What are data brokers? Tips to keep your data safe
October 19, 2023 9 min
Data brokers are companies or individuals that collect your data to sell to others. In this guide, we’ll cover how data brokers collect their information, what data they collect, what they do with it, and how using Norton 360 with LifeLock Select can help prevent online tracking, secure your data, and help protect against hackers and identity theft.
Data brokers are companies or individuals that collect people's personal information to sell it to other companies. They do this by collecting information from various sources and then piecing it together like a puzzle to build a detailed profile of who you are.
Data brokering is a booming business, with the overall data broker market expected to reach over $460 billion by 2031. Some of the largest data brokers include Equifax, Experian, Acxiom, and Epsilon.
How do data brokers get data?
You might be surprised how much of your personal information is freely available to the companies that want it. In fact, data brokers don't need to work that hard to find your data at all. There are many places an information broker can collect your data, including:
Public records: This may include court records, motor vehicle records, census data, birth certificates, marriage licenses, voter registration information, bankruptcy records, and divorce records.
Commercial sources: Brokers may collect or purchase data from credit card providers and retailers. This includes information such as the amount of money you owe on your department store credit card, the type of coupons you tend to use, and the items you've purchased after swiping a store’s loyalty card.
Internet history: If you spend a lot of time on social media or in the online world, you're giving data brokers even more information about you. Data brokers might nab personal information from the posts you've made or “liked” online, online quizzes you've taken, online sweepstakes you've entered, and the websites you've visited.
Other areas you’ve agreed to share data: When signing up for a new account, application, or customer program, you might be agreeing to share your personal data without even realizing it.
With all of this at a data broker's disposal, they can easily start gathering and piecing together personal information to sell to other companies.
What types of information do data brokers collect?
Think of anything a company would want to know about you to help sell you products or services—this is the kind of information data broker companies collect. Examples include your:
And that's just the beginning. Say you spend a lot of time playing online video games. Data brokers might compile your favorite games or category of games and then sell that information to companies hoping to sell you new video games.
If you collect baseball cards, data brokerage companies will want to know. If you prefer one brand of dishwashing detergent over others, data brokers might want to know this, too, and will be happy to let companies know.
What do data brokers do with your data?
Selling your information hasn’t proved too difficult for data brokers. That’s because these companies have plenty of potential customers eager to purchase your information. These data brokers may sell your purchased data to companies for a variety of reasons, including:
Marketing and advertising: Have you ever been browsing the web when a banner ad appears for a product you already bought? Perhaps an ad for laundry pods pops up when your current supply is almost depleted. Data brokers might be behind this. Data brokers can tell advertisers what brand of laundry soap you’ve bought in the past and when you purchased it. This allows companies to send ads timed to when you might need new pods.
Fraud detection: Maybe you applied for an auto loan. Your lender might check the information you provided on your application against the numbers information brokers dig up on you. This can help lenders determine if your information regarding income, debts, and salary is legitimate.
Loan offers: Mortgage lenders, banks, and credit companies are all interested in the amount of money you owe, the loans you’ve already paid down, payments you’ve missed, income, job history, and the homes and cars you own. They might also be interested in what websites you’re visiting. Why? If you have a mortgage loan with a high interest rate, a mortgage lender might want to display an ad on those sites to entice you to refinance a new loan with a lower rate.
People search sites: People search sites allow you to enter the name of any person and—usually for a fee—receive their phone numbers, addresses, age, date of birth, former addresses, and other information. Many data brokers gather this information from public records and sell it to these sites.
Health insurance providers: Health insurance providers may purchase information from data brokers to help determine what rates they should charge you. This information includes the medications you take and the symptoms you research online.
As you can see, the uses for your data are wide-ranging. Brokers have no shortage of potential customers to sell to, whether they plan to use your information for targeted advertisements or to determine how likely it is you’ll default on a personal loan. Data brokers will sell your data to any legitimate customer willing to pay.
Are data brokers legal?
Generally speaking, yes. Data brokers aren't acting illegally if they use public records to obtain the information they sell. In the U.S., there isn’t a federal law regulating data brokers. As always, exact laws vary from state to state, and some states have stricter privacy laws than others.
For example, Vermont passed a law in 2018 that requires all businesses selling or sharing data about the state's residents to register in a public database and share information about their operations.
California’s Consumer Privacy Act (CCPA) allows the state’s residents to obtain copies of the information data brokers have collected on them. This act also permits California consumers to request the erasure of their information and opt out of having their data sold.
In the EU, data brokers must adhere to the General Data Protection Regulation (GDPR), a data privacy law that helps regulate data brokers and mandates that consumers provide consent before their data is collected. It also grants consumers the right to request the deletion of their collected data.
Even with these regulations in place, many companies bury information about consent within the fine print of their websites, and if you don’t take the time to read every word before signing up for an account or visiting a website, you may be unknowingly consenting.
Examples of data broker breaches
Because data brokers store so much personal information, it’s important they do everything they can to keep it safe. Unfortunately, major data brokers are often affected by data breaches, leading to the exposure of millions of people’s personal information.
In addition to the ethical concerns related to data brokers, keeping the data secure is another concern entirely. A data breach can lead to major consequences for those involved, including an increased risk of identity theft or your personal information winding up for sale on the dark web.
How to protect your information from data brokers
Unfortunately, it can be difficult to make yourself completely invisible to data brokers. But there are steps you can take to reduce the amount of information they can collect. Follow these tips to help protect your personal information from data brokers:
Be cautious about what you share online: Adjusting your online behavior can help protect yourself from data brokers. By avoiding posting personal information on social media and steering clear of online quizzes and sweepstakes, you can reduce the information data brokers can collect.
Use a VPN: Browsing the web with the help of a VPN like Norton Secure VPN can hide your IP address and encrypt your data as you browse the internet, meaning your online activity is hidden from snoops, including data brokers. This can help prevent internet tracking, which in turn can reduce the amount of information that data brokers can collect.
Use a secure browser: Using a secure browser can help protect your personal information from ending up in data brokers' hands. With Norton Secure Browser, you can safely use the web and hide your online activity with anti-fingerprinting and tracker-blocking protection.
Use a paid service: You can pay private companies to keep your information away from data brokers. Keep in mind that these services could cost you hundreds of dollars a year.
Opt out of data collection: You may also manually opt out from each data broker. While this may be time-consuming, it's a surefire way to stop data brokers from collecting your data. To learn more about the opt-out process for each data broker, visit PrivacyRights.org.
Increase your privacy settings: Whether it be your social media privacy settings or app permissions on your phone, increasing your privacy settings may help make it more difficult for data brokers to access your information.
Read the fine print: As you now know, many websites and companies hide data consent information within the fine print. To avoid sharing your information with data brokers accidentally, you might want to read the fine print before agreeing.
By keeping these tips in mind, you can reduce the information that's easily available to data brokers, helping you take control of your data privacy.
Help keep your information private with Norton 360 with LifeLock Select
Now that you understand what data brokers do, you can browse the web with an enhanced sense of awareness, taking the proper steps to keep your data safe. To protect yourself even further, consider using Norton 360 with LifeLock Select. With malware protection, dark web monitoring, a VPN to defend against ad tracking, and identity theft protection, Norton helps you use your device with greater peace of mind.
Clare Stouffer, a Gen employee, is a writer and editor for the company’s blogs. She covers various topics in cybersecurity.
Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc.