Data brokers are companies that collect personal information from public records, social media, loyalty programs, credit applications, voter registration files, property records, and hundreds of other sources, then package and sell it. Their customers include background check services, marketers, investigators, insurers, and anyone else willing to pay for personal profiles on individuals they've never met.
The practical harms range from the mundane — targeted advertising and spam calls — to the serious. Stalkers use people-search sites to find addresses. Scammers use detailed personal profiles to make social engineering attacks more convincing. Doxxing attacks rely heavily on aggregated data broker profiles. The SIM swapping attacks that have drained cryptocurrency accounts and bypassed 2FA often begin with an attacker purchasing a profile from a data broker to answer security questions convincingly.
Opting out is not a one-time task. Data brokers continuously acquire new data; your profile can reappear months after you've had it removed. The realistic goal is systematic reduction of your exposure, not elimination.
What Data Brokers Are and Where They Get Your Data
The data broker ecosystem has several tiers. At the top are large aggregators — Acxiom, LexisNexis, Experian's data services arm — that supply data to businesses for credit, insurance, and marketing. These are largely inaccessible to ordinary opt-out requests and have legal exemptions for financial, employment, and government uses.
The tier most directly affecting individuals is the people-search sites: Spokeo, WhitePages, BeenVerified, Intelius, ZabaSearch, PeopleFinders, Radaris, Pipl, TruthFinder, Instant Checkmate, and dozens of others. These are accessible to anyone with a credit card and aggregate information that's technically public but practically obscure.
Their data comes from:
- Public records — property records, court filings, voter registration (where public), business registrations, marriage/divorce records
- Commercial data purchases — from retailers, loyalty programs, credit applications, survey companies
- Social media scraping — public profiles, tagged photos, and stated locations
- Phone directories and historical listings
- Other data brokers — many buy from each other, creating a layered aggregation problem
The Opt-Out Reality
Every major people-search site offers an opt-out process — often framed as a privacy right, but actually mandated by legal pressure and reputational risk. The processes are intentionally inconvenient. Typical steps include finding an obscure opt-out page (not linked from the homepage), entering your personal information to locate your profile, completing a CAPTCHA, confirming via email, and waiting several days for removal.
Some brokers require you to submit a copy of government ID. Decline to use any service that requires this for opt-outs — you're handing more data to remove existing data.
Many opt-out processes require email confirmation. Use a disposable alias for this rather than your real email address — you're confirming an opt-out, not signing up for anything, and the broker now has another data point if you use your primary address. Services like SimpleLogin or Apple's Hide My Email work well here.
Highest-Impact Brokers to Start With
With hundreds of data brokers operating, prioritization matters. The sites below receive the most traffic for people-search queries and therefore pose the highest practical exposure:
| Broker | Opt-Out Difficulty | Removal Timeline |
|---|---|---|
| WhitePages | Moderate — requires phone verification for suppression | 2–4 weeks |
| Spokeo | Low — web form, email confirmation | 3–5 days |
| BeenVerified | Low — web form, email confirmation | 24–72 hours |
| Intelius | Low to moderate | 1–7 days |
| Radaris | Moderate — account creation sometimes required | Variable |
| PeopleFinders | Low | 24–48 hours |
| TruthFinder | Low — same opt-out as BeenVerified (same parent company) | 24–72 hours |
Automated Tools vs. Manual Opt-Outs
Several services automate the opt-out process on your behalf: DeleteMe, Privacy Bee, Kanary, and Incogni are among the better-known. They submit opt-outs to dozens or hundreds of brokers, monitor for reappearances, and resubmit periodically.
The trade-off is obvious: you're giving a company your personal information to remove your personal information from other companies. Evaluate their privacy policies carefully — specifically what data they retain, whether they share it, and what happens to your information if you cancel. A removal service that sells data undermines its own purpose.
Manual opt-outs are free but time-consuming — a thorough initial pass across major brokers takes several hours. For people with high-risk profiles (domestic violence situations, public-facing professions, journalists, activists), the manual approach with an alias email is worth the time because you maintain control of the process.
What You Can't Remove
Some data is functionally irremovable through individual opt-out requests:
- Government records — court records, property ownership, business registrations, and voter registration are often public records and many brokers simply re-acquire them. You can opt out of a broker's display of this data; you can't seal the underlying public record without a court order (and sometimes not even then).
- Tier-1 aggregators — Acxiom, LexisNexis, and similar companies supply data to businesses for regulated purposes (credit, insurance, fraud prevention). Their opt-out processes are limited by law and don't apply to all downstream uses.
- Archived web content — search engine caches and the Wayback Machine retain old pages. Google's removal request process can delist specific URLs from search results, but the content may remain accessible directly.
- Data from previous addresses and names — if you've moved or changed your name, profiles under old identifiers may persist independently.
Making It Sustainable
The most common reason opt-out efforts fail is abandonment after the initial push. Data brokers re-acquire data; your profile returns. Treating it as an ongoing maintenance task rather than a one-time project makes the work more realistic.
A workable schedule: do a thorough opt-out pass across the top 15–20 people-search sites, then set a calendar reminder to repeat the check quarterly. On each pass, search your name on the major sites and resubmit any profiles that have reappeared. The initial pass is the heaviest lift; maintenance passes are faster because you're only addressing reappearances.
Pairing opt-outs with upstream reduction also helps. Using email aliases instead of your primary address for commercial accounts limits the data trail brokers can acquire going forward. Being selective about loyalty programs, survey participation, and public records filings (especially business registrations, which often include personal addresses) slows the rate at which your data re-accumulates.
No opt-out campaign makes you invisible. It does meaningfully reduce the richness and accessibility of publicly aggregated profiles — which raises the cost of targeting you specifically, reduces the ammunition available for social engineering attacks, and limits what casual searches by employers, neighbors, or anyone else can find about you without your consent.