Data Brokers, Deletion Services, and Privacy: Critical Overview

Name: What DeleteMe and Incogni aren't telling you
Uploaded: 2025-05-01T12:01:13+00:00
Duration: 32 min 24 s
Channel: Reject Convenience
Description: Summary and key takeaways on What DeleteMe and Incogni aren't telling you — Summary, covering The Data Broker Landscape Data brokers fall into five broad

Reject Convenience

May 01, 2025

•

32 min video

•

2 min read

YouTube video ID: iX3JT6q3AxA

Source: YouTube video by Reject Convenience — Watch original video

PDF

Data brokers fall into five broad categories. People search services act as modern, online phonebooks and often pull public records. Marketing data brokers build “inferred data” and “user personas” to target ads without ever naming individuals. Financial information brokers—namely the three credit bureaus Experian, Equifax, and TransUnion—track credit scores, loans, and payment history, making opt‑out virtually impossible in the United States. Risk‑mitigation brokers supply background‑check data for employment and housing decisions. Personal health data brokers collect sensitive information such as purchase and search histories outside of HIPAA protections. As one commentator notes, “The term ‘data broker’ itself is a pretty loose expression, covering all kinds of different companies.”

Evaluating Data Deletion Services

Incogni, DeleteMe, and Mozilla Monitor focus primarily on people‑search brokers. Their marketing touts large numbers of “removals,” but those figures count individual data points rather than distinct broker sources, which can be misleading. The services are not scams, yet their usefulness wanes for most U.S. residents because data re‑appears after each collection cycle. Some providers employ dark patterns—requiring users to contact support to cancel subscriptions—further eroding trust. As the analysis puts it, “They’re not the source of the problem, nor are they the solution to the problem. The actual problem is the data being collected in the first place.”

The Root Problem

U.S. companies such as Meta, Google, and Amazon operate with minimal oversight, and no federal law currently bars the gathering of unnecessary data. This regulatory vacuum makes data breaches inevitable; any retained information is at risk of exposure. Corporate structures often link data‑deletion services to the same parent companies that run VPNs, exemplified by Surfshark’s ownership of Incogni and NordVPN’s similar ties. The situation creates “an infinite money glitch that they’re just jumping on before regulations eventually catch up,” according to the commentary.

Actionable Privacy Steps

Advocacy and personal hygiene together form the most practical defense. Contact local representatives and demand privacy legislation that limits unnecessary data collection, citing concrete examples like Spotify’s data sharing or GM’s health‑data practices. Switch from Gmail to privacy‑focused email providers, block advertisements to cut the financial incentive for data harvesting, and reduce public‑facing social‑media profiles to hinder cross‑referencing. Remember, “Blocking ads is not piracy,” and every blocked ad diminishes the data‑broker revenue stream.

Hard Facts & Numbers

Five major categories of data brokers.
Three credit reporting bureaus dominate financial data.
Over 1,700 registered U.S. data brokers, with an estimated 5,000+ worldwide.
Forty‑seven percent of U.S. companies suffered a data breach in 2024.
Twenty U.S. states have enacted some form of consumer privacy law.

Takeaways

Data brokers are divided into five categories, ranging from people‑search services to personal health data aggregators.
Deletion services like Incogni and DeleteMe mainly target people‑search brokers and often overstate their impact by counting individual data points.
The United States lacks federal privacy regulation, allowing companies to collect and retain data with little oversight, which fuels frequent data breaches.
Corporate ties between VPN providers and deletion services create conflicts of interest and can obscure the true effectiveness of privacy tools.
Effective privacy protection combines legislative advocacy with personal habits such as using privacy‑focused email, blocking ads, and limiting social‑media exposure.

Frequently Asked Questions

What are the main limitations of data deletion services like Incogni and DeleteMe?

Data deletion services primarily remove entries from people‑search brokers and often count each data point rather than unique sources, which inflates their reported success. Because data is continuously recollected, their long‑term effectiveness for most U.S. users remains limited.

How does the lack of federal regulation in the U.S. affect data broker practices?

Without a federal privacy law, U.S. companies can gather and retain vast amounts of personal information with minimal constraints. This regulatory gap enables ongoing data collection, increases breach risk, and leaves consumers with few legal avenues to limit or delete their data.

Who is Reject Convenience on YouTube?

Reject Convenience is a YouTube channel that publishes videos on a range of topics. Browse more summaries from this channel below.

Does this page include the full transcript of the video?

Yes, the full transcript for this video is available on this page. Click 'Show transcript' in the sidebar to read it.

Helpful resources related to this video

If you want to practice or explore the concepts discussed in the video, these commonly used tools may help.

Hardware Security Key For Online Accounts Recommended

Physical security keys provide hardware-based two-factor authentication, which is the most effective way to prevent unauthorized access to accounts even if your data has been leaked in a breach.

Amazon →

Books On Digital Privacy And Surveillance

Educational books provide a deeper understanding of the surveillance economy and the systemic issues surrounding data collection that the video highlights.

Amazon →

Privacy Screen Filter For Laptop Monitor

A physical privacy screen limits the viewing angle of your display, preventing visual data collection or 'shoulder surfing' in public spaces.

Amazon →

Faraday Bag For Cell Phone Privacy

A Faraday bag blocks all electromagnetic signals, preventing your phone from transmitting location or identity data when you want to ensure complete digital silence.

