Data Brokers Exposed: How to Opt Out and Secure Your Personal Data

Taking charge of your personally identifying information in modern times is very difficult. In the US there are very few laws to protect what kind of personal data that companies can share. Companies like Meta, Amazon, Google, your ISP, etc. literally make billions of dollars by snooping on what you do online and sell information about you. The scope of what these companies and data brokers is astonishing. 

Data that companies know about you can include birthday, gender, addresses, names and addresses of relatives, location history, sexual orientation, religious affiliations, websites you visit, products you buy, streaming programs you watch, social security numbers, email addresses, and a lot more. Unlike in the EU which has strict data privacy measures, in the us it’s practically open season on what companies can collect about you. 

This (long) post is a guide to help ‘scrub’ some of your data from data brokers and reduce the risk of future personal information exposures. Some of the most egregious sites are ‘people search’ sites that anyone can access to lookup your home address, phone, relatives names, or more. 

In this post I cover:

  • Dark web data breach dumps
  • Exercising your opt-out rights
  • Free PII data removal tips
  • Data Suppression vs. Deletion
  • California CCPA Law
  • Paid PII Data Removal Services
  • Scrubbing search engines of PII
  • Real Estate Privacy

Dark Web Search

Recently I stumbled upon a great ‘dark web’ search site called pentester.com. You can enter an email address and the site will conduct a search of many dark web data breach databases for your PII. It will also look up your IP address as well. This is a great place to see what kind of PII is floating out there on the internet and what you should be searching for during your scrubbing mission. 

The details of the results can be jaw dropping, with data like the breached site name, username, full name, IP addresses, physical addresses, phone number, clear text passwords, password hashes, and more. Unfortunately since most of this data is on the ‘dark web’ you have little recourse to get it deleted. 

Pentester.com also offers a data removal service, but it’s pretty pricey and I haven’t personally tried it so I can’t review how effective it might be. They claim to support 475 data brokers.  

Tip: If your primary email address has been exposed in these dark web data dumps, consider implementing email aliases. Check out my post Email aliases: How to easily protect your inbox from spam. I created a brand new email address using a custom domain and registered a new custom domain for email aliases through SimpleLogin. I then only use aliases for giving out email addresses, which has completely eliminated spam on my new primary (and private) email address. 

Exercising Your Opt-Out Rights

Before you start the data broker cleaning process, it’s a good idea to opt out of as many SOURCES of your PII as possible. 

DMAchoice

DMAchoice is a consumer preference service that some (not all) data brokers will honor data removal suppression requests. The online registration fee is $5, good for 10 years. Even though data brokers are not required to honor your preferences at DMAchoice, it can really help cut down on marketing spam. To me it’s $5 well spent. 

OptOutPrescreen.com

OptOutPrescreen.com is a site which allows you to request opting out of prescreened credit offers from Equifax, Experian, Innovis and TransUnion. You can opt-out for 5 years online, or permanently via snail mail. 

Financial Institution Opt-Out

In my blog post Digital Privacy Decoded: Simple Ways to Secure Your Information I covered some search engine phrases you can use to find the privacy policy for your financial institutions. I would strongly suggest availing yourself of all their opt-out options for maximum privacy. They have access to very personal information such as all your credit card purchases, where you spend your money, and could even know WHAT you bought with your credit card. Take financial institution privacy very seriously.

Free PII Data Removal Tips

I would start by leveraging Optery, OneRep and Privacy Bee (all discussed below) for free PII searches. All three services unmask exposed PII and tell you which websites has what PII. This is an EXCELLENT start to manually scrubbing your data. These service also many times provide manual opt-out instructions for DIYers. 

You can also do pass a through both the “Big Ass Data Broker Opt-Out List” and the IntelTechniques list of data brokers. However, you won’t do all of those in one sitting. But it’s a great starting point to see how far that gets you.

To maximize your DIY effort I offer these tips:

Tip 1: If the data broker search engine lets you search on multiple data points (e.g. full name, address, phone, email) search on all available inputs. Perform searches on each unique address, phone, email, etc. You may get surprising results. 

