Published Mar 13, 2026, 1:00 PM EDT
Gavin is the Segment Lead for the Technology Explained, Security, Internet, Streaming, and Entertainment verticals, former co-host on the Really Useful Podcast, and a frequent product reviewer. He has a degree in Contemporary Writing pillaged from the hills of Devon, more than a decade of professional writing experience, and his work has appeared on How-To Geek, Expert Reviews, Trusted Reviews, Online Tech Tips, and Help Desk Geek, among others. Gavin has attended CES, IFA, MWC, and other tech-trade shows to report directly from the floor, racking up hundreds of thousands of steps in the process. He's reviewed more headphones, earbuds, and mechanical keyboards than he cares to remember, and enjoys copious amounts of tea, board games, and football.
Sign in to your MakeUseOf account
I've always wondered exactly who has hold of my data. In the age of all-pervasive surveillance, constant online tracking, and an account needed for every single last site and service, figuring out exactly where all that data has gone is near-impossible.
There is another problem in the mix.
An entire industry exists that collects, analyzes, and sells personal data about millions of people who have never heard of the companies involved. These businesses are called data brokers, and chances are they already have a profile containing information about you.
And guess what? You never gave these people your permission, and you have to actively track down your data if you want it removed.
What's a data broker, then?
Who are these mysterious folks holding all your data?
In short, data brokers collect personal information from sources around the internet and combine it into detailed profiles, typically of individuals. These profiles are then sold to advertisers, marketers, insurers, financial institutions, political organizations, and other businesses that want to better understand or target specific groups of people.
The information that a data broker can gather is broad. It's essentially unlimited within the confines of the law; if the information is legally found online, a broker will snap it up. That means a broker might have information on you, including:
- Full name and previous names
- Current and previous addresses
- Email addresses and phone numbers
- Estimated income and home value
- Family members and household composition
- Shopping habits
- Interests and hobbies
- Location history
Data brokers build profiles to predict your behavior, all leading into — you guessed it! — advertising. Your profile can estimate your shopping, your next big purchase, services you might need, and much more, gathered from all of the data points a brokerage holds on you.
Some of the largest data brokers include companies like Acxiom, Experian, LexisNexis Risk Solutions, and Epsilon that cover financial information, background data checks, marketing information, and more. Then there are "people search websites" like Whitepages, MyLife, BeenVerified, Spokeo, and so on, that specialize in aggregating personal information.
While a few of these names might sound familiar, hundreds of smaller brokers operate behind the scenes with far less visibility.
You've never interacted with these companies directly, and it's likely you never will. But their databases are brimming with thousands of data points on you, your family, friends, and your lives.
Right — but what does a data broker profile look like?
All your data in a big fat file
Imagine that: everything you've ever done, every phone number you ever owned, every person you've ever loved, all linked to you in a single file.
Okay, it's not quite that dramatic, and there isn't a fat dossier in a filing cabinet with your name on. But the data brokers are adept at stitching together information from your life into a more succinct and accurate list of identifiers than you may have considered possible.
In practical terms, a data broker profile starts with the most obvious and easy to verify information, such as your name, date of birth, age, current residential location, and similar. Then, they typically expand into more granular information — the stuff that's much harder to verify and could well be a complete guess. Well, a guess, depending on the broker, as financial data brokers like Experian have a very accurate idea of what you earn, but Whitepages probably doesn't.
So, it might look a little something like:
Field
Example Data
Full Name
Gavin Phillips
Age Range
35–44
Gender
Male
Current Address
Penzance, Cornwall, UK
Previous Addresses
3 recorded addresses over 15 years
Phone Numbers
2 mobile numbers, 1 previous landline
Email Addresses
4 associated email accounts
Household Members
1 partner, 1 additional adult resident
Relatives / Associates
5 names linked through public records
Property Status
Homeowner
Estimated Property Value
£350,000–£450,000
Estimated Income Bracket
£60,000–£90,000
Occupation Category
Media / Publishing
Devices Used
Windows desktop, Android smartphone
Online Interests
Technology, gaming, streaming services
Shopping Indicators
Frequent electronics buyer
Location Patterns
Home address, nearby workplace, frequent travel region
Likely Marketing Segments
Tech enthusiast, high-value electronics shopper
Predicted Behaviors
Early adopter of technology products
But in reality, a data broker may have hundreds of different data points covering numerous attributes. Information you may not consider important or noteworthy is collected and added to the system just in case another service requests that data, or it becomes pertinent for a background check, credit check, or advertising.
Remember: A data broker profile doesn’t need to be perfectly accurate to be dangerous; it only needs to be detailed enough to identify, categorize, and target you.
Related
Where does all the data come from?
And why is it even accessible to begin with?
There are legit uses for data brokers. Background checks, credit checks, and similar all use data broker services. However, the unsettling fact is that you're inside the data broker ecosystem with no way to opt out — even though you never opted in.
