People Search Sites & Data Brokers
Disclaimer: I am not a lawyer. Laws vary from place to place. I am sharing my experiences and what I’ve read from other experts. If you are intrigued by this subject, I highly recommend you read Extreme Privacy by Michael Bazzell or How to be Invisible (3rd Edition) by JJ Luna and speak to an estate planning attorney in your area.
I’ve mentioned how public information gets sold, resold, and scraped up and eventually finds its way onto the internet. If you’ve never done this before, I encourage you to Google your full name, your SIM phone number, your address, or your email address (or any combination of those). You might be surprised what turns up. Often you’ll find pages of search results offering up your name, date of birth, physical address, email address, phone number, and list of known relatives (and often this data will go back several years and include multiple past or known addresses, phone numbers, email addresses, and more). In some cases even more information might be shared like places you’ve worked or political party affiliation. I strongly recommend that you remove as much of this information as you can.
Why Should I Care?
Good privacy and security are proactive, not reactive. You never know when you might suddenly end up in the spotlight. You never know when some angry kid on the internet will SWAT you, or if something innocent like your Twitter handle will land you in hot water with a cyber criminal. You could even lose your job over it or have your life ruined by false accusations and honest mistakes. In some cases, you may not even be involved but simply caught up as some sort of collateral. By the time you’re in the hot seat, it’s too late. You can’t unpublish your information or nicely ask the press to leave you alone. No matter your opinions, occupation, or goals, the internet is full of unhinged people who will take even the most innocuous facet of your life (one that often doesn’t affect them in any way) and consider it a personal slight worthy of retribution. as such, I consider it extremely important to try to keep your personal information out of public record.
Removing the Data
There are two main ways to go about removing your data from people search sites: the automated way, and the manual way. The manual way is the most effective, but it is also the most work. The automated way is easiest but will likely be acceptable for the vast majority of people with low threat models. Recently-published research has shown that automatic data removal is only partially effective. The worst services removed only 4% of data after 4 months while the best removed 68% (note that this was not a comparison of all data removal services, only a handful of the most popular ones). That said, I can personally attest that manual data removal is a tedious and lengthy process, involving lots of time to find your data, request removal, and following up to see if it was removed (which of course necessitates a lot of accurate record-keeping and time to follow up on all this). As such, I don’t believe it’s realistic to ask everyone to manually handle their data removal. The ideal solution is a hybrid: use automatic data removal to handle the majority of the work, then do regular manual follow-ups to catch any stuff that was missed.
Automatic Data Removal
Below I have listed several data removal sites who I believe are worth consideration. This decision is based on several criteria. First, these sites will remove multiple forms of data that I find to be particularly sensitive, such as name, phone, number, and home address. Second, these are organizations who have demonstrated a high removal rate (over 50%) using Consumer Reports’ methodology. Third, they do a scan and removal request at least once a quarter. You can go with others if you feel more comfortable, but as the above-linked research showed, not all data removal services are created equal. Be sure to investigate what data they remove and how often.
Unlike most other pages on this website, I actually do list these services in order of recommendation. Based on the previously-mentioned research, EasyOptOuts is the best “bang for your buck” with a 65% success rate and only $20/year. Optery is slightly more effective (68%), but significantly more expensive. One strategy I heard recently suggested to use EasyOptOuts alongside Optery’s free tier (to catch whatever EasyOptOuts missed). For the sake of offering more options, I also suggest MyDataRemoval or DuckDuckGo Privacy Pro. Please note that neither of those services were included in Consumer Reports’ research and at this time, I am manually investigating their efficacy. I will be updating this site once I have more solid results to compare with.
Note: For DuckDuckGo Privacy Pro, I do not recommend using the included VPN. You can see which VPNs I recommend here.
Manual Data Removal
For manual removal, there are a number of resources. Michael Bazzell offers a free workbook, and Yael Grauer offers the Big Ass Data Broker Opt-Out List that you can use to help scrub this information. These resources contain reasonably comprehensive lists of known people search sites, data brokers, and ways to opt out as well as other resources for finding and removing data and keeping it removed. These lists are not and cannot ever be truly, 100% complete. New sites are popping up constantly. Optery, DeleteMe and MyDataRemoval also offer their own opt-out guides you can add as a resource.
In addition to targeting people search sites, I also recommend using Google (or another effective search engine) to search for your name, phone number, email address, and/or phyiscal address in quotes. The more data you remove, the more the old, forgotten, and niche stuff will rise to the surface. This may include forgotten social media posts, accounts, or new, smaller public data sites.
Another tool that may be useful to readers is Permission Slip from Consumer Reports. This tool purports to help users see what companies are collecting data on them, request removal, and delete various online accounts from within a single app.
Other Data
One service not covered by traditional opt-out services is facial recognition. The best publicly-available service I have found for facial recognition services is PimEyes. All other alleged public facial recognition search engines are basically just glorified reverse-image search and I haven’t found them to be effective. PimEyes offers a subscription service that lets you know when new photos of you surface, the idea being to know when photos you don’t want are made available and thus to have them removed. However, in my case, I found several websites who were not responsive to takedown requests, so for some people it may be better to opt out of their service entirely. You can do that here.
For content, I recommend Redact. Redact is an app that runs locally on your device and can be used to purge user-generated content - such as likes, comments, posts, etc - on a number of popular services like X, Reddit, Tinder, Facebook, Discord, and more. While the other services listed above focus on removing your name, physical address, phone number, and more from people search sites, Redact focuses on removing the content you posted. This is valuable because the longer you use a specific account, the more likely you are to have accidentally posted something revealing. It is not unusual for malicious actors to take the time to scroll your old content (when they find it) to check for any slip-ups like these. Thus, I encourage the use of Redact (or a similar service, if you know of one you trust) to help remove old content and protect yourself even further.
Keeping the Data Gone
It’s important to note that whichever method you use to remove your data, it will just come back unless you cut off the flow of information at the sources. There are a number of ways to tackle this, and they range from complicated to illegal. As such, I want to again remind you that I am not encouraging you to use these techniques to defraud anyone. Pay attention to your finances, pay your bills, and obey the law. Also remember that I am not a lawyer. You should consult with an attorney (specifically an estate-planning attorney, in most cases) to ensure you comply with local regulations and to make sure you’re really getting the protections you’re looking for.
Obscuring your home address is not difficult, but require a lot of work and determination. The first option for housing is to rent from an individual landlord and ask them to keep all the utilities in their name. This is an unusual request, so expect to be met with resistance. You’ll have better luck if you offer all or a large chunk of the rent up front or if you agree to pay a premium. You could also try a white lie, saying that you have an abusive ex or stalker in your past and you’re trying to keep your name off public records. That might help sway them to your cause. As long as you can get them to trust that you’re paying, they probably won’t mind.
The second option for housing depends on whether you plan to buy or rent. If you plan to buy, buy your home in a trust and cite estate planning purposes as your reason. That way the trust will show up in public records but not your name. Michael Bazzell talks about this extensively in his book. If you plan to rent from a larger landlord who won’t let you stay there “under the table,” a shell corporation is typically the best approach. When seeking an apartment that will rent to a shell corporation, ask if they do “corporate rentals.” Be sure to do your research and check your local laws. Most states require an LLC to publicly name an agent. For most people this won’t be an issue, as this still creates a layer between your name and your home, however be aware that it is only one layer and may not deter a more advanced advesary. If you require additional protection, you could hire a lawyer and have them listed, protecting you by attorney-client privilege. Typically as long as you don’t do any business or have any income as that shell corporation, you won’t have to pay any taxes (though you may still have to file and may have to pay an annual fee depending on the state). This is a complex subject but in most cases this is ideal for most people. Again, be sure to consult with a lawyer for a full idea of your options and available protections.
If you have a home in a trust or LLC, utilities and vehicles are easier at that point. If your threat level is low, you can just register them in the same name as the trust/LLC. For most people, this is adequate. If you need additional layers of protection, you can register your vehicle in a different trust/LLC. You could also do utilities in a separate trust/LlC but since the utilities will be servicing the home address, this is likely overkill in most situations. Your car insurance may cost a bit if you use an LLC as opposed to a trust more due to being a “company vehicle” but sadly some of the more advanced privacy techniques require extra funds. For most people this may not be as vital as the home address and can be safely skipped altogether, but for those with more advanced threat models this should be considered.
The final public record I’ll mention here is DMV records. It’s becoming increasingly popuplar for state motor vehicle agencies to sell drivers license information to data brokers for an easy income stream, at which point that data can further make its way onto the internet. The best way to defend against this is a nomad driver’s license, but again these are complicated. According to Michael Bazzell, South Dakota is the best state for this, but even so this may not be an ideal strategy for many people. There are a lot of factors at play regarding the state you wish to reside in, and many states are doing away with this license. In my experience, the best strategy is contact your local DMV, claim that you are about to sell your home and take up a “digital nomad” lifestyle in the near future, and ask how you can still maintain your state license in that situation.
Finally, those with advanced threat models may wish to consider getting an anonymous phone. Certain companies will sell phone location data to anyone who asks, allowing a stalker with your phone number to easily track down your location history, including your home. Start by checking my Mobile Habits page. Couple that advice with disinformation when registering, and use Voice-over-IP so nobody even knows what number to look for. Not everyone needs to take this advanced step, but if you’re able to, I definitely encourage readers to be proactive.
Note: Be sure to couple these strategies with a PO Box or ghost address. All this hard work can be easily undone if you do things like have packages shipped to your home or use your real address for a mailing address. You should also make generous use of some of the other strategies I share on this website, particularly the use of alias email addresses and Voice-over-IP to help keep your email and phone number off these sites. You should also review my guides on mobile devices, which will help suggest settings you can change, apps you can remove or replace, and other strategies you can use to help prevent your data from being scraped and added to data broker profiles or end up on people search sites. Some additionally useful pages include my miscellaneous online habits page and my page on IoT devices (especially the section about vehicle data).
There are many, many more public records, social media sites, rewards cards, and other services and outlets that could leak your personal data, from marriage licenses to university records. I could dedicate an entire site just to this stuff alone. The goal of this particular page was not to be a comprehensive source, but rather just to get you thinking about this stuff. I recommend you consult Michael Bazzell’s book or a lawyer for more information.