Tip 2: If you find that any of those brokers has your PII, submit opt-out requests. Keep doing searches every few days to validate your PII has been removed. Not all data brokers will acknowledge your requests, so the removal may be silent. Some may never remove your data (sad, but true). Removal could take days or weeks, while a few are nearly instant.

Tip 3: In your favorite spreadsheet or note taking app document whether the data broker has any of your PII and note down what they have (e.g. screenshot). You can use this to verify your opt-out has been successful over the coming weeks. Be obsessively organized if you really want to remove as much PII as possible. Keep a site-by-site activity log, including the dates you submitted opt-outs and how you requested the opt-out (e.g. email, web form, etc.).

Tip 4: To take care of the “heavy hitter” data brokers and start with PublicDataUSA, Radaris, BeenVerified, CheckPeople, ClustrMaps, Dataveria, ThatsThem, Intelius, Nuwber, PeopleFinders, Spokeo, Whitepages, CoCofinder, and Truthfinder. 

Tip 5: Some people search sites have a paywall to see any PII they may have on you. If the cost is $5 or less to see your report, I would strongly consider getting the report. However, use a virtual credit card that you can lock and set strict charge limits so that the site can’t bill you in the future for any subscriptions. Some reports can be as cheap as $1. Save or screenshot all reports for future reference so you know what data needs to be scrubbed. I suggest using a virtual credit card with strict locks/expiration date to prevent future billing.

Sites to consider a <$5 trial subscription to include Spokeo, BeenVerified and Truthfinder. They also often sponsor PII results on third party sites, so scrubbing you data on these ‘source’ sites can eventually remove your PII from other sister sites. 

Tip 6: To help with the manual opt-out process you can leverage Data Brokers Watch. It has a list of over 1,000 data brokers and for many of them there’s a direct link to an opt-out form that you fill out. This then opens your mail client with a fully formatted opt-out request that you can send with one click. It’s also a great template to use with sites that they don’t support. 

Tip 7: Some data brokers may require multiple opt-out requests if they have more than one record on file. Always verify removals by comparing before/after screenshots of any exposed PII. Again, keep detailed records so you can verify removals. 

Tip 8: If you have a lot of PII exposures I would prioritize what you want to clean up first. For example, you might first focus on your phone number and email address to help stop spam. Removing all of your addresses, age, relatives, and vehicles may prove harder.

Tip 9: Do extensive Google and Bing searches on all of your PII. When you find offending data, submit search engine requests to de-index your PII. Even if a data broker removes your PII, Google/Bing search snippets can contain cached PII for many months. I cover search engine removal/re-indexing steps later in this article. 

Tip 10: Even if a data broker removes your primary profile with your PII, I found instances where they still leak your data. For example, your PII may be listed as “Neighbors” of other listings. Or they may aggregate various social media accounts which aren’t directly tied to a single profile, so you need to submit a screenshot and ask to have your data removed.  I’ve also seen cases of data brokers with “Sponsored” sections which lists more PII exposed by other data brokers. This can take additional work to get scrubbed. Google/Bing can be your friend here to find ‘straggler’ PII. 

Data Suppression vs. Deletion

Data deletion and data suppression are two approaches to managing personal information with data brokers. A data deletion request asks the broker to completely remove your data from their systems, ensuring it cannot be used, sold, or shared in the future. This provides a more permanent solution to privacy concerns, though your data might be collected again from other sources and reappear in the data broker’s database at some point in the future. This is why periodic data broker scans are important.

In contrast, a data suppression request involves hiding or masking your data rather than deleting it. This means your data is not publicly accessible or sold, but it remains in the broker’s internal systems and could potentially be reactivated. Suppression is useful if you want to permanently limit access to your data. Data suppression should be viewed as a permanent “opt out”, whereas data deletion could be just a temporary state.

Both methods aim to enhance privacy, but the choice depends on whether you prefer permanent removal or temporary restriction of your data. Most data brokers just offer data deletion, but a few do have specific suppression steps. I personally opted for suppression whenever possible to increase the chances of my data staying private.

Tip: Incogni submits both data deletion and data suppression requests. On my dashboard I can see they submitted 43 suppression requests on my behalf, for example.