Amazon →

Links may be affiliate links. We only include resources that are genuinely relevant to the topic.

Summarize another video

Full Transcript YouTube

 [Speaker 1:] 
 ...this video’s sponsor, Incogni. 
 [Speaker 2]: 
 DeleteMe - a simple service that puts 
 [Speaker 2]: 
 control of your personal data back to you. 
 [Speaker 3:] 
 They intercept the data brokers 
 on your behalf, 
 [Speaker 3:] 
 requesting your data’s removal 
 and handling any resistance. 
 [Speaker 4:] 
 But, your data could lose again. 
 [Speaker 5:] 
 Your address, employment history, 
 [Speaker 5:] 
 social media accounts, 
 telephone numbers, and much more. 
 [Speaker 6:] 
 Instead of you reaching out 
 to data brokers one by one, 
 [Speaker 6:] 
 Incogni does it 
 automatically on your behalf. 
 [Speaker 7:] 
 Just 60% off today on your plan. 
 [Speaker 8:] 
 So take back control 
 of your personal data today! 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Speaker 9:] 
 To date, they have deleted 
 all personal information from 678 people. 
 [Click] 
 Why would a data broker 
 delete your information? 
 Think about it. 
 Isn't the entire point of a data broker 
 to collect and retain your information? 
 Like isn't 
 that their whole business model? 
 When I requested Office Depot 
 to delete my personal information 
 that they had collected about me, 
 like my name and purchase history, 
 they refused to do 
 so because of where I live. 
 If I were nicely to ask General Motors 
 to delete my data regarding 
 what medications I take 
 - yes, that is a real thing - 
 they will also refuse for the same reason. 
 Neither of these companies are considered 
 data brokers, 
 but, what? 
 they care more about retaining my data 
 than an actual data broker? 
 That doesn't make any sense to me. 
 Is it because they're legally 
 required to comply? 
 Or do they simply comply 
 out of the goodness of their own hearts? 
 In this video, we're going to find out 
 what a data broker is, 
 how they collect your data, 
 who they share it with, 
 and whether companies like Incogni 
 and DeleteMe are scam or not. 
 This video is not sponsored by anyone. 
 For full transparency, DeleteMe has tried 
 to sponsor this channel in the past, 
 but I rejected their offer. 
 That said, I don't know 
 that I would have actually 
 looked into making this video 
 had they not emailed me, 
 so you can think of them for that. 
 A major selling point of services 
 like Incogni and DeleteMe 
 is that these “creepy data brokers” 
 collect your data 
 and sell it off to the highest bidder. 
 In fact, their entire business 
 relies on data brokers existing. 
 So let's find out what a data broker 
 really is. 
 It turns out like with most things, it's 
 more complicated than you probably expect. 
 The term “data broker” itself 
 is a pretty loose expression, 
 covering all kinds of different companies. 
 I actually suspect the reason Incogni 
 and DeleteMe use the terminology 
 “data brokers” is intentional, 
 as it's almost too broad 
 to actually describe 
 what's really going on. 
 There are five major categories of data 
 brokers. 
 I'll quickly 
 give you an idea of what they are 
 and what they're collecting, and then 
 we will dive deeper into each category. 
 The most common type of data broker 
 that data 
 deletion services 
 work with are People Search Services. 
 These are companies that act like 
 modern day phonebooks, but online. 
 Much like a physical phone book, 
 they're available to pretty much anyone 
 and often have a majority of the important 
 information posted for free. 
 Then there are Marketing Data Brokers. 
 These companies gather large amounts 
 of information about your online activity 
 and put it into pools of certain 
 behaviors, otherwise known as inferred data. 
 We'll dive into more detail 
 as to what this looks like in a bit. 
 If you've ever applied for a car loan 
 or gotten a credit card, 
 you'll be familiar with the next kind 
 of broker: 
 Financial Information Data Brokers, otherwise known as Credit Reporting Bureaus. 
 This category is dominated 
 by three companies: 
 Experian, Equifax, and TransUnion. 
 They track financial things like payments 
 to your phone bills, utilities, 
 when you pay rent, payments to loans, 
 when you apply to lines of credit, 
 or even when you have your credit 
 checked at all. 
 In a similar vein, 
 there are Risk Mitigation Data Brokers. 
 These are companies that track 
 your identity, often for preventing fraud. 
 When you apply for a job 
 or even apply for an apartment, 
 this is how they do background checks. 
 They work with risk mitigation 
 data brokers. 
 The last on our list 
 is Personal Health Data Brokers. 
 By far the creepiest in my opinion. 
 These companies track health related data. 
 Like when you purchase 
 an over-the-counter medication 
 or even your search history of a health 
 related topic. 
 None of this data is protected 
 under HIPAA. 
 So these companies go nuts 
 in collecting and selling this data 
 to pharmaceutical companies. 
 Before we start 
 diving into these categories, 
 I want to call out the last four 
 on this list 
 are a vast majority of the data brokers 
 that make up the term “data brokers”. 
 Services like Incogni and DeleteMe 
 really only scratch the surface 
 when it comes to deleting your data. 
 [LED buzzing] 
 [Reject Convenience:] 
 You know what? I wanna mix it up today. 
 We're gonna start with a category 
 that just gives me the creeps. 
 Personal health data brokers are, in 
 my opinion, the worst kind of data broker. 
 They collect an obscene amount 
