Data Brokers: Who Is Selling Your Personal Information in 2026
Every time you browse a website, sign up for a loyalty card, or use a free app, an invisible industry is taking notes. Data brokers — companies you've likely never heard of — collect, package, and sell your personal information to advertisers, employers, insurance companies, governments, and sometimes anyone with a credit card. This shadow economy is worth over $280 billion globally, and you're the product.
In this guide, we'll expose who the biggest data brokers are, what information they hold on you, how they collect it, and most importantly, how you can fight back and remove your data from their systems.
What Are Data Brokers?
Data brokers are companies that collect personal information about individuals from public records, online activity, purchase histories, and third-party sources, then sell or license that data to other businesses. They operate largely without your knowledge or explicit consent.
Unlike companies you directly interact with (like your bank or a social media platform), data brokers usually have no direct relationship with you. They aggregate information from thousands of sources to build detailed profiles that can include your name, address, phone numbers, family members, income, health conditions, political views, shopping habits, and even your daily location patterns.
The Three Main Types of Data Brokers
- Marketing and Advertising Brokers: Sell consumer profiles to advertisers for targeted campaigns. Examples: Acxiom, Epsilon, Oracle Data Cloud.
- People Search Sites: Make personal information searchable online for anyone willing to pay. Examples: Spokeo, BeenVerified, Whitepages.
- Risk Mitigation Brokers: Provide data for fraud prevention, identity verification, and background checks. Examples: LexisNexis, CoreLogic, Verisk.
How Data Brokers Collect Your Personal Information
Data brokers use a combination of public records, online tracking, commercial transactions, and partnerships to build their dossiers. Most of this collection happens silently in the background as you go about your daily life.
Public Records and Government Sources
Court records, property deeds, marriage certificates, voter registrations, and business filings are all goldmines for brokers. While individually harmless, when combined they create a surprisingly complete picture of your life.
Online Tracking and Cookies
Tracking pixels, browser cookies, and device fingerprinting follow you across websites. Brokers correlate this activity with your identity through email addresses you've entered, loyalty program data, and mobile advertising IDs.
Mobile Apps and Location Data
Free weather apps, flashlight apps, and games frequently sell location data to brokers. Companies like X-Mode, Veraset, and SafeGraph have built businesses around aggregating granular location histories from millions of devices.
Commercial Transactions
Loyalty cards, credit card transactions, and warranty registrations all generate purchase data. Companies like Catalina Marketing track grocery purchases at the SKU level, while card networks share aggregated transaction insights.
Social Media Scraping
Public posts, profile information, friend lists, and engagement patterns are routinely harvested. Even "private" data can leak through breaches, third-party apps, or careless API exposures.
The Major Data Brokers Selling Your Information
While there are over 4,000 data brokers operating worldwide, a handful of giants dominate the industry. Here's a breakdown of the biggest players and what they specialize in.
| Data Broker | Specialty | Records Held | Primary Customers |
|---|---|---|---|
| Acxiom (LiveRamp) | Marketing data | 2.5+ billion consumers | Advertisers, retailers |
| Experian | Credit & marketing | 1+ billion people | Lenders, marketers |
| Equifax | Credit & employment | 800+ million consumers | Banks, employers |
| LexisNexis | Risk & legal data | 84+ billion records | Insurers, government |
| Epsilon | Marketing & loyalty | 250+ million consumers | Retail, automotive |
| Oracle Data Cloud | Audience targeting | 5+ billion IDs | Digital advertisers |
| Spokeo | People search | 14+ billion records | Consumers, businesses |
| CoreLogic | Property data | 4.5+ billion records | Real estate, insurers |
What Information Data Brokers Actually Have on You
The depth of personal data held by brokers often shocks people when they first see their own profiles. A typical broker dossier can contain hundreds or even thousands of individual data points.