California CCPA

The California Privacy Protection Agency (CPPA) has introduced a significant enhancement to consumer privacy rights with the “Right to Delete” provision under the California Consumer Privacy Act (CCPA). This right empowers California residents to request the deletion of their personal data held by businesses, including information collected indirectly through third parties. The law mandates that businesses must comply with verified deletion requests, ensuring that personal data is removed from their records and any associated service providers. 

Starting August 1, 2026, the CCPA will require data brokers to respect an opt-out list, allowing consumers to request the deletion and tracking of their personal data. This law mandates that data brokers must regularly check for opt-out requests and comply accordingly, enhancing consumer privacy protections in the state. 

A few other states may have similar privacy laws, so if you don’t live in California, search for any applicable state laws until Congress enacts sweeping Federal laws (fat chance). I happen to live in California, so whenever I submit a manual opt-out request I include something like “Per California CCPA law, remove my profile/data from your site.”

Paid PII Data Removal Services

If you value your time and you discover that dozens of data brokers have your PII, then I suggest forking over some $$ on at least one data removal service. I’ve tried quite a few, some appear really, really good, while others were total trash. I’ll give you a few brief reviews and my recommendations.

Here are few data removal service tips:

  • Some data brokers refuse to respond to removal requests from third parties. Good data removal providers will provide a link to how you can perform a manual request yourself.
  • Some data brokers are highly resistant to removing your data and flat out won’t do it (which could be illegal). Some appear to be scam operations with fake phone numbers, fake addresses, and non-functional removal request forms, or bouncing emails to customer support. The best you can do with these is pull any results from all search engines. Until the US gets strong PII protection laws (like the GDPR in Europe), the situation is fairly dire.
  • Some data removal services allow you to submit custom take down requests. Optery, DeleteMe, and others have this feature. But if the website in question is a scam or ignores requests, there’s nothing that can be done to remove your PII at the source.
  • If a paid service discovers highly concerning PII that you want to get removed ASAP, do your own manual request. OneRep estimated 3-4 weeks removal for two data sites, but I was able to use the offending site’s opt-out process and in 90 seconds my data was gone.
  • As early into the onboarding process as you can enter ALL of the PII you want removed. If you forget data, like an old address, it might not get scanned for months if you miss it in the initial search. Be extremely thorough in all the PII you want searched, going back to even childhood addresses and phone numbers if you wish. I would brain dump all PII you want to search for in your favorite notes app or spreadsheet for quick reference. This should include any name variations (pre and post marriage), all physical mailing addresses back to childhood, all current and previous phone numbers, and all current or past primary email addresses. 
  • Even if you go with one or more paid data removal services, you still have a bunch of work to do yourself if you really want to verify your data is thoroughly scrubbed. This included validating removals were actually done, running periodic Google/Bing searches to verify no new exposures, and checking each data removal service dashboard for removal status. This is a never ending game of whack-a-mole.
  • There is no “perfect” data removal service. Even my leading choice (below) is deficient in some areas and lacks some very useful features. 

Warning: There is a slight chance that unscrupulous data brokers, when they get an opt-out/delete request from a removal service, will ignore the opt-out/delete request and just keep the PII you sent in the request on file and resell it. If this really concerns you, you can focus on ‘people search’ sites that Google search shows already has your information to target for removal. 

Stacking Data Removal Services

In the US there are hundreds and hundreds of data brokers. Some are more public facing ‘people search’ websites while others are more like private warehouses that sell your data.  Given there are so many, and new ones popping up all the time, you will probably need to subscribe to two or more data removal services to have the highest chance of scrubbing your data. After significant hands on with a variety of paid tools (out of my own pocket), here are my top recommendations (mini reviews are in the next section):

#1: Optery has one of the largest ‘legitimate’ list of data brokers, using their ultimate plan. They cover over 645 people search and private data brokers. Excellent dashboard and status updates. I would start with Optery, then consider adding Privacy Bee or OneRep (see below) as you see fit. 

#2: Privacy Bee is not cheap, but covers another ~300 data brokers not covered by Optery. Standalone they cover more than 500 data brokers.  

#3: Incogni covers another 131 unique data brokers that Optery does not. 68 data brokers overlap with Optery. Incogni is a good mixture of ‘people search’ and private data brokers. 

#4: OneRep covers another 172 unique data brokers not covered by Optery and Incogni. OneRep focuses almost exclusively on people search sites. 