 of highly sensitive information 
 with almost no regulations at all. 
 To help showcase what I mean, 
 I'm going to use the Privacy Visualizer. 
 First, they collect health data, 
 which seems pretty obvious. 
 This would be direct health data 
 from something like a smartwatch 
 or an app that tracks health metrics, but they opt 
 to share that information for some reason. 
 We'll explore an example of this 
 in a moment. 
 Usage data depends on the service 
 or tool in question, 
 but how you use it 
 can sometimes qualify as health data. 
 An example of this would be something 
 like a smart toothbrush. 
 The usage of these tools 
 can indicate certain health patterns, 
 hence the category of usage data. 
 If you've ever searched for a health 
 related product on Amazon, guess what? 
 They will sell that information 
 to a personal health data broker 
 who will then sell it to advertisers. 
 And would you believe it? 
 We have a category for that. 
 It’s search history. 
 Similarly, if you've read a few health 
 related articles using Google Chrome, 
 Google will sell that information as well. 
 Though Google is sort of a data broker 
 in all but name, 
 but they're also one of the biggest 
 advertising companies out there 
 so this example is a bit more complicated 
 than what we're going 
 to actually look into for this video. 
 But browsing history is a category, 
 and we can count that. 
 Last, we have purchase history. 
 If you buy a health related item 
 using PayPal as your purchase method, 
 PayPal will happily sell that information 
 to a personal health data broker. 
 Let's look at a more complete example 
 of how personal health 
 data brokers might get this information. 
 There's a sponsor here on YouTube 
 that I've seen a few times before: 
 Eight Sleep. 
 If you've never heard of them, 
 they make an overpriced smart mattress 
 to track your sleeping patterns 
 and keeps you cool while you sleep. 
 Great. That all sounds cool... 
 How do they fit into this picture 
 of personal health data brokers? 
 Well, 
 they clearly state in their privacy policy 
 that they sell usage data to advertisers. 
 This means that your usage of the mattress 
 and the attached services are sold 
 to companies who can use that information 
 to show you health related ads. 
 What does that look like? 
 Well, let's say you've been having 
 a hard time sleeping for a few nights. 
 That data could be sold to a pharmaceutical 
 company that makes sleeping pills. 
 And then you start seeing ads for said 
 sleeping pills. 
 Or let's say your heart rate 
 is a little elevated while you sleep. 
 They can now show 
 you ads for heart medication. 
 Heck, that heart rate tracking thing 
 can be used for all kinds of weird things, 
 like understanding how you interact 
 with other platforms like Facebook. 
 If Facebook shows you an article 
 while you're laying in bed 
 and they know you've been looking at it 
 for a while, 
 they can combine that data 
 with what Eight Sleep collects, 
 and bammy wham! 
 They now know that you had an elevated 
 heart rate while reading it, 
 implying that you were angry. 
 They can use that data to show 
 you more of those articles, 
 as it keeps you on the platform 
 for longer. 
 I know it sounds crazy, but it's clearly 
 spelled out in their privacy policy 
 that they share a lot of this information 
 with Facebook. 
 And we all know how Facebook is with data. 
 Remember, none of this is regulated 
 and does not fall under HIPAA guidelines at all. 
 So to them, it's all fair game. 
 Also, Eight Sleep charges you a monthly fee 
 to see your health data and cooling and whatever. 
 And if you stop paying, 
 you can't use those features, 
 but they still track 
 all that precious data. 
 Please do not buy one of these. 
 They are a privacy nightmare. 
 Let's move on to 
 the next kind of data broker. 
 [Faint piano playing] 
 [Reject Convenience:] 
 Risk mitigation data brokers are probably 
 one of the most overlooked kinds of data 
 brokers out there. 
 They are most commonly used in scenarios 
 where your identity needs 
 to be validated for, believe it or not, 
 mitigating risk. 
 Like I mentioned earlier, 
 if you've ever applied for a job 
 or sent in an application 
 for an apartment, they often use 
 risk mitigation data brokers 
 to make sure you are who you say you are 
 and you don't have a history of doing, 
 quote unquote, “unfavorable things”. 
 With a job application, 
 that can be things 
 like changing jobs rapidly, 
 or in some instances, 
 working multiple jobs. 
 With an apartment, 
 it can contain things like rental history, 
 late payments, and other similar items. 
 If you plug this into the Privacy 
 visualizer, here's what we get. 
 First, they collect contact info, 
 which would be things like your name, 
 current and previous addresses, 
 phone numbers, and email addresses. 
 This doesn't seem to be collected 
 on all cases, 
 but identifiers are still pretty common 
 from what I found. 
 This comes up 
 when the data is aggregated to identify you 
 under one unique identifier 
 rather than your name. 
 Though this term really does 
 come in addition to your name 
 and other contact information, 
 but it still counts. 
 Next is location. 
 No, they aren't tracking where you are 
 all of the time. 
 Just things 
 like your address and addresses 
 related to you, like your work address. 
 Lastly, there's financial information. 
 This can sometimes contain things 
 that would show up on a credit report, 
 such as a list of debts, payment history, 
