What Are Data Brokers? How They Collect and Sell Your Personal Information

Data brokers have compiled more information about the average American than most people's primary care physicians. They know where you live, who you're related to, how much you earn, what you've bought, where you've traveled, and what medical conditions you might have. And they sell this to anyone willing to pay — without needing your consent or telling you it's happening.

Most people have never heard of data brokers until they Google themselves, find their home address on a dozen public websites, and wonder how it got there.

The simple definition

A data broker (also called an "information product company") is a business that:

1. Collects personal information from public records, online activity, and commercial data sources
2. Aggregates it into detailed profiles
3. Sells or licenses those profiles to third parties — advertisers, employers, insurers, law enforcement, and anyone else who pays

They are largely unregulated at the federal level. They don't need your consent. Most don't notify you they have your data.

The 5 types of data brokers

1. People-search sites

Examples: Spokeo, WhitePages, BeenVerified, Intelius, Radaris, MyLife

These are the most visible data brokers. They display your name, current and past addresses, phone numbers, relatives' names, and often criminal or court records on publicly accessible web pages. They monetize through per-search fees or subscription access. Scammers, telemarketers, and anyone curious about you can find your home address in under 30 seconds.

2. Marketing and advertising brokers

Examples: Acxiom, Epsilon, Oracle Data Cloud, Nielsen Marketing Cloud

These operate behind the scenes. They don't display your data publicly — they sell it to brands running advertising campaigns, political campaigns targeting voters, and companies doing direct mail. They track purchase behavior, brand affinities, income estimates, and thousands of behavioral signals.

3. Financial and credit data brokers

Examples: Equifax (marketing division), TransUnion, LexisNexis Risk Solutions

Separate from their credit bureau functions, these companies sell financial behavior profiles to insurers, lenders, and employers. This includes payment behavior, bankruptcy history, and "financial stability" scores that affect how you're priced for insurance or credit.

4. Health and wellness brokers

Examples: IQVIA, Optum (UnitedHealth Group), various Rx data companies

These brokers aggregate prescription fill records, OTC purchase history, and health interest signals inferred from browsing. They sell to pharmaceutical companies, health insurers, and hospitals. Federal HIPAA rules don't cover data that was never held by a covered healthcare provider.

5. Risk and fraud assessment brokers

Examples: LexisNexis, Verisk, TransUnion (fraud division)

These compile identity verification data, litigation history, and fraud risk scores. They sell to banks making credit decisions, insurance companies evaluating claims, and law firms doing due diligence. Opting out of these is often harder — they serve legitimate fraud prevention purposes.

Where do they get your information?

Data brokers collect from eight main source types:

• Public records — court filings, property deeds, marriage and divorce records, voter registrations, business entity filings, and any other document that becomes part of the public record
• Social media — public posts, profile information, check-ins, photo metadata, and public connections
• Retail loyalty programs — every swipe of a loyalty card logs your purchases; that data is sold downstream
• Mobile app location data — apps with location permission often sell that data to data brokers; your daily movement becomes a sellable asset
• Website tracking — third-party cookies, tracking pixels, and browser fingerprinting follow you across sites
• Other data brokers — they buy from each other; data acquired by one broker amplifies through the network
• Credit card transaction data — sold in aggregate by some financial institutions
• Government record aggregators — companies that systematically collect court records, DMV data, and other government filings at scale

What they actually know about you

The average data broker profile includes, according to industry estimates, roughly 1,000 data points:

• Full name, current and all previous addresses, phone numbers, email addresses
• Names and contact information for family members, roommates, and neighbors
• Estimated household income and net worth bracket
• Political party registration and estimated voting behavior
• Vehicle ownership history
• Property ownership and mortgage information
• Social media handles and associated content
• Criminal and civil court record history
• Employment history (often scraped from LinkedIn)
• Health interest signals inferred from purchase and search data
• Interests, hobbies, and brand preferences

Why this matters

The harms aren't abstract. Telemarketers and scammers purchase phone number lists directly from data brokers — this is a primary source of the 57 billion spam calls Americans received in 2023. Sophisticated phishing attacks use data broker profile details (your employer, your address, your relatives' names) to appear legitimate. Doxxing — publishing someone's home address to invite harassment — uses people-search sites as the primary tool. Insurance companies use "wellness scores" from health data brokers to set premiums without your knowledge.

How data brokers enable identity theft and doxxing →

What you can do

Every US data broker must provide a free opt-out mechanism. You can do this yourself — the top 10 priority sites take 3-5 hours — or use a service to automate it. Data reappears within 60-90 days as brokers re-ingest from public records, so this requires annual maintenance.

How to remove your data for free → | Complete opt-out guide →