If you subscribe to Optery and Privacy Bee removal services with their top tier plans, you will get covered on over 900 unique data broker sites. Trying to comprehensively search for your data on 900 sites and process all the delete/opt-out requests yourself is a monumental task. So I think the subscription costs are well worth it, even though you will still have some manual scrubbing to perform. 

I would suggest giving Optery and Privacy Bee a good two to three months to scrub data brokers. Some data brokers are exceptionally slow to respond to queries, or may take multiple data deletion requests to get the desired effect. Some may just flat out ignore requests, and then your only mitigation is removing any search engine results. While those two services are performing opt-out requests, I would focus on cleaning up Google Search and Bing Search results.    

Optery (Derek's Top Pick)

Optery (referral link) is a premium data removal service which supports more than 645 data brokers, depending on your subscription tier. Among all of the US-centric data removal services, Optery is one of the best (and most expensive) and is my personal top pick for a paid data scrubbing service. 

I would personally start with Optery as the first paid service, as it covers one of the longest lists of data brokers that I’ve seen. It has one of the best coverages for both public facing ‘people search’ sites, and back-end only data brokers.  You can sign up here: Optery (referral link).

Positives:

  • PC Magazine’s Editor’s Choice (rated 4.5 out of 5) (2022, 2023, 2024, 2025)
  • #1 Most Effective in the 2024 Consumer Reports Study
  • Other CyberSecurity/InfoSec awards and SOC 2, Type II certified
  • Brand new iOS and Android mobile app
  • Huge data broker coverage (645+ on the Ultimate plan). This is not a ‘fake’ marketing number.
  • Very slick UI with status and manual removal steps for over 385 data brokers. 259 “expanded search” brokers don’t have status in the UI, but are used in their searches and automatic opt-out requests.
  • Optery regularly adds new data brokers to various tiers
  • Screenshots of data broker results and Google/Bing search results with live links.
  • Unlimited custom removal requests (Ultimate tier only, after 30 days).
  • Paid custom scans ($2.99 each) for name searches in different cities and states. Works very well.
  • Downloadable exposure report with screenshots of offending PII.
  • Downloadable removal reports with before/after screenshots to prove offending PII was removed
  • Free tier is a great way to kick start your DIY removal requests. Could be a good option if only a handful of sites have your PII. They provide detailed opt-out instructions for many dozens of data brokers. 
  • Quick and easy cancel button. 
  • Asks current and prior employer name and email addresses
  • Able to delay the first scan until you’ve completed your profile with all searchable PII.
  • Excellent tracker for ‘removal issues’ and ‘custom requests’ on the homepage. Easily see what sites you submitted and their removal status. 
  • A very obvious “Removed” label for PII that was verified as removed on the offending site. 

Negatives:

  • Yearly subscriptions are not cheap. You can do a monthly plan, and perhaps cancel after a couple of months when your data is cleaned up. (Note: Your data can re-appear.) Or you can “Pause” your subscription, keeping all of your opt-out data intact.
  • While you can enter multiple phone numbers and email addresses, you have to designate one of each as what you want to use for searches. Optery says they are working on ways to run on-demand scans for additional phone numbers and email address. Other data removal sites (like OneRep) can scan for multiple instances of each.
  • Initial scan of all 617 data brokers is very slow. More than 24 hours after the scan started, most are still pending. Optery says wait 24-72 hours for initial scan.
  • It may day several days or weeks after a site removes your PII to reflect as ‘removed’ in the Optery console. Optery does usually provide a link to your exposed PII profile for public people sites so you can verify yourself if your data was scrubbed.
Pro Tip: Run custom scans ($2.99 each) for any previous cities/states that you have lived in, such as those in childhood. It’s very likely additional PII will be found that needs to be scrubbed. Do this even if you have entered all prior addresses in your data profile. 
Optery Dashboard Snippet

Privacy Bee (Runner Up)

Privacybee.com is a very well thought out data broker removal service. It supports hundreds of data brokers and has a robust dashboard with detailed search and removal history (although it’s not always entirely accurate). 

Positives:

  • PC Magazine Review (4.5 out 5)
  • Supports over 500 data brokers, including coupon mailing databases, credit card pre-approval brokers, and many advertising companies.
  • Very polished dashboard with highly detailed and date/time stamped activity log which you can export to CSV.
  • Exposures are broken down by identity (name), family members, locations and contact info. 
  • Allows searching on multiple name variations, physical addresses, phone numbers and email addresses. 
  • Ability to selectively ‘trust’ certain companies which will prevent opt-out/delete notices being sent.
  • Private internet search bar to look for web, images, videos and news for any search criteria you enter. Appears to use Google search for results, but queries are ‘private’.
  • Ability to connect your Gmail account and scan your whole mailbox for companies you might want to trust. IMHO, even if I used Gmail (which I don’t), I don’t want to trust ANY company. Seems more like a gimmick.
  • Appears to run very frequent searches to more quickly find exposed PII and start removal requests.
  • They have live human chat support which can sometimes provide more details on stubborn removals and their status. 

Negatives:

  • No screenshots of exposed information on people finder sites. Details are provided for what data was found (names, locations, contact info) and sometimes a link to the exposed external profile.
  • Their “Active Exposures” status page neatly lists all of your found PII, however it seems to never be updated when your data has been removed. This necessitates clicking on possibly many dozens of exposures to determine if your PII was scrubbed. Optery has an obvious “Removed” label for sites with your PII.
  • I’ve found several false positive and negative findings in the console. Several times the dashboard said no PII was found, but in fact the broker WAS exposing personal information. Or it stated PII was removed, when in fact it was NOT. Bottom line, don’t trust any status in the console. Always click through to the site to validate.
  • No custom/manual removal request form in the dashboard. You can contact support for a custom removal request, but without a dashboard to track, that makes tracking status very hard.
  • Must pay for a full year up front, and no apparent coupons or deals. $199/yr. No apparent family plan discount.
  • Phone numbers require SMS verification to add, so you can’t scan on any old phone numbers tied to your identity.
  • Your Privacy Bee account has no password. All logins require entering an email authentication code and optionally a 2FA code. Slows down the login process.
  • No public list of all the data brokers they support. But you can see the full list with an account. 
  • Their automated scans returned no PII for a few sites, even though the data broker displayed some PII which was in my Privacy Bee profile. I was able to manually submit a removal request, but you can’t upload a screenshot of what PII was found. 
Privacy Bee Dashboard Snippet

OneRep (Third Place)

OneRep is a semi-decent choice for a data broker removal service. It doesn’t cover as many data brokers (only 213) as Optery, but has better coverage than other services like DeleteMe. I would personally start with Optery, wait 8 weeks for PII removals to process, then do a free name search with OneRep to see what data (if any) remains on public sites. 

Tip: Do a free search on OneRep using a valid email address. Wait 24-48 hours after your free results, and OneRep may email you a special discount off their yearly plan. Mine was $69.99/yr instead of their usual $99/yr for an individual. If you wait a few more days to sign up, they may send you another email for 50% off their plans. If you aren’t in a hurry to sign up, waiting less than a week can save big money here.

Note: There is some evidence that the CEO of OneRep was the previous founder of data brokers. If this implication bothers you, you can feel free to not buy a subscription from them. But their free search tool is useful. 

Positives:

  • Free full name search on their homepage. Fully unmasked and actionable results. Great for DIY removals. 
  • Cheaper than Optery ($14.95/mo on monthly plan, $99 with yearly billing).
  • Good opt-out requested/removal status updates for each exposure.
  • Links to the live profiles of exposed information.
  • Supports searching on multiple phone numbers, addresses, and email addresses.
  • Good manual removal instructions for most all data brokers (if you want to DIY).
  • Optional identity theft insurance, credit monitoring and SSN tracker (and other services).
  • First scan results are extremely fast. Mine were ready within a minute or two of creating an account and inputting all of the PII I wanted to be included in their searches. 
  • Performs monthly scans to detect exposed PII.