 and other similar information. 
 Which leads us perfectly 
 into our next data broker type. 
 [Phone ringing, keyboards typing] 
 [Reject Convenience:] 
 You may recognize this category 
 by another name - 
 credit reporting bureaus. 
 If you live in the United States, 
 this is data that you cannot opt out of 
 or have deleted at all. 
 This is all of the information 
 that makes up your credit score, 
 which is captured by the major companies 
 Equifax, Experian and TransUnion. 
 The information they have is used 
 most often when dealing with creditors. 
 If you want to get a loan for a house 
 or a car, that's all tracked. 
 If you get a credit card and pay it off 
 every month, that information 
 is reported to these companies. 
 If you get a dozen credit cards 
 and they're all maxed out 
 and you're always late on payments, 
 guess what? They track that too. 
 [Phone rings] 
 and you're always late on payments, 
 guess what? They track that too. 
 This data is considered highly sensitive, 
 as if it gets breached, 
 [Phone rings] 
 This data is considered highly sensitive, 
 as if it gets breached, 
 you're at much have higher 
 risk of identity theft. 
 [Phone rings] 
 [Phone gibberish] 
 What's that? 
 Equifax had a data breach a while ago? 
 [Phone gibberish] 
 15 million users, you say? 
 [Phone gibberish] 
 Oh and what's that, you say? 
 They're not only 
 still a wildly successful company, 
 they have also wedged themselves 
 so deeply into our economic system 
 that you're not allowed 
 to opt out of this data collection, 
 despite their very traceable history 
 of mishandling it? 
 [Phone gibber] 
 Dang, that's pretty darn annoying. 
 Anyways, here's 
 what these look like on the visualizer. 
 Financial information 
 contains things like your credit score, 
 the debt you're in, the creditors 
 you’ve applied to, 
 any late payments, 
 and even how much money you make. 
 Purchase history is generally limited 
 to major purchases, 
 but still counts as purchase history. 
 Location, once again, is mostly just your address. 
 They don't really care 
 where you currently are. 
 Identifiers, as they have sort of a profile on you 
 that can have an ID associated with it. 
 Also, your Social Security number 
 is technically an identifier. 
 Contact info including your name, 
 address, phone number and email address, 
 and sensitive info including things like 
 your birthdate, social security number, 
 and I mean your credit score 
 is something I'd consider to be 
 pretty sensitive information. 
 [Inflatable tube man flopping] 
 [Reject Convenience:] 
 Next up is marketing data brokers. 
 This one is fun, I promise. 
 The goal of a marketing data 
 broker is to acquire vast amounts 
 of indirect user data to sell to companies 
 looking to advertise their products. 
 Much of this is done with 
 something called “inferred data”. 
 Another common misnomer 
 for this is “user personas”, 
 but those are normally made up people 
 that can guide what inferred data 
 is actually sought after. 
 To help show 
 how this works, I’ll need 100 volunteers. 
 Great. Hi, everybody. 
 [Volunteers beep] 
 As it currently stands, I don't know 
 anything about these hundred people. 
 So to help me identify them, 
 I'll ask a simple question 
 that might describe something they do. 
 To make it a little more clear, 
 I'll highlight 
 the tile they're standing on to represent 
 if they do the thing in question. 
 Let's start off with a pretty specific 
 example. 
 Of the people here, 
 who has shopped at Target 
 within the last six months? 
 [Ding] 
 Great. So as you can see here, 54 people in this 
 sample fall under this description. 
 If you imagine the general scale 
 of the amount of people 
 who have shopped at target 
 within the last six months, 
 you can imagine that the number’s 
 far too high to properly identify 
 any one person. 
 This sort of feels like it identifies you, 
 but without actually identifying you. 
 It's sort of like a giant game 
 of Guess Who, but without names. 
 Let's see what other groups 
 we can apply here. 
 So we have our 54 people 
 who shopped at target. 
 Let’s highlight the people 
 who live in Atlanta, Georgia. 
 Okay, that's 20 people in our sample. 
 What about people who drink coffee? 
 People who listen to punk rock music? 
 People who have a commute between 
 10 and 15 miles to work? 
 Who here owns a PlayStation? 
 Anyone here love dogs? 
 Who here has recently watched 
 an educational video on YouTube? 
 What about the people who are concerned 
 about privacy? 
 These groupings by themselves 
 can't identify any one person, 
 but if we add it all up... 
 With people who shop at Target 
 that live in Atlanta, Georgia, 
 who also drink coffee, 
 listen to punk rock, 
 have a 5 to 10 mile commute, 
 owns a PlayStation, loves dogs, 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 and watched an educational video 
 about privacy on YouTube? 
 [Inhales] 
 Well, that describes 
 just one person from this sample. 
 But here's the thing: 
 I still can't identify who this person is. 
 I certainly have enough details to know 
 what I could advertise to this person, 
 but I don't know their name, address, or 
 any personally identifiable information. 
 I can infer a lot about them 
 without actually knowing them. 
 These inferences are just aggregated 
 groups of hundreds or thousands of people. 
 This is the data that is most 
 often used to show you personalized ads. 
 Let's plug this all into the 
 Privacy Visualizer. 
 Purchases can describe the items 
 that you buy. 
 Going back to our list of examples, 
