I’ve been seeing a new manifestation of data brokers under the guise of helping connect people for hiring or recruiting. They are just as gross as other data brokers, and I would argue venture further into unethical use of personal identifiable information (PII) for how they utilize AI as part of the process.

Selling and exposing PII for capital gains is inherently unethical no matter how much companies attempt to normalize it or specify it under acceptable use per their privacy policies. In 2024, the FTC banned a data broker from selling geolocation data due to the safety considerations and lack of consent.

Exposing PII without consent can and is a physical safety issue for many. This can be a result of stalking, discrimination, survivors of violent crimes, marginalized people groups, etc. There is a reason that the Address Confidentiality Program exists which can include sealed court case records.

I’ve come across several sites which had incorrect information, false information such as time with companies due to how they were capturing and categorizing this information with AI, and of course being more than willing to share additional sensitive data for a price.

The erosion of privacy, surveillance capitalism, and physical safety concerns are all intertwined. The creation and capitalization of data brokers is inherently unethical however profitable it is. At one end someone may say they have nothing to hide. At another end disclosure of private information can and has resulted in the loss of life, often via doxxing. These are not value neutral systems. They reduce all life to a dollar figure, without regard of the cost of human lives lost due to their systems.

It doesn’t matter how the capitalist machine dresses up the system to market it. It reduces friction to find employees for contacts, help get contracts, find potential applicants, etc. Data brokers experience little regulation and expose massive privacy and safety concerns.

Consumer Actionable Steps

Awareness is often the first big step. Data brokers are intentionally shrouded in mystery. There are some steps that consumers can take to protect themselves, although the bigger issue is the need for more regulation.

  • Don’t provide more information to any online service that is absolutely necessary to use the service.
  • Review Privacy Policies of different services that you use and check for information on how they use and share your information.
  • If you stop using a service, don’t abandon it in place. Do a quick online search of “delete account for service” and ask to have all of your information expunged from their systems. They may have data retention policies or things that they can’t remove. There is typically a section about this in their privacy policy. Thanks to GDPR and CCPA, companies which operate in the European Union or the state of California are required to allow consumer requests for deleting data.
  • Dig into some of the data brokers and the most popular ones in your country. Data Brokers Watch can be a tool to help narrow the list down. They are self funded, open source, and backed by a non-profit called Conscious Digital.
  • Many brokers have a means of requesting removal. This can be done manually by an individual on a site by site basis. There are also several services which will help to automate that removal process for a fee. Depending on the level of concern, both can be viable options.
  • Contact legislators and share concerns about the lack of regulation around data brokers and the issues they create.
  • The saying remains true that if you aren’t paying for a product, you probably are the product. Consider other alternatives to services which have sensitive information, or extricate yourself from the service all together.

This is a big problem, but one that has steps we can take as individuals to protect ourselves in addition to pushing for greater protections from our governments. Stay safe, informed, and aware of how companies capitalize on your private data.