Negatives:

  • Only supports 213 websites, of which all of them are customer facing ‘people search’ sites. Does not cover ‘back end’ data brokers.
  • Must email, call or online chat to cancel.
  • No custom removal requests.
  • Can have significant lag in updating data removal stats (some of my data was removed weeks ago, yet the dashboard still says ‘opt-out requested’ instead of ‘removed’.).
OneRep Dashboard Snippet

Incogni (Meh)

Incogni may have more brand recognition than other data removal services. And while it’s not terrible (like some others I reviewed), it’s in the middle of the pack when it comes to effectiveness and coverage. I would not recommend it as a go-to solution for online privacy, but it can be somewhat effective. 

Positives:

  • Reviewed by PC Magazine (Rated 4.0 out of 5)
  • Claim to support 199 data brokers, covering both private and public searchable databases. 
  • Good dashboard with a chart showing sent, in progress and completed data removals over time.
  • Detailed Activity Log which shows on a day-by-day basis which data brokers were contacted for PII removal.
  • Lists how many suppression lists you were added to. This means that data broker should never re-publish your information again.
  • Very good mix of 116 private data broker databases and 72 public databases.
  • Highly detailed per-data-broker information about request status (in progress, completed, suppressed).
  • Many published articles for manual opt-out procedures.
  • Dashboard includes number of suppression list requests (discussed later in this post) and which data brokers have a suppression setting

Negatives:

  • Maximum THREE each of email addresses, home addresses and phone numbers for PII searching.
  • No links to per-data-broker manual opt out procedures (if you wanted to DIY). They have a handful of opt-out procedures elsewhere on their site. 
  • No screenshots or information about discovered PII. You only see in progress, completed, or suppressed status but don’t know what PII the data broker had on you (if any data at all). Most every other site will tell you how many profile matches you got and even what data was found. 
  • I submitted one custom removal request (capped at 3), but the website didn’t have a way to add two more. Poor update status on the custom request. This feature was in ‘beta’ and it shows. 
Incogni Dashboard Snippet

DeleteMe (Don't Bother)

DeleteMe claims to support several hundred data brokers, and is well known in the PII removal space. They are often a podcast sponsor, and seem to have decent brand recognition. However, their data broker coverage is pretty pathetic and their dashboard is lacking real time status of all your exposure findings and opt-out status. Actual data broker coverage seems to be 115 sites vs the hundreds they (misleadingly) advertise. I would personally NOT purchase this service, as there are better options. Don’t fall for their podcast ads or brand recognition. I’d rate them as ‘sucky’ and ‘misleading’ at best. 

Positives:

  • Custom data removal requests (up to 10 concurrently).
  • Quarterly PDF exposure reports.
  • Supports multiple email addresses and phone numbers.
  • Asks about current/previous employers and LinkedIn profile URL.
  • Nice Listings Reviewed and Listings Removed bar charts.
  • Failed custom removal requests are accompanied by suggested manual removal steps.
  • Built-in on demand Google search tool with keep/remove/not me buttons.
  • Supports optional email masking and phone masking. One time $7 fee for phone masking. (Note: I did not try this service.)

Negatives:

  • PC Magazine Review (3.5 out of 5)
  • Free scan available (but only one result is unmasked unless you subscribe) – worthless
  • Claims 750+ data brokers (varies by plan). However, a significant number appear to be supported only via custom requests or business plans. My privacy report says 115 data brokers were scanned, a far cry from 750+. Thumbs down for transparency and advertising honesty. 
  • Limited per-data broker opt-out and removal status. You can only view quarterly PDF reports.
  • Custom requests can take weeks for any type of response.
  • No real time screenshots of the exposed information or Google search results. 
  • No ‘proof of removal’ screenshots. 
  • Missed numerous sites that had my PII. 
  • Data scans are only quarterly, which can leave your PII exposed for an extended period.
  • Robust marketing team, but very poor data scrubbing services. 
DeleteMe Dashboard Snippet

EasyOptOuts.Com (Avoid)

I’m very suspicious of this site as the UI is terrible, very lackluster data removal status, and lack of features. I’m almost thinking this is some type of scam site, or at best, a fly by nite operation that I would NOT trust. 

Do not waste your time on this site, as my entire experience was highly suspect and not worth spending a dime on. If you cancel your subscription they immediately delete your account, even if you had months left on your original purchase. 

Aura (Avoid)

Don’t bother. Their list of data brokers is tiny, removal timeline is measured in months (if ever), and a so-so dashboard at best. Save your money! 