The information data brokers use is very rarely collected from you explicitly. Instead, it's gathered from heaps of other smaller transactions involving your personal data, which is then gathered, collated, and served up.
Data broker services use a few main sources to gather your private information:
- Public records: A surprising amount of personal information is already publicly accessible. Records such as property ownership, voter registrations, court filings, professional licenses, and business registrations are often available through government databases.
- Data shared by companies you use: I think I hate this one the most. Even if you’ve never interacted with a data broker directly, you have almost certainly shared information with companies that do business with them. Retail loyalty programs, cashback websites, mobile apps, and online services frequently share customer data with marketing partners. In some cases, this information is anonymized, but data brokers often combine multiple datasets to re-identify individuals.
- Online tracking and advertising networks: Modern websites and mobile apps collect enormous amounts of behavioral data about how people interact with the internet. Everything you do online is tracked, like your page visits, products searched for, ads you click or even dwell on, location data, device identifiers, and more.
- Data exchanged between brokers: Data brokers don’t just collect information—they also buy and sell it among themselves. One company might specialize in location data, another in purchase histories, and another in financial indicators. By merging these datasets together, brokers create far more comprehensive profiles than any single source could provide.
The data broker exchange is why you can never truly escape their ecosystem. You're locked in for life!
Data brokers can be dangerous
They're also somewhat worse in the US
In modern times, data is gold. We've been told that countless times. So what better target for scammers and hackers than enormous organizations that hold reams of information on every person in the country? It's just too juicy a target to ignore.
That's not to mention the secondary issues of having so much personal data circulating in the first place, especially given that you never agreed to most of it being tracked in the first place.
Risk
How It Happens
Why It Matters
Data Breaches and Identity Theft
Data brokers store massive databases containing personal details such as names, addresses, phone numbers, and employment history. These databases are attractive targets for hackers because they contain millions of detailed profiles.
Even partial datasets can help criminals bypass identity verification systems or piece together enough information to commit identity theft. When breaches occur, the exposed data can affect millions of people at once.
Highly Targeted Scams
If scammers obtain data broker information, they can tailor phishing emails, phone calls, or text messages using real personal details such as your location, recent purchases, or workplace.
Personalized scams feel more believable than generic ones, making them much harder for people to recognize. This is one reason modern phishing attacks have become increasingly sophisticated.
Manipulative Advertising and Profiling
Data brokers categorize individuals into behavioral segments such as “likely new parent,” “frequent traveler,” or “high credit risk.” These profiles are then used to target specific groups with customized ads or messaging.
While this improves marketing precision, it also raises concerns about manipulation, discrimination, and algorithmic profiling based on inferred traits rather than verified information.
Now, I'm writing this from the UK, and while we frequently make terrible decisions as a nation, we still have relatively strong data protection laws (at least for the time being!), and we are still subject to the EU's GDPR legislation.
As you've probably already twigged, the US doesn't have the same protections, which makes the US data-broker market far larger than across the pond. Simply put, there is far more opportunity for your data to be scooped up and resold or reused, with few consumer protections to stop data trading between brokers.
Some state laws provide protections, such as California's Consumer Privacy Act, Virginia's Consumer Data Protection Act, Colorado's Privacy Act, and Connecticut's Data Privacy Act, but the legislation only applies state-by-state and doesn't provide the sweeping protections of the GDPR.
Those state laws are a good start, and there is other good news for US folks: some states are implementing data broker registries to regulate companies that buy and sell personal data. As per the EFF, California, Texas, Oregon, and Vermont passed data broker registration laws to protect consumers in those states.
But it's not foolproof: "Companies that registered in one state but did not register in another include: 291 companies that did not register in California, 524 in Texas, 475 in Oregon, and 309 in Vermont."
So, protection from data brokers and the resale of private data is improving across the US, but there is a long way to go.
Related
So, how do you stop data brokers from getting their hands on your data?
Sanitize and reduce
Completely disappearing from data broker databases is extremely difficult, but it is possible to significantly reduce the amount of information circulating about you.
For example, many brokers allow individuals to submit requests to view or delete their data. However, the process can be time-consuming because each broker typically requires a separate request. However, there are certain brokers, such as financial and credit, where self-removal isn't an option.
Then there are automated data removal services such as DeleteMe, Incogni, and Optery that specialize in tracking down your data and removing it. These services basically send a huge number of opt-out requests, hitting as many brokers as possible in an attempt to cut down your exposure.
Many are automated, though they typically charge a nominal fee for the service. For example, DeleteMe charges around $210 for two years of coverage (that's removal and protection after the fact), while Optery is free for self-removal or $4 per month for automated removal from 365+ sites and brokerages.
But the most effective strategy is to try to prevent your data from being collected in the first place. This is way easier said than done, but a few basic tips include avoiding loyalty schemes, restricting your app permissions to the bare minimum, and using privacy-focused browsers and extensions.