How to Opt Out of Data Brokers in 2026: A Complete Step-by-Step Guide
What Are Data Brokers and Why Do They Have Your Data?
Data brokers are companies that collect, aggregate, and sell personal information about consumers — often without their direct knowledge. They gather data from public records, social media profiles, purchase histories, website tracking, and other sources, then package it for sale to advertisers, employers, insurers, and other businesses.
The data broker industry is estimated to be worth over $300 billion globally. Hundreds of companies operate in this space, from well-known names like Acxiom, LexisNexis, and Experian to smaller niche players you have likely never heard of. In 2026, the good news is that a growing number of state privacy laws give you concrete rights to opt out and request deletion of your data.
Your Rights Under State Privacy Laws
Over 20 US states now have comprehensive privacy laws that give consumers the right to opt out of the sale of their personal information. Here are the key provisions relevant to data broker opt-outs:
California: The Delete Act and CCPA/CPRA
California leads the nation with the most robust data broker protections. The CCPA/CPRA gives all California residents the right to opt out of the sale and sharing of personal information. Additionally, the California Delete Act (SB 362) created the Data Broker Registration and Opt-out Platform (DROP), which launched on January 1, 2026. DROP allows consumers to submit a single deletion request that applies to all registered data brokers in California — over 500 companies.
Data brokers that fail to honor DELETE requests through DROP face compounding daily fines of $200 per unfulfilled request starting January 31, 2026. For more details, see our data broker registration requirements guide.
Texas: Data Broker Registration Under TDPSA
Texas requires data brokers to register with the Secretary of State and maintain a publicly searchable database. Consumers can submit opt-out requests, and brokers must comply within 30 days. Texas penalties can reach $25,000 per violation.
Vermont and Oregon
Vermont was the first state to require data broker registration (since 2019). Oregon's OCPA includes data broker provisions and requires honoring universal opt-out mechanisms like GPC signals.
Universal Opt-Out Rights
Nearly every state privacy law includes a right to opt out of data sales. Our Privacy Law Calculator can help you determine which state laws apply to your situation and what rights you have. To exercise your opt-out rights through browser signals, check our GPC Compliance Checker.
Step-by-Step: How to Opt Out of Data Brokers
Step 1: Identify Which Brokers Have Your Data
Start by searching for yourself on major people-search sites: Spokeo, BeenVerified, Whitepages, Intelius, and PeopleFinder. Note which ones return results — these are the brokers you need to contact first.
Step 2: Use California's DROP Platform
If you are a California resident (or want to exercise California-granted rights), visit the DROP platform at deleteMyData.com. Submit a single request, and all 500+ registered California data brokers must process your deletion within the required timeframe. This is the most efficient single action you can take.
Step 3: Submit Individual Opt-Out Requests
For brokers not covered by DROP or if you are not a California resident, submit opt-out requests directly. Most major data brokers have online opt-out forms:
- Acxiom/LiveRamp — Use their consumer opt-out form at isapps.acxiom.com
- Oracle/Datalogix — Submit a request through their privacy portal
- Spokeo — Search for your listing and click "Remove This Listing"
- Whitepages — Use their opt-out page to suppress your listing
- BeenVerified — Submit a removal request through their opt-out page
- Intelius — Submit a suppression request through their opt-out form
Step 4: Enable Global Privacy Control (GPC)
Install a browser extension or use a browser that supports GPC signals. In states that recognize GPC (California, Colorado, Connecticut, Montana, Texas, and more), websites and data brokers must treat the signal as a valid opt-out request. See our guide on CCPA opt-out requirements for details.
Step 5: Follow Up and Monitor
Data broker opt-outs are not always permanent. New data may be collected, and your profile may reappear. Set a calendar reminder to check every 3-6 months and resubmit requests as needed.
DIY vs. Data Broker Opt-Out Services
Several paid services — including DeleteMe, Privacy Bee, Kanary, and Optery — will handle data broker opt-outs on your behalf. They typically charge $100-$200 per year and monitor dozens to hundreds of data broker sites continuously.
The DIY approach is free but time-consuming. You may need to submit 50+ individual requests and follow up regularly. For businesses processing consumer data, understanding your own status as a potential data broker is equally important — use our Data Broker Classification Quiz to check. For a deeper understanding of how "Do Not Sell" compliance works, see our dedicated guide.
Which States Require Data Broker Registration?
| State | Registration Required? | Registry Agency | Key Deadline |
|---|---|---|---|
| California | Yes | CPPA (DROP platform) | Annual by Jan 31 |
| Vermont | Yes | Secretary of State | Annual by Jan 31 |
| Texas | Yes | Secretary of State | Annual by Mar 1 |
| Oregon | Yes | Department of Consumer & Business Services | Annual by Jan 31 |
Frequently Asked Questions
How long does it take for data brokers to remove my information?
Most state laws require data brokers to process deletion requests within 30-45 days. California's DROP platform requires compliance within 31 days of a consumer's request. In practice, some brokers process requests within days, while others may take the full allowable period.
Can data brokers re-collect my data after I opt out?
Unfortunately, yes. Opting out removes your existing data, but brokers may re-collect information from public records and other sources over time. This is why ongoing monitoring — either manually or through a paid service — is important. California's Delete Act addresses this by requiring brokers to check for new deletion requests every 45 days.
Do I need to be a California resident to use the DROP platform?
The DROP platform is designed for California consumers, but data brokers registered in California operate nationally. Submitting a request through DROP may result in deletion of data held by California-registered brokers regardless of your state. That said, your strongest protections come from the state where you reside — use our Privacy Law Calculator to check your specific rights.
What if a data broker ignores my opt-out request?
If a data broker fails to honor your request, you can file a complaint with your state attorney general or the relevant enforcement agency. In California, complaints can be filed with the CPPA. Violations can result in significant fines — up to $7,988 per intentional violation under the CCPA and $200/day per unfulfilled DELETE request under the Delete Act.
This article provides general educational information and is not legal advice. Consult qualified legal counsel for guidance specific to your organization. Last updated: March 29, 2026.
Disclaimer: PrivacyLawMap provides general information about US state privacy laws for educational purposes only. This is NOT legal advice. Privacy laws are complex and frequently amended. Consult with a qualified privacy attorney for advice specific to your business. PrivacyLawMap makes no warranties about the accuracy or completeness of this information.