Common Categories of Collected Data
- Identifiers: Full name, aliases, date of birth, Social Security number (partial or full), driver's license
- Contact Information: Current and past addresses, phone numbers, email addresses
- Family and Relationships: Spouse, children, relatives, neighbors, roommates
- Financial Data: Estimated income, net worth, credit score range, mortgage details, investments
- Demographics: Age, gender, ethnicity, religion, education, occupation
- Lifestyle: Hobbies, magazine subscriptions, charitable donations, political affiliations
- Health Indicators: Inferred conditions, medication purchases, fitness habits
- Behavioral: Purchase history, websites visited, apps used, content consumed
- Location: Daily movement patterns, places visited, travel history
Why This Matters: The Real-World Risks
The harms from unchecked data broker activity range from mild annoyance to life-threatening consequences. Understanding these risks helps explain why privacy advocates have pushed so hard for regulation.
Identity Theft and Fraud
When brokers suffer breaches — and they do, frequently — criminals gain instant access to comprehensive identity packages. The 2017 Equifax breach exposed sensitive data on 147 million Americans. More recently, the 2024 National Public Data breach leaked 2.9 billion records, including Social Security numbers.
Discrimination in Lending, Housing, and Employment
Algorithmic decisions based on broker data can effectively redline communities, deny loans, or screen out job candidates without anyone seeing what factors triggered the rejection.
Stalking and Harassment
People search sites have repeatedly been used to track victims of domestic abuse, stalk public figures, and harass private citizens. In some tragic cases, this has led to violence.
Manipulation and Targeted Influence
Detailed psychographic profiles enable not just commercial advertising but political microtargeting, scam targeting of the elderly, and predatory marketing to addicts and gamblers.
Loss of Anonymity Online
Even when you take care to protect your identity online, links you share, sites you visit, and accounts you create can be traced back to your real identity. Using a privacy-focused link shortener like Lunyb can help limit the tracking exposure when sharing URLs, since it doesn't sell click data to third-party brokers. You can read more in our honest review of Lunyb.
Data Broker Laws and Your Rights
Privacy regulations vary dramatically by region, giving some consumers powerful tools to opt out while leaving others nearly defenseless.
European Union: GDPR
The General Data Protection Regulation gives EU residents the right to access, correct, and delete their personal data held by any company, including brokers. Violations can result in fines up to 4% of global revenue.
United States: A Patchwork
The U.S. lacks a comprehensive federal privacy law, but several states have stepped up:
- California (CCPA/CPRA): Right to know, delete, and opt out of sale of personal data
- Virginia, Colorado, Connecticut, Utah: Similar consumer rights with varying specifics
- Vermont and California: Require data brokers to register publicly
- Texas, Oregon, Delaware (2024+): New laws expanding broker oversight
Other Regions
Brazil's LGPD, Canada's PIPEDA, the UK's Data Protection Act, and Australia's Privacy Act all provide varying degrees of broker oversight, though enforcement varies considerably.
How to Remove Yourself from Data Broker Lists
Removing your data is tedious but achievable. Here's a step-by-step process to reclaim your privacy.
Step 1: Identify Where Your Data Lives
Search your name, phone number, and address on Google. Note every people-search site that returns results. Common ones to check: Spokeo, BeenVerified, Whitepages, PeopleFinder, MyLife, Radaris, Intelius, TruePeopleSearch.
Step 2: Submit Opt-Out Requests
Every major broker has an opt-out process, though they often hide it. Visit each site's privacy page and follow their specific procedure. Expect to:
- Find the opt-out form (often buried in the footer)
- Verify your identity (sometimes requiring ID upload)
- Confirm via email link
- Wait 30–60 days for removal
- Re-check periodically, as data often reappears
Step 3: Use Automated Removal Services
If manually opting out of hundreds of brokers sounds exhausting, services like DeleteMe, Incogni, Kanary, and Optery automate the process for $100–$200 per year. They handle ongoing monitoring and re-removal when data reappears.
