Data Brokers: The Industry That Sells You

Behind every privacy setting you configure, every cookie banner you dismiss, and every ad preference you adjust, there is an industry most people never see. Data brokers — companies that collect, aggregate, and sell detailed personal profiles — are the least visible and most invasive element of the surveillance economy. They do not operate consumer-facing products. They do not have apps you can delete. They are the wholesale infrastructure of personal data commerce, and they almost certainly have a profile on you that includes your name, address, phone number, estimated income, inferred political leanings, purchase history, and a record of places you have physically been. The sovereign response is not to pretend this can be eliminated. It is to understand the machinery, reduce your exposure where the cost-benefit ratio is favorable, and accept that this is maintenance, not a one-time fix.

Why This Matters for Sovereignty

Zuboff’s The Age of Surveillance Capitalism (2019) describes the behavioral surplus economy — the extraction and sale of data generated by your activity that exceeds what is needed to provide you a service. Data brokers are where that surplus is aggregated, enriched, and resold at industrial scale. They are the clearinghouse between the thousands of sources that generate data about you and the thousands of buyers who want to use it.

The scale is difficult to comprehend. Thousands of data brokers operate globally. The largest — Acxiom (now LiveRamp), Oracle Data Cloud, Experian Marketing Services, and others — maintain profiles on hundreds of millions of individuals. These are not profiles based on what you voluntarily shared. They are assembled from public records, voter registration, property records, court filings, loyalty program data, app SDKs that sell location information, credit card transaction data, browsing histories, and data purchased from other data brokers. The brokers trade with each other, enriching profiles across multiple data sets until the resulting dossier is more comprehensive than anything you would voluntarily disclose to any single entity.

The consequences are concrete. Data broker profiles are used by advertisers to target you, by employers to screen candidates, by landlords to evaluate tenants, by insurance companies to assess risk, and by individuals conducting background checks. Senator Ron Wyden’s investigation documented that data brokers sold precise location data capable of tracking individuals to specific buildings — including reproductive health clinics, places of worship, and addiction treatment centers. This is not hypothetical surveillance. It is a commercial product available to anyone willing to pay.

How It Works

Data brokers operate by aggregation and inference. They begin with identity data — your name, address, date of birth, phone number, email address — sourced primarily from public records. Voter registration, property records, court records, and professional licenses all provide seed data that is freely available or available for modest fees. This identity core is then enriched with behavioral and transactional data from a web of commercial sources.

Loyalty programs at retailers sell anonymized transaction data that is trivially re-identified when combined with the identity data brokers already possess. Mobile app developers embed software development kits (SDKs) from data brokers that harvest location data, device identifiers, and usage patterns; the app developer gets analytics or advertising revenue, and the data broker gets a continuous stream of location intelligence from millions of devices. Credit card transaction data, while nominally anonymized, is purchased in bulk from payment processors and cross-referenced with known purchase patterns to rebuild individual shopping profiles.

The inference engine is what makes data broker profiles unsettling. From your purchase history, location patterns, and public records, brokers infer characteristics you never disclosed: estimated household income, political affiliation, health conditions (based on pharmacy purchases, health-related app usage, or visits to medical facilities), religious affiliation (based on places of worship visited), relationship status, and dozens of other attributes. These inferences are not always accurate — but they do not need to be. They need to be accurate enough to be commercially valuable for advertising targeting, and that bar is lower than most people assume.

The data broker ecosystem is also recursive. Brokers buy data from other brokers. A profile assembled by one company is sold to another, enriched with additional data, and resold again. Your data circulates through this network continuously, and no single opt-out request can reach all of it. This is the core structural challenge: the data broker industry is distributed, redundant, and designed to survive the loss of any individual data source.

The Proportional Response

The proportional response has three tiers, ordered by effort and impact.

The first tier is to reduce future data generation. This is the most effective long-term strategy because it addresses the source rather than the symptom. Every privacy action discussed in this series — changing your DNS, using a privacy-respecting browser, auditing app permissions, disabling your advertising ID, using email aliases — reduces the raw data that flows into the broker ecosystem. Data brokers cannot broker data that was never generated. This tier costs nothing beyond the actions you are already taking if you have followed this series, and it compounds over time.

The second tier is to use a data removal service. Companies like DeleteMe (operated by Abine) and Kanary specialize in submitting opt-out requests to major data brokers on your behalf. They scan broker databases for your personal information, submit removal requests, and monitor for reappearance. These services typically cost $100-200 per year and cover the largest and most commonly accessed brokers — Spokeo, WhitePages, BeenVerified, Intelius, and several dozen others.

The value proposition of these services is real but bounded. They address the people-search sites and public-facing data brokers — the ones where anyone can type your name and find your address, phone number, and estimated age. They do not reach the wholesale data brokers (Acxiom, Oracle, Experian Marketing) whose products are sold business-to-business and whose opt-out processes, where they exist, are separate and more cumbersome. For reducing your exposure on the public-facing layer — the layer most likely to be accessed by an individual searching for your information — a data removal service is the most time-efficient approach available.

The third tier is manual opt-out from the larger brokers. This is time-consuming and imperfectly effective, but for those with elevated threat models, it is worth the effort. Each major data broker has an opt-out process, typically requiring you to verify your identity (which itself means providing personal data to the broker), wait a processing period, and then verify that the removal was completed. The processes are deliberately inconvenient — this is by design, not accident. The companies profit from having your data and lose revenue when you remove it. Making opt-out frictionless would be contrary to their business interests.

State privacy laws provide additional leverage in some jurisdictions. The California Consumer Privacy Act (CCPA) gives California residents the right to request deletion of personal data from data brokers and other companies that collect it. Similar laws exist in Virginia, Colorado, Connecticut, and a growing number of other states. If you are a resident of a state with a consumer privacy law, you have a legal right to request deletion, and companies are required to comply within a specified timeframe. The practical effect is strongest against companies with a documented compliance process; smaller brokers may not respond consistently.

What to Watch For

The whack-a-mole problem is the defining challenge of data broker removal. Your data reappears after removal because brokers continuously re-collect from the same sources that fed the original profile. Public records are updated, new data partnerships form, and your information re-enters the ecosystem. Opt-out is not a one-time event — it is ongoing maintenance. The data removal services mentioned above address this by monitoring and re-submitting removal requests periodically, which is the primary reason their pricing is annual rather than one-time.

The data broker industry is facing increasing regulatory pressure, but regulatory progress has been slow relative to the scale of the problem. The European Union’s GDPR provides the strongest individual rights around data deletion, and its enforcement has been more aggressive than US state-level equivalents. In the United States, federal privacy legislation has been proposed repeatedly but has not passed as of this writing. The regulatory environment is moving in the direction of greater individual rights, but slowly enough that personal action remains necessary for anyone who does not want to wait for legislation to catch up.

There is also a class of data that brokers possess that is functionally impossible to remove: inferences. Even if a broker deletes your raw data, the inferences derived from that data — your estimated income bracket, your likely political affiliation, your inferred health conditions — may persist in derivative data products, aggregated datasets, or model training data. The legal frameworks for addressing inferred data are less developed than those for addressing directly collected data, and this gap represents one of the harder unsolved problems in privacy.

The honest assessment is this: data brokers are the background radiation of the surveillance economy. You cannot reduce your exposure to zero. You can reduce it to a level where the most accessible, most commonly searched databases no longer return your personal information — and that is a meaningful improvement in practical terms, even if the wholesale infrastructure continues to operate. The sovereign individual addresses data brokers with the same proportional posture applied throughout this series: reduce what is reducible, maintain what requires maintenance, and direct your energy toward the actions with the highest return rather than pursuing perfection in a system designed to resist it.

The Wyden investigation and similar governmental inquiries have begun to surface the specific harms that unrestricted data brokerage enables — from stalking (location data sold without verification of buyer intent) to discrimination (inferred health and financial data used in housing and employment decisions). These harms are real, they are documented, and they are the strongest argument for continued personal action even in the face of the system’s persistence. You may not eliminate your data broker profile. But making it harder to find, less complete, and more expensive to maintain is a form of friction that has real protective value — especially against the casual searcher, the opportunistic scammer, and the automated systems that rely on easy access to personal data at scale.

This article is part of the Data & Privacy series at SovereignCML.

Related reading: The Privacy Landscape: What’s Real, What’s Theater, Social Media Privacy: What You Can Control (It’s Less Than You Think), Your Privacy Action Plan: The 80/20 in Priority Order