 this would be people who drink coffee 
 own a PlayStation, or even the people 
 who recently shopped at Target. 
 Location information can be used as well. 
 From something as broad as the people 
 who live in Atlanta, to using location 
 services to determine the people 
 who have a commute of 10 or 15 miles. 
 Usage data is information 
 how you use certain services. 
 This would include people who recently 
 watched an educational video on YouTube, 
 or even the people who listen 
 to punk rock music. 
 Search history can include things that 
 you search for, that can infer certain things. 
 If you search for photos of dogs 
 and puppies often, 
 you're probably a person who loves dogs. 
 If you searched for this video, you're 
 probably a person concerned about privacy. 
 In fact, the people who are most concerned 
 about privacy are the people 
 that Incogni and DeleteMe 
 are aiming to show their ads too. 
 They know through inferring 
 what my channel is about, that my viewers 
 are likely concerned about privacy 
 and they would be an easy sell to you. 
 Do they know who any of you are? 
 No, of course not. 
 But by watching my channel, 
 they infer that a number of you 
 do care about this stuff. 
 This also contains 
 things like browser history, 
 so all of the websites you visit 
 can be added to your inferred data. 
 Here's the big question though: 
 if they collect the inferred data in the first place 
 and they know they can show you an ad, 
 wouldn't they have to be able to identify 
 you in some way? 
 Well, they do. 
 They normally tie your usage of the internet 
 to something called an advertising ID. 
 This is a randomized string of numbers 
 that is assigned to your Google account, 
 or even your phone itself. 
 Heck, 
 even cookies can be sort of an identifier, 
 as we explored in my video about cookies. 
 It's worth calling out that these methods 
 of identifying you are rarely associated 
 to your name or any other personally 
 identifiable information. 
 It's more of a, “This particular cell 
 phone has a user that does these things.” 
 That said, there can be sensitive 
 information attached to this, too. 
 Depending on what you look at online, 
 it can be inferred if you’re pregnant, 
 if you have a disability, 
 if you're religious, 
 if you're part of a trade union, 
 even your own political opinions 
 can be inferred. 
 What's weird here is that 
 if you tried to request your information 
 be deleted from these data brokers... 
 Well, what would they delete? 
 I mean, if they have personally 
 identifiable information, 
 sure, some will delete that, 
 but a majority of the data 
 these companies have is non-identifiable, 
 so they can't exactly delete it 
 because they can't trace it back to you. 
 The only identifier they get 
 is that random string, 
 which can be changed or deleted by you. 
 If you clear cookies 
 that can remove one of these links. 
 If you delete 
 or change your advertising ID, 
 that also removes one of these links. 
 So while these companies 
 can't really delete this data, 
 you can at least obscure 
 what data you're attached to. 
 [Lights buzzing] 
 [Reject Convenience:] 
 Okay. But on the surface, 
 it seems like there's nothing wrong with this 
 inferred data, right? 
 I mean, it can't really easily 
 be traced back to you... 
 Well, as always, here's where data 
 breaches come in to ruin the fun. 
 Scammers could easily use 
 this inferred data to target people 
 that are more likely to fall for scams 
 with shocking accuracy. 
 This data could be cross-referenced 
 with public data. 
 Let's look at one of our dudes here. 
 This guy goes to coffee 
 shops in the afternoon. 
 He lives in Seattle, Washington. 
 He is looking for a new job. 
 He has a dog and travels once per year. 
 Well, let's say that he also publicly 
 posts to various social media platforms. 
 He posts selfies of coffee shops 
 some afternoons to Snapchat. 
 On LinkedIn, it shows that he lives in Seattle 
 and he's seeking a job. 
 On top of that, 
 he shows photos of his dogs 
 and even this once per year travel 
 event on Instagram. 
 Sure, cross-referencing 
 that data could take a lot of time, 
 but this is where spearfishing campaigns 
 could come in. 
 Scammers could just send out 
 a bunch of automated texts and calls 
 to a massive list of phone numbers 
 that were in a data breach. 
 If the data is attached to any inferred 
 data, 
 like companies like Toyota 
 or Facebook would have, they could make 
 a very targeted kind of attack 
 without knowing who they're hitting. 
 The goal isn’t to trick everyone, 
 the goal is to effectively trick 
 just a small group of people. 
 Since they know what city he lives in, 
 and they know that he's looking for a job, 
 they'll send out texts 
 to all the leaked numbers in that city, 
 and they'll say something like, 
 [Robotic voice:] 
 “Hi, we were informed that you were 
 looking for a job with 50% travel. 
 [Robotic voice:] 
 “We can offer such a position. 
 If interested, please apply here. Shady link.” 
 Now, a majority of people 
 would probably ignore this, 
 but someone who is seeking a job, 
 who also loves to travel, 
 well, it seems like a dream come true. 
 Remember, the more data 
 that scammers have, 
 the easier it is for them to target 
 you in a very specific way. 
 [”Talking crowd” ambiance] 
 This perfectly leads us into 
 our last data broker category: 
 People Search services. 
 These are simply the evolution 
 of physical phone books 
 being migrated to the digital realm. 
 If you're too young to remember, 