Step 4: Reduce Future Data Collection
- Use a password manager and unique emails (or aliases) per service
- Enable browser tracking protection (Firefox, Brave, or Safari)
- Install uBlock Origin and Privacy Badger
- Use a VPN to mask your IP address
- Limit app permissions, especially location access
- Pay with cash or virtual cards when possible
- Avoid loyalty programs that share data widely
- Use privacy-respecting tools for everyday tasks like link sharing, file storage, and email
Step 5: File Complaints When Brokers Don't Comply
If a broker ignores your removal request, file complaints with the FTC (U.S.), your state attorney general, or your national data protection authority (in the EU/UK).
The Future of Data Brokers
The data broker industry is at an inflection point. Increasing regulation, high-profile breaches, and growing consumer awareness are forcing change, but the industry continues to grow and adapt.
Emerging Trends
- Privacy-enhancing technologies: Differential privacy and federated learning may reduce raw data sharing
- The death of third-party cookies: Forcing brokers toward first-party data partnerships
- AI training data demand: Creating new markets for personal data licensing
- State-level enforcement actions: California and Texas leading aggressive crackdowns
- Federal U.S. privacy legislation: Repeatedly proposed but still not passed
Until comprehensive global privacy protections exist, the responsibility for managing your digital footprint largely falls on you. Combining smart tool choices — like privacy-focused services such as the URL shorteners we compared in our 2026 buyer's guide — with regular opt-out maintenance offers the best practical defense.
Frequently Asked Questions
Is it legal for data brokers to sell my personal information?
In most jurisdictions, yes. In the U.S., selling consumer data is largely legal except in specific regulated categories like health (HIPAA) and credit (FCRA). The EU's GDPR requires a legal basis like consent, but enforcement gaps remain. Recent state laws in California, Virginia, and others give consumers the right to opt out of these sales.
How much money do data brokers make from my information?
Individual consumer records sell for anywhere from a fraction of a cent (basic demographic data) to several dollars (detailed health or financial profiles). While each record seems cheap, brokers profit from scale — aggregating billions of records into a $280+ billion global industry.
Can I sue a data broker for selling my information?
Generally, you can only sue if a broker violates a specific law — like GDPR, CCPA, or FCRA — or if their actions caused you measurable harm (such as a data breach leading to identity theft). Class-action lawsuits against brokers after breaches have resulted in significant settlements.
Do paid removal services like DeleteMe and Incogni actually work?
Yes, they significantly reduce your exposure on people-search sites and many marketing brokers. However, no service can remove you from every broker, especially those operating in legal gray zones or overseas. They're most effective when paired with personal privacy habits and ongoing monitoring.
What's the single most important step I can take to protect my data?
Reduce the data you generate in the first place. Use privacy-focused browsers and search engines, minimize app permissions, avoid unnecessary loyalty programs, and be cautious about what you share publicly. Prevention is far easier than removal once your data is in broker hands.
Protect your links with Lunyb
Create secure, trackable short links and QR codes in seconds.
Get Started FreeRelated Articles
Your Digital Footprint: What It Is and How to Control It
Your digital footprint shapes your reputation, security, and even your finances. Learn what it is, how it's tracked, and step-by-step actions to control it in 2026.
Browser Fingerprinting: How Websites Track You Without Cookies
Browser fingerprinting lets websites track you across the web without cookies — using your screen size, fonts, GPU, and dozens of other signals. Learn how it works, who uses it, and how to defend yourself.
Private Browsing vs VPN: What Actually Protects You Online
Private browsing and VPNs are often confused as equivalent privacy tools, but they protect very different things. This guide breaks down what each one actually does, where they fall short, and how to combine them for real online privacy.
How to Stop AI from Tracking You Online: A Complete 2026 Privacy Guide
AI tracking has evolved far beyond cookies, using behavioral fingerprinting and machine learning to profile you across devices. This guide explains exactly how it works and gives you a practical 10-step plan to stop AI from tracking you online in 2026.