
Master List of Data Broker Opt-Out Links - aburan28
http://www.stopdatamining.me/opt-out-list/
======
tombrossman
Is this a hoax site or are they for real?

The website uses Google Analytics and does not disclose this in their Privacy
Policy which is mandatory[0] under Google's T&C's.

The Policy also includes this gem: _" We may, along with our affiliates and
marketing partners enhance and/or merge personal information about you with
data collected from other sources and use it in direct and/or online marketing
and, to the extent permitted by law, individual reference and look-up service
programs."[1]_

Also, no HTTPS support but if you try anyway they do have a cert for
annualmedicalreport.com. No thanks.

[0][https://www.google.com/analytics/terms/us.html](https://www.google.com/analytics/terms/us.html)

[1][http://www.stopdatamining.me/privacy-
policy/](http://www.stopdatamining.me/privacy-policy/)

~~~
Bartweiss
Are there ways to serve a related cert 'by accident' if you don't set up https
explicitly for a domain?

Annualmedicalreport is in a related line of work to this site - it's not about
medical care but about looking up the information health insurers gather about
patients. It has some positive reviews from real news sources, but it also
sets off some alarm bells for me. It seems to be eager for your data itself,
and has a weird sideline of articles about non-medical consumer reporting that
read like sponsored content.

Given all that, I wouldn't be surprised if they were connected to (possibly
the creator of) this broker site, and that's why their cert is being served.

None of which actually makes me feel better, and the failure to disclose
Analytics certainly isn't encouraging.

~~~
tombrossman
I manually added the 's' to the protocol to test and the server sent the only
cert it had (if present, this is normal). It's like entering an IP address and
having the server return the default site over HTTP.

Many sites ignore the Google Analytics requirement but I think this one should
aim a bit higher, especially with all the legal geniuses involved in writing
that privacy page.

------
kretash
Going to the website that is data mining you and putting your personal details
such as phone, address, full name and email feels counter intuitive. Not sure
I feel comfortable doing so.

~~~
spamlord
How else would your record be found and marked for removal, magic? They
already have the information on you... what do you risk by putting it in
again?

~~~
Freak_NL
Assuming malicious/unethical intent, wouldn't the act of submitting that form
add some non-trivial pieces of data about yourself? It lets them know you
value your privacy and that you possess a certain degree of computer literacy.
It also lets them know you (still) exist (the certainty factor of your profile
increases).

~~~
Bartweiss
It does seem, from a maximum-paranoia standpoint, like this confirms the
current status of your information, adds any pieces they were missing, and
provides an indication that your data is extra valuable.

After all, you're tech literate (suggesting income) and privacy aware
(suggesting your information may be scarce)!

(I assume most of these groups are more honest than that, if only because data
reselling is legal but that wouldn't be.)

------
GrinningFool
Brought to you by Annual Reports LLC, the same company with such domains as
annualmedicalreport.com and possibly the now-defunct annualworkreport.org.

Use at your own risk. I could find nothing that wasn't self-generated press
about this person or company.

~~~
johnward
Are they affiliated with annual credit report . com or trying to confuse? I
belive that is the site recommended by the Irs for an actual free credit
report each year.

~~~
GrinningFool
They appear to be trying to confuse - the name and address on record are very
different, at least.

------
WhitneyLand
Is there a company that you can pay to opt you out of all 50?

I'd consider being either a subscriber or provider of a service like this for
a couple bucks a month:

\- Auto opt out from all 50

\- As these change location, requirements, or metastasize into new brokers,
continuously opt out and notify as it happens.

\- Auto check and notify of pownd registries for hacks/leaks

\- Maybe a throwaway email service to find data abuse/spam

\- General protection against data weasels, to the extent possible

Kind of like Lifelock, except useful and not a scam.

~~~
spollo
I was thinking about doing a side project based on this a couple weeks ago. A
few issues I ran into:

\- How do I actually know that my customers have been properly opted out? I
have opted out of snailmail marketing using these types a forms before and as
far as I can tell my request was sucked into a black hole and I continued
receiving spam mail from them.

\- Some of these companies require a gross amount of information to opt
yourself out. Another commenter mentioned transunion requires you to submit
your SSN. I wouldn't be comfortable collecting that information and I dont
think customers would be comfortable handing it over.