Kanary (Avoid)

Don’t bother! I used their 14 day trial and was deeply disappointed. Poor dashboard and poor exposure accuracy. Most of the exposures it “found” were labeled “This might not be an accurate exposure. We’re confirming that your info is exposed on this site and should have an update in a week.” But two weeks later there were ZERO updates. It didn’t list what PII was exposed; it only provided URL links to the profile on the offending site. 

Scrubbing Search Engines of PII

Search engines can be a powerful way to find any exposed PII on the web. However, depending on how you phrase your searches, use quotes (or not), or other tricks, you may not find all of your PII. Also beware that public search engines likely won’t return PII from data brokers that don’t have public facing search capabilities (e.g. “People Finders”). So don’t just scrub all search engines of your PII and think you are good to go. It’s a great start, but only one aspect of removing your PII from data brokers.

Google 'Results about You'

Before doing a lot of manual Google searches of your PII, you can let Google take a first crack at finding your PII. You can check out their article Find and remove personal contact info in Google Search results for details. Here you can enter up to three physical addresses, your full name, and three each phone numbers and email addresses.

However, I would not put too much weight on their results (or lack thereof). It didn’t return a single hit for my PII, even though I had specific Google search queries that were still showing some of the PII I used on this form. But hey, it’s free and fairly quick, so why not give it a try.

Google Search

Google Search is a quick way to find some of the websites that contain your PII. However, it’s not always just as simple as typing in your name or current home address in the Google search bar. Here are some tips I’ve learned:

  1. Search for all of your current and prior addresses. There may be results for prior addresses.
  2. Search both with and without quotes around your street address (e.g. “1234 Main street” and 1234 main street). Results may be different. I left off my city/state for most searches, but you can trying adding that as well. The more combinations the better.
  3. Building on #2, add your first or last name in the address query outside of the quotes (e.g. “1234 Main street” Robert).
  4.  Search for your phone number and email addresses, both with and without quotes. Add your first and/or last name in the searches as well. 
  5. Search for your name with and without your middle name and/or initial. Try with and without quotes. Try adding ‘address’ in your search (e.g. “Robert Redford” address).
  6. In your favorite note taking app take screenshots of all Google search results with your PII, the query you used, and the full Google search URL (the URL in your browser’s search bar when on the Google search results page). You will use this information later to verify the takedown request. Keep this information for future use. Your PII may resurface again so permanently keep all the search queries you performed even if they returned no results. Future PII exposures may return results.

Removing Google Search Results

If Google is displaying what they consider personal information (e.g. name with home address, phone or email address), you can request Google to remove the search result. There are three primary ways to remove the results:

  1. Click on the three dots next to the offending personal information (see below). Then click on Remove Result, and follow the wizard. Take note that Google has strict guidelines for when they will remove links. If denied, and the offending listing has multiple pieces of sensitive information (home address, phone), try the removal request using the other offending data. I used that tip for one listing, and it worked. 

2. Follow the Google article called Find and remove personal contact info in Google Search results. You can then use their Report a Problem form to send a more detailed removal request, which includes a screenshot. 

3. If the source content has been deleted, yet Google search snippets still show some of your PII, you can request Google to re-index a URL to see if the content has changed. You can use the Google Request a refresh of outdated content in Google Search page to submit URLs. I’ve had very good luck with Google re-indexing pages that no longer contain my PII. 

Removing results from Google search does NOT remove your PII from the offending website. You must follow data deletion or suppression procedures for that site to remove your PII. Even if you have an offending site remove your PII, Google search may still show snippets from the site with your PII for months. Automated Google re-indexing may take months, so follow option #3 (above) to more quickly get your PII removed from search result snippets. 

Google often responds within minutes or hours to your removal requests. Sometimes denials take multiple submissions to get the removal result you want. If using remove option #1 fails, try option #2. That form requests a screenshot of the offending record and may provide more context for your removal request. Actual removal of your PII from Google search, once approved, can take hours or days. Be sure to check back and validate the search query comes up clean.

You can easily track all of your Google Search removal requests in their Take control of results about you page. This has additional ‘denial’ information which is not contained in the denial email.