 there were these companies 
 that would basically track 
 everyone's name, phone number, 
 and sometimes even their address, 
 and they would print it out in a huge book 
 that they would send to everyone in the mail. 
 They’d even attach them to these 
 things called phone booths. 
 How fun! 
 Anyways, 
 all this information was moved online 
 and they obviously put that directly 
 identifiable information 
 like your name, 
 phone number and address in there. 
 The thing about the online world is that 
 you can also have an online presence. 
 So some of them started tracking things 
 like social media profiles. 
 Some of these companies 
 took it in a weirder direction 
 by adding other public records like arrest 
 records, property records, and more. 
 More specific information 
 is normally behind a paywall, 
 but for everything else like your name, 
 phone number, address, 
 and even social media profiles 
 can all be seen for free by anyone. 
 Who's looking? 
 Sometimes it can be landlords 
 who don't want to pay 
 for those risk mitigation data brokers, 
 Private investigators are probably pretty 
 pleased with these kinds of services. 
 Actually, anywhere on the internet, 
 which has been problematic 
 for supporting things like doxing. 
 And there was even a reality TV show 
 that used these services. 
 I think it was Catfish. 
 Okay, so this can be pretty creepy. 
 Now we need to ask the scary question: 
 do People Search services 
 comply with data deletion requests? 
 Weirdly enough, a vast 
 majority of them do comply. 
 And not all of them 
 are even required to comply. 
 Many of these companies 
 are based out of states 
 that are not required to comply, 
 yet they comply anyways. 
 From what I understand, 
 they do this to avoid future regulation, 
 legal pressure, 
 and just bad press. 
 Well, that's a good thing. 
 You can delete information 
 using the forms on the websites, 
 normally linked at the bottom. 
 In the description, 
 I've linked an amazing guide 
 on how to delete your information 
 from a bunch of these services for free. 
 Actually, these are the most common types 
 of data brokers 
 that services 
 like Incogni and DeleteMe work with. 
 So things are starting to make more sense. 
 In fact, let's finally talk 
 about data deletion services. 
 [Shredder whirring] 
 [Reject Convenience:] 
 These are companies 
 like we've been talking about. 
 Incogni and DeleteMe. 
 Some other examples 
 would be Mozilla Monitor, 
 Aura, Optery, 
 OneRep, and Atlas Privacy. 
 I'm certain they're more than that, 
 but they all work in the same way. 
 They offer to delete data 
 that's been collected about you 
 from mostly people search data brokers. 
 Most of them use automated systems 
 to make this possible. 
 However, in the case of DeleteMe, 
 it doesn't really seem like it's 
 that much faster than doing it yourself. 
 Let's break down 
 one of the sponsored spots for DeleteMe. 
 Just like my VPN video, 
 I am not being critical of the creators, 
 shown in this video. 
 I'm being critical of DeleteMe 
 and the scripts they provide to creators. 
 That's it. 
 “It's been a little over six months 
 since I first told you about DeleteMe, 
 “the simple service that gives control 
 of your personal data back to you. 
 “In that half a year, 
 DeleteMe has reviewed over 
 “4000 listings from data brokers 
 across the web for me.” 
 This is sort of misleading in my opinion. 
 That 4000 number really makes 
 it sound like 
 it's from 4000 data brokers or something, 
 but it's actually 4000 individual items. 
 So let's say one data broker has your name, 
 your personal email address, 
 your work email address, 
 your phone number, and your last four addresses. 
 That's seven listings in this example, 
 but just one data broker. 
 They all do this, by the way. 
 Here. I'll use myself as an example. 
 Before researching this video, 
 I used Mozilla Monitor. 
 They showed that from one data broker 
 there were three email addresses, 
 one phone number, nine addresses, 
 and four family members. 
 Of that information, 
 only eight of the items 
 were actually correct 
 pieces of information. 
 The others were incorrect emails. 
 The phone number wasn't one that had ever 
 been mined at any point in history. 
 Some of the addresses were wrong, 
 and even the list of family members 
 contained people 
 I have never heard of before. 
 All of these data deletion 
 services will count this as 17 removals, 
 but it was all from a single source, 
 half of which wasn't even my data. 
 You see how these numbers 
 feel bigger than they really are? 
 [Youtuber:] 
 “...and it's removed my personal information 
 from almost 80 of them.” 
 Let's rewind for a moment 
 back to that screenshot. 
 There are 26 data brokers 
 in this list. 
 Of those, there are over 
 4,347 pieces of information. 
 And of all of those, 
 DeleteMe has removed 38, 
 which is very likely from a single data 
 broker, 
 given how big that other number is. 
 So they're claiming to have spent 
 nine hours contacting one data broker. 
 Additionally, according to the 
 voice over itself, from the first part, 
 this was six months 
 of paying for DeleteMe. 
 I'll admit though, 
 this isn't accounting for search time. 
 But think about this: 
 I don't know about you, 
 but I'm fairly confident that I could send 
 more than 26 emails in a six month period. 
 Heck, I know that's true. 
 I regularly send more than that 
 in a standard eight hour workday. 
 [YouTuber:] 
 “What kind of listings? 
 Well, we're talking private information. 
 “Like my physical address history, 
