I've been hesitant to submit removal requests due to requirement of uploading a picture of your ID. How can I trust these shady companies won't use this irresponsibly?
Same here. I know that a fair bit of the data they have on me is inaccurate. Yet, to delete that, along with accurate data, I’m being asked to enrich their data with even more accurate data. It feels like the old “click here to unsubscribe” scam that actually just confirms a real person behind an email.
I would love to know who sold them my data though. That would allow me to stop the flow more effectively before I felt okay deleting at the terminal data broker.
I've started to give services domain-specific email addresses as a sort of reverse-tracking identifier. So I give google@mydomain.com and apple@mydomain.com and so on. I figure I'm using a password manager for all of my passwords anyway. It obviously won't work in all situations, but it might provide some leads.
The way to determine who sold them the data is a service and agent I've envisioned for a long time, but never had the wherewithal to produce. (I won't go into all the hurdles.)
Everyone should have their own email domain, and an agent that also serves as your email client will generate a proper looking (for some definition of that) email address within your domain for every new correspondent.
Now, whenever you see your identity (email address) associated with anything at all you can determine the original source.
Maybe the data is sold from some of the apps on our smartphones. Also, pretty sure most of the payment providers folk e-shops use on their checkouts sell the data to Google (and I am dead certain Google were bragging about knowing about almost any transaction which happens on the on the web). That is a part in the chain which not even most online shops would even be aware of.
I had the same concern. I almost went through with DeleteMe, but it felt paradoxical to give all my info to one company so they could remove it from others. I understand they need it to do the work but it didn't feel right. They requested photo ID, SSN, all past addresses, online handles, family member information, etc. It was just too much.
Of the three listed, it looks like Albine is just DeleteMe (they have the same ToS link.)
Neither of them have a forced arbitration clause, class action waiver, etc. which is refreshing. These waivers are regularly upheld and make it very difficult to sue companies who do something wrong.
Having no forced arbitration clause is a good thing! It doesn't make me trust them more per-se, but it means I don't need to trust them as much in the first place.
You can trust them only as much as you think they have self interest in not being sued for doing something nefarious.
That said, they could very easily have a data breach and every customers full info would then be out in the wild.
Were not talking about ordinary payment details either, just full on dox - every address you have lived at, your license scan, all emails, phone numbers, its crazy. Id be willing to bet all these services are targeted quite alot as well because the people who would be willing to pay for this stuff are likely the ones with the most to lose.
I made a post lower in this thread but in general this entire model is flawed. Deletions should happen directly between your device and the service in question.
Also, its just as important to wipe the data YOU create as the data other people create about you. Just like databrokers, you can either do it manually or automated.
Check out https://redact.dev if you want to automate that part at least (I'm on the team)
> they could very easily have a data breach and every customers full info would then be out in the wild
Based on the many notifications I've received from hospitals and insurance providers telling me they've allowed my private information to get repeatedly pilfered, at this point I operate under the assumption that if any organization collects information about me, it's going to leak within the next 5-ish years.
The first and most effective line of defense is to not let the data brokers collect your information in the first place.
cornflake23|2 years ago
I would love to know who sold them my data though. That would allow me to stop the flow more effectively before I felt okay deleting at the terminal data broker.
sircastor|2 years ago
jackfoxy|2 years ago
Everyone should have their own email domain, and an agent that also serves as your email client will generate a proper looking (for some definition of that) email address within your domain for every new correspondent.
Now, whenever you see your identity (email address) associated with anything at all you can determine the original source.
electric_mayhem|2 years ago
There’s commercial services now which make it easy, but I’ve been doing it for decades now. The joys of running your own inbound mail server.
Makes it easy to know who’s either sold your data or had their db liberated, and block them.
WhackyIdeas|2 years ago
accrual|2 years ago
lynndotpy|2 years ago
Neither of them have a forced arbitration clause, class action waiver, etc. which is refreshing. These waivers are regularly upheld and make it very difficult to sue companies who do something wrong.
Having no forced arbitration clause is a good thing! It doesn't make me trust them more per-se, but it means I don't need to trust them as much in the first place.
ds|2 years ago
That said, they could very easily have a data breach and every customers full info would then be out in the wild. Were not talking about ordinary payment details either, just full on dox - every address you have lived at, your license scan, all emails, phone numbers, its crazy. Id be willing to bet all these services are targeted quite alot as well because the people who would be willing to pay for this stuff are likely the ones with the most to lose.
I made a post lower in this thread but in general this entire model is flawed. Deletions should happen directly between your device and the service in question.
Also, its just as important to wipe the data YOU create as the data other people create about you. Just like databrokers, you can either do it manually or automated.
Check out https://redact.dev if you want to automate that part at least (I'm on the team)
steelframe|2 years ago
Based on the many notifications I've received from hospitals and insurance providers telling me they've allowed my private information to get repeatedly pilfered, at this point I operate under the assumption that if any organization collects information about me, it's going to leak within the next 5-ish years.
The first and most effective line of defense is to not let the data brokers collect your information in the first place.