How Data Brokers Profile You (and How to Find Out What They Know)

What a Data Broker Is

A data broker is a company whose business is collecting personal information about individuals from many sources, combining it into profiles, and selling those profiles to advertisers, retailers, political campaigns, insurance companies, and (in some cases) governments. Major data brokers include Acxiom (now LiveRamp), Experian, Equifax, Oracle Data Cloud, Epsilon, and Spokeo. Most consumers have never heard of any of these companies but appear in their databases.

Where the Data Comes From

• Public records: court filings, property records, marriage / divorce records, vehicle registrations
• Loyalty programs (every supermarket card you've ever swiped feeds into a partner network)
• Credit reporting (Experian and Equifax also sell consumer data outside the strict credit-reporting use case)
• Web tracking (cookies, fingerprints, ad-network impressions)
• Mobile app SDKs (third-party libraries that send telemetry from inside many apps)
• Magazine subscriptions, charity donations, political contributions
• Voter registration rolls (legally public in most US states)
• Social media scraping (some brokers do this; legality varies)

What a Profile Contains

• Name, age, gender, household composition
• Home address (current + history), phone numbers, email addresses
• Employer, income range, education level
• Inferred political affiliation, religious affiliation, health conditions, life events
• Purchase categories (luxury car owner, vegan, pet owner, expectant parent)
• Lifestyle scores (urban / suburban / rural, tech-savvy / not)

The inferences are often probabilistic and frequently wrong, but they're priced as if they were accurate — and the wrongness doesn't get corrected because consumers rarely see their files.

Who Buys From Brokers

• Advertisers — for targeting beyond what cookies alone can do
• Banks and lenders — for credit decisions and fraud detection
• Insurance companies — for risk pricing
• Political campaigns — for voter targeting
• Employers — for background checks (though this requires consent under most laws)
• Law enforcement and intelligence — broker data avoids the warrant requirement for direct access

How to Find Out What They Know

Under GDPR (EU) and CCPA (California), you have the right to request your data file. Process is laborious:

1. Identify the major brokers (the FTC publishes lists; Privacy Rights Clearinghouse maintains one)
2. Send each broker a subject-access request via their privacy contact
3. Wait 30-45 days for responses
4. Receive your file (often a frustrating PDF dump)
5. Submit deletion requests where you have the right

Services like Kanary, DeleteMe, and Mozilla Monitor's paid tier automate this for $80-200/year. Worth it for many users.

How to Reduce Future Data Collection

• Use disposable email for signups so data trails don't connect
• Don't fill out warranty registration cards (just keep the receipt)
• Avoid loyalty cards or use them under a fake name
• Opt out of credit-bureau marketing lists at optoutprescreen.com (US-specific)
• Use a PO box instead of your home address where possible
• Don't link your loyalty / retail accounts via social media login

Bottom Line

The data broker industry is largely invisible to consumers but materially affects what ads you see, what insurance you qualify for, what credit terms you get, and what political messages target you. You have legal rights to your file and to deletion — exercise them. Use disposable email and other identity-separation techniques to slow future data collection.

Related Guides

See also: 'anonymous data' debunked, how ad targeting works, and our GDPR / CCPA guide.