Data brokers collect an extensive range of personal information about you, including your full name, home address, phone numbers, email addresses, date of birth, Social Security number, financial records, purchasing history, health-related data, online browsing behavior, social media activity, criminal records, property ownership details, vehicle registrations, professional licenses, political affiliations, religious beliefs, and even estimates of your net worth. These companies aggregate data from hundreds or thousands of sources””public records, commercial transactions, online tracking, and third-party data sharing agreements””to build detailed consumer profiles that can contain over a thousand individual data points per person. To illustrate the scope: a single data broker profile might reveal that you recently searched for diabetes medication online, own a home valued at a specific amount, have two children under age 10, voted in the last three elections, subscribe to certain magazines, and visited a particular car dealership’s website last Tuesday.
This information is then packaged and sold to marketers, insurance companies, employers, landlords, and sometimes individuals with less than benign intentions. The data broker industry has historically operated with minimal regulatory oversight in most jurisdictions, though this has begun to change in some regions. This article examines the specific categories of data that brokers collect, how they obtain this information, who purchases it and why, and what practical steps you can take to limit your exposure””along with honest assessments of what works and what doesn’t.
Table of Contents
- What Personal Identifiers Do Data Brokers Collect About Individuals?
- Financial and Economic Data in Broker Profiles
- Health and Lifestyle Information Collected by Data Brokers
- How Data Brokers Obtain Your Personal Information
- Who Buys Data Broker Information and Why
- Data Broker Accuracy and the Problem of Erroneous Information
- The Evolving Regulatory Landscape for Data Brokers
- Conclusion
What Personal Identifiers Do Data Brokers Collect About Individuals?
The foundation of any data broker profile consists of personal identifiers””the basic information that distinguishes you from everyone else. This category includes your legal name (and any aliases or maiden names), current and historical addresses going back decades, all associated phone numbers, email addresses, and in some cases, your Social Security number. Data brokers also collect biometric identifiers where available, including photographs that can be used for facial recognition matching and, in some documented cases, fingerprint data obtained through third-party app agreements. Beyond static identifiers, brokers collect what the industry calls “linkage data”””information that connects you to other people and entities.
This includes family member names and relationships, roommates, neighbors, business associates, and anyone you’ve co-signed a loan with or shared an address with. One major broker reportedly claimed to have profiles on over 200 million Americans, though such figures are difficult to verify independently. What is verifiable is that multiple brokers maintain databases covering the vast majority of adults in developed countries. The practical implication is significant: even if you’ve never directly interacted with a data broker, they likely have a file on you assembled entirely from third-party sources. This file begins forming the moment you’re born (via birth records) and continues accumulating throughout your life.
Financial and Economic Data in Broker Profiles
data brokers place particular emphasis on financial information because it directly indicates purchasing power and creditworthiness””attributes that command premium prices from buyers. Collected financial data typically includes income estimates, credit score ranges, bankruptcy filings, tax liens, property values, mortgage amounts, and investment holdings. Some brokers specialize in transaction-level data, obtaining records of your specific purchases from retailers, banks, and payment processors. However, the accuracy of financial data in broker profiles is notably inconsistent. Income figures, for instance, are typically modeled estimates based on demographic factors rather than actual reported income.
If you live in a particular neighborhood and hold a certain job title, brokers may assign you an estimated income bracket that could be substantially different from reality. Property values are usually derived from public assessor records, which can lag years behind actual market conditions. Credit-related data tends to be more accurate because it often originates from credit bureaus themselves, some of which operate data brokerage divisions. The financial data category also includes purchasing behavior patterns: what categories of products you buy, how much you typically spend, whether you respond to discount offers, your preferred payment methods, and your brand loyalties. Supermarket loyalty cards, credit card transactions, and online shopping records all feed these profiles.
Health and Lifestyle Information Collected by Data Brokers
Among the most sensitive categories of data broker information is health-related data, which exists in a complicated legal gray zone. While medical records themselves are protected under regulations like HIPAA in the United States, data brokers have developed numerous workarounds. They collect prescription drug histories through pharmacy data-sharing agreements, track health-related searches and website visits, purchase data from health apps and fitness trackers, and infer medical conditions from purchasing patterns””such as buying diabetic supplies or mobility aids. A concrete example: data brokers have historically sold lists with names like “Diabetes Interest” or “Cholesterol Focus”””segmented audiences of individuals believed to have specific health conditions.
Investigative reports have documented brokers selling lists of people with depression, anxiety disorders, and other mental health conditions, often derived from online quiz responses or health website browsing. In one documented case, a broker was found selling lists of rape survivors and people with HIV/AIDS. Lifestyle data collection extends beyond health to encompass political opinions (derived from voter registration, donation records, and online activity), religious affiliations, hobbies, travel patterns, dating preferences, and even personality profiles generated through psychological modeling. This information is frequently assembled without explicit consent, though terms buried in privacy policies of various services often technically authorize the sharing.
How Data Brokers Obtain Your Personal Information
Data brokers source information through four primary channels: public records, commercial data sharing, online tracking, and direct collection. Public records include voter registrations, property deeds, court filings, marriage and divorce records, business licenses, and professional certifications. This information is legally accessible, though brokers have automated its collection and aggregation at a scale that individuals cannot easily counter. Commercial data sharing involves agreements with retailers, financial institutions, subscription services, and app developers who sell or share customer data. When you sign up for a store loyalty card, agree to an app’s terms of service, or fill out a warranty registration, you may be authorizing your data to flow to brokers.
Online tracking encompasses cookies, device fingerprinting, location data from mobile phones, and purchase of browsing history from internet service providers where legally permitted. The comparison between active and passive data collection matters for understanding your exposure. Active collection””where you directly provide information””offers some control through deliberate choices about what to share. Passive collection through tracking and third-party sharing is far harder to limit because it happens invisibly during routine activities. Even using a VPN and private browsing addresses only a portion of tracking mechanisms, and offline activities like shopping with a credit card or registering your car continue feeding broker databases regardless of your digital hygiene.
Who Buys Data Broker Information and Why
The purchasers of data broker information span virtually every industry, though the use cases and ethical implications vary substantially. Marketers and advertisers represent the largest buyer category, using data to target advertisements, personalize offers, and identify likely customers. A mattress company, for example, might purchase a list of people who recently moved, have household incomes above a certain threshold, and have searched for sleep-related content online. However, buyers extend well beyond marketing. Insurance companies purchase data to assess risk factors that applicants might not disclose””such as inferred health conditions or lifestyle habits. Landlords and property managers buy screening data that may include eviction records, criminal history, and financial profiles.
Employers use broker data for background checks, and some have purchased lists indicating health conditions or political affiliations despite the legal questions this raises. Financial services firms use broker data for fraud detection, credit decisions, and identifying potential customers. A significant limitation in understanding this ecosystem is that data broker transactions are largely opaque. Brokers are not required to disclose their clients in most jurisdictions, and buyers are rarely required to disclose their data sources. This means individuals generally cannot discover who has purchased information about them or for what purpose. Some data has been documented reaching foreign governments, stalkers, and criminals through downstream sales””outcomes the original sellers may claim ignorance of.
Data Broker Accuracy and the Problem of Erroneous Information
A critical but often overlooked issue is that data broker information is frequently inaccurate, and correcting errors is difficult. Studies and audits have found substantial error rates in broker data””wrong addresses, misattributed criminal records, incorrect income estimates, and confusion between individuals with similar names. One documented case involved a woman repeatedly denied housing because a data broker had merged her file with that of a convicted felon who shared her name.
The challenge is that erroneous data propagates. When one broker sells incorrect information to another, or when a decision-maker acts on bad data, the consequences compound. Unlike credit reports, which are regulated to include dispute procedures, most data broker information exists outside any framework requiring accuracy or correction mechanisms. You may not know incorrect data exists until you’re denied a job, housing, insurance, or a loan””and even then, you may never be told the data source.
The Evolving Regulatory Landscape for Data Brokers
Data broker regulation has historically lagged behind the industry’s growth, though this is gradually changing. The European Union’s General Data Protection Regulation (GDPR) established some of the strongest protections, requiring consent for data processing and creating rights to access and delete personal information. Several U.S.
states have enacted their own privacy laws with varying provisions for data brokers, though a comprehensive federal law has remained elusive as of recent reports. Some jurisdictions now require data brokers to register with state authorities and provide mechanisms for consumers to opt out of data sales. Whether these requirements significantly reduce data collection in practice remains unclear””opt-out processes are often cumbersome, broker definitions vary between laws, and enforcement resources are limited. The regulatory trend appears to be toward greater oversight, but current protections remain inconsistent and often inadequate for meaningfully limiting broker activities.
Conclusion
Data brokers collect virtually every category of information about you””from basic identifiers to financial details, health indicators, behavioral patterns, and inferences about your personality and preferences. This data originates from public records, commercial transactions, online tracking, and third-party sharing, flowing through an opaque ecosystem where it’s aggregated, sold, and resold to buyers ranging from marketers to insurers to individuals.
Limiting your exposure requires a combination of strategies: minimizing unnecessary data sharing, using opt-out mechanisms where available, understanding that complete removal from these databases is practically impossible, and staying informed as regulations continue to evolve. The asymmetry between what data brokers know about individuals and what individuals know about data broker practices represents a significant privacy challenge that technical measures alone cannot solve””it ultimately requires continued regulatory development and enforcement.