 “my property and court records, 
 even the names of my family members, 
 “Now scrubbed from nearly 80 data 
 brokers archives 
 “without me 
 having to do any work on my own.” 
 As we discussed, that is a tiny fraction 
 of the actual amount of data brokers 
 that are out there. 
 Yes, removing this data is good, 
 but you can do this for free 
 and as shown here, 
 probably more efficiently than DeleteMe. 
 Now this all begs the question: 
 are these data deletion companies legit? 
 Well, for the most part, yes. 
 I'll admit though, 
 I don't like that some of them 
 mess around with dark patterns. 
 Incogni, for example, forces users to contact 
 support to cancel your subscription. 
 They also post 
 obviously fake reviews to Reddit, 
 but overall 
 they technically do what they say they do. 
 Is it a scam? 
 No. It is pretty clear to me 
 that they do offer 
 the service of deleting your data 
 from a list of data brokers. 
 A scam means to take money with malicious 
 intent of offering nothing in return. 
 That is obviously not the case here. 
 A better question would be, 
 “Is it a good deal?” 
 In my opinion? 
 Not really, no. 
 Unless you live in a state 
 with the Right to Delete law. 
 If you live in one of these states, 
 services 
 like this could actually be helpful, 
 as they will often look into adding other 
 data brokers for you if you ask them to. 
 And that can make the process of cleaning 
 up your online presence a bit easier. 
 That all said, though, 
 a majority of the people 
 in the United States 
 wouldn't exactly benefit 
 from this kind of service. 
 [Luch:] 
 Wait, I feel like we've heard this before. 
 [RC:] 
 Look, everyone! It's 
 friend of the channel, Luch! 
 Hey, I just overheard 
 what you've been talking about, 
 and all of this sounds really similar 
 to what you said about VPN companies. 
 They kind of seem like the same thing. 
 [RC:] 
 Do you mind elaborating? 
 Well, both data deletion services 
 and VPNs 
 technically provide the services they claim to, 
 and they do it at a very low cost to them, 
 but charge a much higher price 
 to you, the consumer. 
 Most people also don't really need either 
 service. 
 VPNs provide a solution to a problem 
 most people don't normally face, 
 and in the case of data deletion 
 companies, all of that information 
 you're trying to have deleted 
 will always be replaced 
 unless you're a resident of a 
 Right to Delete state. 
 Even if you do live in one of these 
 right to delete states, 
 you would still have to manually request 
 that your data be deleted 
 by every other data broker 
 in the country, 
 and that is a time consuming task. 
 There are over 
 1700 registered data brokers in the US, 
 which is much higher than the 200-or-so 
 that these companies actually 
 delete data from. 
 But it's important to note 
 that only a handful of states 
 have laws requiring data brokers 
 to actually be registered. 
 So in reality, 
 that number may be much higher 
 when we take into account 
 the unregistered brokers. 
 It's estimated that worldwide 
 there are over 5000 data brokers. 
 Oh, and as it turns out, 
 Incogni is owned by Surfshark, 
 and Surfshark is owned by NordVPN. 
 So at the end of the day, 
 it kind of is just the same thing. 
 Funny how that works. 
 [RC:] 
 Fantastic points. 
 Thanks for the extra insight. 
 Sure thing man. 
 I'll let you get back to it. 
 [RC:] 
 Thanks for stopping by. 
 [Space ambiance, faint beeping] 
 [RC:] 
 This has me all thinking... 
 Are we just looking for a new company 
 to hate on? 
 Hear me out. 
 After the Honey scandal, 
 people started giving these services 
 the stinky eye 
 because it felt too good to be true. 
 As we just learned, it's not as wonderful 
 as they make it seem. 
 They have good marketing, 
 but it's just a simple tool 
 that can only do so much 
 about the actual problem. 
 These companies are just taking advantage 
 of the fact that data brokers run freely 
 with no restrictions. 
 It's an infinite money glitch 
 that they're just jumping on 
 before regulations eventually catch up. 
 They're not the source of the problem, 
 nor are they the solution to the problem. 
 The actual problem is the data 
 being collected in the first place. 
 Companies like Meta, Google and Amazon 
 have been allowed to collect 
 and sell this data with almost 
 no oversight in the United States. 
 Even now, 20 states 
 have some sort of consumer privacy law, 
 but to this day, there isn't a single law 
 that prevents a company 
 from collecting unnecessary data 
 in the first place. 
 The European Union has restrictions 
 against these companies with their GDPR. 
 They absolutely prevent companies 
 from collecting certain types of data from the start. 
 It's hard to imagine that there would be 
 any kind of federal change anytime soon, 
 given that the last three presidents 
 have welcomed “big tech” with open arms. 
 This is not a political jab 
 at either side, but instead at both. 
 Both Democrats 
 and Republicans have enabled companies 
 to have this kind of power. 
 Both Democrats and Republicans 
 have failed to protect the people 
 that they're supposed to represent. 
 I mean, even the CEOs of these companies aren't 
 protected by their own data collection. 
 Mark Zuckerberg's personal information 
 has been breached from Facebook 
 data breaches in the past. 
 [Birds singing] 
 [RC:] 
 Okay, so what can you do? 
 It might feel a little counterintuitive 
 to what I just said, 
 but call your local representative 
 and demand for better privacy laws. 
 Even the states that have good privacy 
