Your personal data is precious and is at the heart of a coveted market governed by data brokers. Companies that make money off your back without you realizing it.
BidSwitch, Bookyourdata, RocketReach, Swordfish… Names that probably mean nothing to you. However, there is a possibility that these companies know a lot about you. Like ? Simply because they have tens or even hundreds of pieces of information about you in their databases. Little known to the general public, these companies are called data brokers (information intermediaries).
Specializing in the collection and resale of personal information, they have implemented a business model that can violate the privacy of Internet users. Already in 2019 Numerama had raised the issue relating to data brokers and their nebulous modus operandi via a two-part survey. More recently it is Cash Investigation which addressed the topic.
Data brokers and how they work are starting to emerge from the shadows, and it is now possible, thanks to the GDPR regain control of your personal data. Various cybersecurity players are also addressing the topic, such as Surfshark and its incognito service.
Who are data brokers?
Targeted advertisements, unsolicited newsletters, calls from telemarketers… It’s a safe bet that these interactions mostly come from the resale of your personal information by a data broker.
Behind this term hides a set of companies whose goal is to collect the majority of personal data (up to 1,500 points per person) in order to exchange them. In their registers they sleep sensitive data such as your address (email or postal address), your tax code, your age or your online shopping habits. This data is then sold to companies that will use it, in particular to show you targeted advertising.
To retrieve this data, data brokers use several methods, the most common being the purchase of entire databases from other companies. For example, it’s very easy to get Facebook user profiles or transaction records from a bank. A practice that is not limited to the network, since some physical establishments can also resell their information to data brokers. Filling out a loyalty card form is therefore not as trivial as it seems…
Is there a way to take action against data brokers?
Just because data brokers shamelessly exploit your personal data doesn’t mean you can’t do anything. Indeed, indeed. Since 2018, the GDPR strictly regulates the movement, processing and retention of data collected by companies. The right to be forgotten has been significantly strengthened, allowing each individual, upon simple request, to have their data hosted by company X or Y deleted.
While this legal device allows you to thwart data brokers and prevent your personal data from being used against you, however, its enforcement faces some obstacles. This makes the process painful and extremely time-consuming for the average person. A real obstacle course that begins very simply with the identification of data brokers.
These are often companies that are little known to the general public. There are also hundreds of companies that can host your data. Detaching them and contacting them one by one is therefore extremely time-consuming. Especially since then you have to follow up with the companies that leave your request. Incogni estimates that it typically takes a normal individual 300 hours to complete this task.
Information and time are key elements in this fight against data brokers, and they are two resources that are sometimes difficult to put together. To make matters worse, some data brokers don’t hesitate to scare people who ask for their data to be withdrawn, hoping that the requester will abandon the process.
How Incogni helps you regain control of your personal data
To help you remove your personal data from data broker files, Incogni proposes to perform all the steps for you and place. Like ? By asking you for a delegation of power, which allows him to act on your behalf.
The delegation obeys a strict legal framework, limited to the mission entrusted to it, and only to it. This capital cannot therefore be diverted to other ends, and ends once the mission has been completed.
Thanks to this delegation of power, Incogni can therefore legitimately:
- search for data brokers who may be in possession of your data;
- contact data brokers on your behalf to ask them to delete your data (if they have it);
- put in place the necessary means to encourage data brokers to delete your data if they are reluctant;
- ensure regular monitoring to make sure your data does not reappear on the net or with data brokers.
How is Incogni doing?
To begin with, and in a rather paradoxical way given the mission you entrust it with, Incogni will ask you for some personal information: name and surname, postal address, email. These are used to identify data brokers who may be in possession of your data and to compile a list of companies to contact.
After this preliminary step, Incogni will send a first round of requests to delete your personal data and will wait for the response from the data brokers. For your part, you can follow the progress of the various procedures through a simplified dashboard. Legally, the companies contacted have between 30 and 45 days to comply and it is therefore “normal” for the process to take some time.
In the event of no response, or even rejection by a company, Incogni then takes care of sending follow-up letters. The service can also, if necessary, seize the CNIL to force the most recalcitrant data brokers to do what is necessary.
If you would like to use the services of Incogni to regain control of your personal data, please note that the service comes in two forms :
- a monthly subscription, offered at 11.49 euros;
- an annual subscription offered at 69.48 euros, or 5.79 euros per month, which represents a saving of 50% compared to the monthly subscription.
This is content created by freelance writers within the Humanoid xp entity. The Numerama editorial team did not participate in its creation. We are committed to our readers to ensure that this content is interesting, qualitative and matches their interests.