most opt-outs are not permanent. Brokers refresh their data continuously and will re-include your information if they legally acquire it again. The most consequential brokers to target first: People search sites — spokeo.com, whitepages.com, peoplefinder.com, radaris.com, thatsthem.com. These are the brokers most likely to be used for personal harassment, doxxing, and stalking. Their opt-out processes are relatively straightforward and well-documented. Background check services — beenverified.com, instantcheckmate.com, truthfinder.com. These sell reports used for tenant and employment screening. Removing your data here limits exposure to common screening searches. Marketing and advertising data brokers — these are harder to identify and target individually. Services like DeleteMe and Kanary are more effective here because they handle the broad portfolio of marketing data brokers that individual consumers rarely find directly. Automating Opt-Outs At $10 to $25 per month, DeleteMe and Kanary cover 100+ brokers and handle the verification, follow-up, and re-removal processes automatically. For most people, the monthly cost is less than the time investment of a single afternoon spent completing manual opt-outs. DeleteMe publishes transparency reports showing removal rates by broker. Their service removes data from the majority of major brokers with follow-up on ignored requests. Kanary is newer and less established but offers similar coverage at a lower price point. The limitation is that no service catches every broker. The data broker ecosystem is large, and new brokers emerge constantly. Budget services also cannot pursue legal action against brokers who ignore opt-out requests. However, reducing exposure by 80 to 90% across the most dangerous brokers meaningfully reduces the risk of doxxing, harassment, and identity theft. State-Level Rights in 2026 California, Virginia, Colorado, and Connecticut have passed comprehensive privacy laws granting consumers the right to opt out of data sales. Vermont requires data broker registration and grants explicit opt-out rights. Texas has passed a data broker registration law. If you live in one of these states, you have stronger legal grounds for removal requests. Brokers who ignore requests in California can face civil penalties under the CPRA. The practical impact is limited — enforcement is slow and the regulatory agencies are under-resourced — but formal legal demands often produce faster responses than standard opt-out submissions. Priority Actions for Immediate Results Start with the brokers most likely to appear in a harmful search: Spokeo, Whitepages, Radaris, and BeenVerified. Their opt-out processes are documented online and typically complete in under an hour per broker. Then evaluate whether the remaining exposure justifies a subscription service. Check your current exposure first: search your name and address across these brokers before starting. The profiles you find will shock you — data brokers often have information people believe is private, including family member names, former addresses, and estimated financial data. Understanding what exists is the first step to deciding how much effort to invest in removal.