 laws can be greatly improved. 
 Be loud. Be annoying. 
 You have to pretend 
 like these local representatives 
 have never heard 
 about what you're talking about before. 
 Be loud, but be clear in your language. 
 Be specific. For example, 
 I don't like that 
 companies are allowed to collect data 
 that is solely used for targeted 
 advertising. 
 It is oftentimes greatly mishandled 
 and results in getting leaked to scammers, 
 which cost Americans 
 hundreds of billions of dollars every year. 
 If you want to learn more about 
 how data breaches lead to scams, 
 watch my video about that here. 
 When talking to your local representative, 
 give clear examples. 
 Identify what companies are doing this 
 and show it in their own privacy policies. 
 Here's an example. 
 Spotify shares data with 
 these 94 companies by default, 
 and I think it's unnecessary for a company 
 that streams music to have all of this inferred data. 
 Data that is retained for any period of 
 time is at risk of a data breach, 
 which hurts consumers. 
 When these 94 companies 
 are also given access to this information, 
 it stops being a question of 
 IF there will be a data breach, 
 rather, when will one of these 94 
 companies get hit with a data breach? 
 In 2024, nearly half of all companies 
 in the United States experienced a data breach. 
 Using that information, 
 we can reasonably assume 
 that 47 of these companies 
 will experience a data breach. 
 If there were regulations in place 
 to prevent Spotify 
 from collecting this information 
 in the first place, 
 the risk of a data breach 
 would be greatly reduced, 
 as the unnecessary user data wouldn't 
 be there to begin with. 
 Hackers wouldn't have as much incentive 
 to hack Spotify. 
 Here's another example. 
 General Motors knows what medications 
 I take, and they infer my intelligence 
 through various sources of data collection 
 spelled out in their privacy policy. 
 This is an inexcusable abuse of power, 
 and they do not need to know 
 any of that for me to be able 
 to drive my car. 
 In the European Union, 
 General Motors sells vehicles 
 that work exactly 
 like they do here in the United States, 
 but laws like the GDPR 
 protect their citizens, 
 and this kind of data 
 isn't collected at all. 
 Here's the EU version 
 of the privacy policy for General Motors, 
 and here's the US version. 
 It's clear 
 why they collect as much as they do here. 
 There are no regulations 
 to protect consumers. 
 If you want something more actionable 
 on your end, 
 fight back with your wallet 
 if you're able to. 
 For example, 
 stop using Gmail. 
 For years now, they've read 
 every single email that you get, 
 which means that every purchase you make 
 is now valuable data 
 that they can sell to advertisers. 
 I'll note that this can take a very long 
 time to fully transition away, though. 
 It took me an entire year to move 
 from Gmail to StartMail, and even then 
 I faced minor inconveniences 
 with services that I forgot to move over. 
 It takes time, so be patient. 
 Another thing I'll always advocate for 
 is to block all the ads. 
 A big point of this data 
 being collected is to sell to advertisers, 
 so start blocking them 
 from making their money. 
 Show that we don't want to be tracked 
 like this. 
 I've heard other creators 
 compare this to piracy, but I disagree. 
 Blocking ads is not piracy. 
 I understand that it can hurt 
 small creators in the crossfire, 
 so if you're able to, 
 support your favorite creators directly. 
 Another thing that can help prevent 
 cross-referencing your data can be 
 to avoid public facing social media, 
 at least where your name is shown. 
 This can range from things 
 like Facebook, LinkedIn, and even Steam. 
 Be cautious 
 about where you publicly show your name. 
 Most platforms have a privacy 
 setting that you can use to hide 
 some of this information. 
 If you want more information 
 on what you can do about feeling powerless 
 to data collection, I highly suggest 
 you watch my video on that here. 
 Believe me, there is always an option. 
 As always, thank you for watching. 
 Please be kind and patient with each other. 
 I want to give a special thanks 
 to everyone supporting this channel 
 through memberships and Patreon. 
 Considering that a lot of my channel 
 is about showing the truth behind 
 a lot of common sponsors, 
 it doesn't feel right for me to start taking them on 
 like most growing YouTubers do. 
 However, I would love to make these videos 
 for you all full time, 
 so if you have some money to spare 
 and want to help make that dream 
 become a reality, 
 consider either becoming a member, 
 or subscribing to my Patreon page. 
 By doing so, 
 you'll get early access to videos, 
 exclusive access to a supporters 
 only Discord server, and more. 
 The link to Patreon is in the description 
 or at Patreon.com/RejectConvenience. 
 Peace. 
 [Luch:] 
 Heads up, boss. Spider Man’s headed your way. 
 [RC:] 
 Excellent... 
 [Evil laughter] 
 [Window Breaks] 
 [Evil laughter] 
 [Evil laughter] 
 And I'll get ya this time, Spider Man! 
 [Spider Man:] 
 Doc Ock! 
 You're lookin’ more menacing than usual. 
 Do something with your hair? 
 [Doc Ock RC:] 
 Ugh. Get over here, you pest! 
 [Explosion] 
 Oof! 
 [Thump] 
 Oof! 
 Ack! 
 [Thump] 
 Ack! 
 Yowza! You got a punch there 
 Spider Man! 
 [Spidey:] 
 Thanks! I've been working on a new move. 
 Wanna see? 
 [Silence] 
 [Doc Ock RC:] 
 Argh! You've defeated me once again!!! 
 [Spidey:] 
 Better luck next time! Haha! 
 Wow! Yeah I’m Spider man! Yeah!