Getting data brokers to delete your personal data can be very frustrating as their business model depends on this data. Simply put, they use deceptive patterns to avoid complying with data protection requests. We have put together this guide which describes the most common deceptive patterns and how to counter them.
For example, in many cases data brokers cannot ask you to send excessive personal information in order to verify your identity. You also don't need to fill in online forms.
It is great that a free opt out service exists, but, "search for organization..." one-at-a-time deletion requests isn't much of an improvement over doing things fully manually.
A way of handling bulk requests would be nice. E.g., if only making requests to data brokers, you are looking at around 700 different companies that collect/sell data on Californians. If also, additionally, making requests to the companies that originated the data, it would easily be over 1000 requests.
Web UIs are terrible, but even a giant list with check boxes would be better than one-at-a-time (but, this would mean the server needs to remember state between visits to avoid an extremely frustrating user experience). Download complete list as CSV, add some value to a "selected" column, and re-upload would be nice for some of us, but probably a turn off to most-- especially since merging future changes of the upstream file into the modified user copy is probably beyond the capabilities of most users. At the risk of creating records where a broker had none before, maybe just the option to splat the request out to all companies* in your list that do business in a particular region of the world? Super easy for the user, and no state to retain on your end.
Anyway, thanks for working on this. But, one-at-a-time requests is too high a usability bar for me.
* Or, all companies per category in your region. E.g., all databrokers in region, all retail companies in region, all financial/insurance companies in region... etc. Although I'd guess that most folks would just select all categories, and your back to just selecting a region with additional steps.
Adding a bulk send option is easy. The problem is that you will then get 700 reply emails, each slightly different at which point you will be stuck. That said, we are working on automating it.
> Adding a bulk send option is easy. The problem is that you will then get 700 reply emails, each slightly different at which point you will be stuck.
Legislative solutions i.e., default to "opt in" for data collection and "sharing" (with a prohibition on nagging the user to do so) seem to be the way, but it seems a universal that politicians do not represent ordinary people's interests.
> That said, we are working on automating it.
I'll keep checking back on your project. Thanks for putting in the effort.
Thank you for the great, free resource. Do you have any advice for people who are not in a supported jurisdiction? eg. Have you heard of anyone having success for using GDPR as an excuse to be removed despite not living in the EU?
Yes, 90% of companies do not check where you are from and will comply with your request, however data brokers and other companies who's business model depends on personal data usually do check just to add more friction to the opt-out process. Still, I recommend trying.
Getting data brokers to delete your personal data can be very frustrating as their business model depends on this data. Simply put, they use deceptive patterns to avoid complying with data protection requests. We have put together this guide which describes the most common deceptive patterns and how to counter them.
For example, in many cases data brokers cannot ask you to send excessive personal information in order to verify your identity. You also don't need to fill in online forms.
Hope this helps: https://consciousdigital.org/wp-content/uploads/2023/04/dark...
I'm one of the creators of https://databrokerswatch.org and https://yourdigitalrights.org/