\- There also a trust issue, how can you assure users that you won't turn
around and sell their complete data to someone else?

~~~
WhitneyLand
Good points. I think you could eventually solve trust with good behavior,
transparency, and involvement of good people.

On the black hole thing, is there any laws like CANSPAM that compel them to
prove they're doing the right thing?

What about testing them by buying lists anonymously and seeing if people are
really opted out? This could also be used to generate press and goodwill by
sharing who the worst offenders are.

------
tixocloud
FWIW, in Canada, it's highly dependent on the awareness of marketing and legal
folks within companies to ensure that opted-out people do not get contacted.

If someone accidentally forgets to ensure the mailing list is cleaned out of
people who've opted out, you could still be contacted.

The solution provided here is not scalable - basically every company in the
world will have a list of opt outs by the time we're done. There needs to be
something done at a higher level but that also comes with its own set of
issues.

On my part, I have always asked people what they are going to do with an
extract of customer information. Having an anti-spam law also lets me
calculate what the costs will be if we get fined.

~~~
JadeNB
> There needs to be something done at a higher level but that also comes with
> its own set of issues.

There's an obvious 'issue'—the poor little companies that want to track to us
will have a hard time, because we don't want to be tracked—an administrative
issue—there has to be some easy way for just about anybody to query whatever
central database—and, perhaps, a security issue—a central database with
everyone's contact information could be a desireable target. That's all that I
can think of, though; what else do you have in mind?

~~~
tixocloud
You're spot on with the issues you mentioned.

The issue I thought about was who is going to be the one housing the
centralized database. Would it be governments? Private corporations? Mixture
of both? It's not clear what's the best option. Not everyone trusts the
government to have all that information and not everyone trusts private
corporations either.

------
mvdwoord
I vaguely remember a similar service in NL that ended up selling this list of,
now confirmed, email addresses. You should not have to opt out of
spam/tracking bullshit.

------
ComodoHacker
Can I reasonably expect such opt-outs to be honored? I doubt so. It means
additional expenses and no one can verify it.

~~~
WinstonCompany
They are required to by law. [1] [2]

[1] [https://www.consumer.ftc.gov/articles/pdf-0096-fair-
credit-r...](https://www.consumer.ftc.gov/articles/pdf-0096-fair-credit-
reporting-act.pdf)

[2] [https://www.ftc.gov/enforcement/rules/rulemaking-
regulatory-...](https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-
reform-proceedings/fair-credit-reporting-act)

------
WinstonCompany
I work on this project! We built this site years ago and have had some
challenges along the way, but still believe in the objectives. Happy to answer
any questions.

------
therockspush
Instead of opting out of these, a better idea would be to fill them up with
fake info if that were possible. Like some other comments mentioned, you're
confirming the data for them when you fill out these forms.

Lexis Nexis is a major one and only lets you opt out under unique
circumstances that will not apply for most people.

Anyone have good sources on where these companies pull their data from?

~~~
save_ferris
Not sure if how much external consumer data the credit rating agencies use,
but I can't help but think of the possibility of repercussions to your credit.

I've been in a years-long dispute with Transunion over my credit due to
incorrect data they have on my financial history, all because my SSN became
tied to another person in their records. No malicious intent was ever found,
but it hasn't stopped them from wrecking my credit.

Fake data makes sense in some of these cases, but trying to pollute your
records with the credit agencies seems like a really bad idea based on my
experience dealing with them.

------
tzm
Here's an alternative: [https://github.com/tzmartin/data-
brokers/blob/master/data-br...](https://github.com/tzmartin/data-
brokers/blob/master/data-brokers.md)

------
neiled
Are there any downsides to opting out of all these things?

------
FussyZeus
I completed the top one and it was a ton of work, can anyone comment on the
effectiveness of actually doing all this?

~~~
WinstonCompany
It absolutely _is_ effective.

As commented above, the companies are required by the Fair Credit Report
Acting Act abide by the requests. [1]

[1] [https://www.consumer.ftc.gov/articles/pdf-0096-fair-
credit-r...](https://www.consumer.ftc.gov/articles/pdf-0096-fair-credit-
reporting-act.pdf)

~~~
sjbase
It's effective in getting these companies to clear your data. But do you
actually get fewer unsolicited calls/emails, etc.?

The do-not-call has been fantastically ineffective for me. I imagine this
could be the same. It's also possible that all of the companies strictly
adhering to the FTC rules (i.e. those on the OP site) constitute a minority of
the market, and spammers are getting data from other less scrupulous sources.

------
john-foley
What a mess. It would take eons to opt out of each of those.

~~~
WinstonCompany
Exactly.

But it would have taken you even longer--or more likely would have been
impossible for you--if we hadn't collected this information and put all it one
place.

------
cafebabbe
Eh... it's an uphill battle.

I wrote some client code from one of these providers, for a big company, and
was allowed to "cache" the fetched information (read: duplicate the records).

------
thepangolino
From the looks of it, data mining seems to be a problem confined to the USA⸮

~~~
feelslikefelt
I can guarantee these companies gather data on Europeans visiting US-based
sites.