Bing Search

Use the same tips as Google search when looking for your PII. Always screenshot the results with PII, the query you used to get those results, and the offending Bing search URL. 

Removing Bing Search Results

Use the Bing Report a Concern form to request PII removal. Unlike Google, Microsoft can be slow to remove results. They also can be a bit more stubborn to get PII removed, depending on the content or site. If Bing first refuses to remove a search result, try again. Also, unlike Google, Bing can be resistent to re-indexing specific pages to remove offending PII that may be shown in search result snippets but no longer on the offending page. Persistence can be key.

I suggest periodically running Bing searches (that you’ve already saved) to check if the offending links have been removed. If Bing replies that they will take corrective action, give it 1-2 days and do a search to verify the offending data was removed.

Kagi Search

Kagi is a paid search engine which is a meta search of sorts, using various other search engines like Bing. Kagi has no way to suppress/remove results. You must first find out which underlying search engine has your PII results, then go directly to that search engine and follow their removal process. They do not tag which underlying search engine was used for each result, so you have some sleuthing to do. 

DuckDuckGo Search

You can find details on how to remove your PII on their DuckDuckGo Personal Information Removal page. However, the bottom line is they rely on Bing results. If you remove your PII search results from Bing, they will disappear from DuckDuckGo as well. 

Real Estate Privacy

If you personally own any real estate, it is highly likely your county has public records that show your full name and address. Property tax records can also be a gold mine for finding out the names of property owners. Depending on your threat model and how private you want to be, you might want to consider (somewhat) obfuscating your ownership. 

I am NOT a lawyer and the following is not legal advice. It is only  provided for informational purposes. If you live in the US, you might want to look into a revocable trust. A revocable trust is a legal entity that can hold certain assets (such as real estate) in the name of a trust, for which you are the trustee. This can have numerous legal benefits, which are outside the scope of this post and vary by state. Consult with your nearest estate planning lawyer to determine if a revocable trust makes sense for you. In particular if you live in California, it is highly likely it may make sense to help avoid probate when you die. 

Revocable trusts can be named almost anything you want. It could be called “Happy Hippo Trust, Dated March 1, 2025”. When you ‘fund’ your revocable trust and re-title your property the deed is now in the name of your trust. Eventually the county tax records are updated to the trust name. This could provide one crude level of obfuscation of who owns the property. 

However, when the deed is transferred to the trust the county will know who the trustee (probably you) is. So depending on what records your county makes public about the transaction, your name (as the trustee) may still be publically available with enough digging. But it could deter simple county tax collector lookups which will probably just show the trust name. This is mostly ‘privacy through obscurity’ and certainly NOT guaranteed anonymity. 

Tip: If privacy is your main concern, I would NOT name your trust with any part of your first or last name. Commonly lawyers might suggest naming your trust something like “The <Last Name> Revocable Trust, dated XYZ.” I would suggest coming up with an entirely obfuscated trust name not tied to your last name. Have fun! But realize if you want to change your trust name down the road, it is very likely you will have to entirely re-do your whole revocable trust plan with a lawyer which can be very expensive. This new trust needs to be ‘funded’ (assets moved into the trust), which can be a pain and time consuming. Pick a trust name that you will be happy with for decades to come.

Summary

In today’s digital age, data brokers will likely have a ton of data about you. This can include all previous addresses (even back to childhood), relative’s names, phone numbers, email addresses, vehicle make/model, birth dates, social media accounts, photos, and much, much more. “Scrubbing” this data to help preserve privacy is a lengthy, time consuming, and never ending process. 

While you can use the free/DIY method to help combat PII exposures, I would personally enlist either Optery or Privacy Bee which each cover hundreds of data brokers. But even with one or more paid services, there is still considerable leg work on your part to ensure your PII is no longer exposed. Some data brokers are unscrupulous and will refuse to take down your PII, or have broken contact methods. The best you can do here is have your PII de-indexed from search engines to make it harder to find. 

Bottom Line: If you are serious about online privacy and scrubbing your PII from data brokers, it could take many months of periodic effort to reduce or possibly eliminate PII exposures. This is a game of whack-a-mole, so in a few days/weeks/months there might be new exposures to address. 

Related Posts

Subscribe
Notify of
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments