3 min read

Data brokers know more than you think

PCWorld says data brokers build detailed profiles from everyday records, apps, retailers, and trackers—even if you follow basic privacy best practices.

Image: PCWorld

Searching your own name and finding your home address, phone number, past addresses, relatives, and even an income estimate can feel like a breach. But as PCWorld points out, that data often comes from a legal, highly distributed system: data brokers.

These companies collect personal information from many sources, merge it into detailed consumer profiles, and sell that information to other businesses. Those profiles can shape the ads you see, the offers you get, and can also support background checks, insurance risk assessments, and voter targeting campaigns.

Incogni PPL+
Incogni PPL+

According to the article, the biggest misconception is that brokers get your data from one place. In reality, they assemble it from thousands of small signals, including:

  • Public records such as property filings, voter registrations where available, court records, marriages, divorces, business registrations, and professional licenses
  • Retailers and loyalty programs, which can reveal what you buy, how often you shop, and how much you spend
  • Website cookies and third-party trackers, including pixels, ad trackers, and analytics scripts
  • Mobile apps, which may collect location, advertising IDs, device information, and usage data
  • Social media activity, including public profiles, likes, follows, comments, group memberships, tagged photos, and relationship links
  • Other commercial sources such as financial institutions, consumer research firms, credit reporting agencies, marketing partners, and in some cases data exposed in breaches
Google reveals more than you know.
Google reveals more than you know.

Where data brokers get your information

PCWorld notes that being careful online only solves part of the problem. A VPN can hide your IP address and encrypt traffic, and blocking cookies can reduce cross-site tracking, but neither can stop a retailer from logging your purchases or an app from using data you granted it permission to access.

The problem is systemic: routine actions like signing up for a rewards card, downloading a weather app, buying a house, registering to vote, or creating a shopping account all generate data that can eventually feed broker databases.

Recommended reading

Proton CTO says trust, not features, is the product

FTC Data Brokers
FTC Data Brokers

What you can do to limit it

The article says you probably cannot stop data brokers completely, but you can reduce both new collection and the amount of information already circulating.

PCWorld recommends being more selective about what you share: skip loyalty programs unless they are worth it, limit app permissions, review social media privacy settings, disable personalized ads and geotagging where possible, delete unused apps and accounts, and remove or reset your phone’s advertising ID when available.

It also points to legal privacy rights in places covered by laws such as the GDPR and CCPA, which can let people request access, deletion, or opt-outs. Google may also remove some personal information from search results.

For people who do not want to manage broker opt-outs one by one, the article highlights data-removal services including Incogni, DeleteMe, Optery, and Aura. These services send removal requests to hundreds of data brokers and people-search sites, track progress, and keep checking for reappearances over time.

Incogni
Incogni

As PCWorld notes, these services cannot remove everything, especially information that remains legally public. But they can significantly shrink how much of your data is available for sale online.

Sophia Reynolds

Security Editor

Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.

via PCWorld

// Keep reading