You’ve probably seen the ads from Youtubers, podcasts, and more for data removal services - they’ve been marketing heavily lately, at least in my neck of the internet. These services want you to believe they are the heroes protecting you from Big Bad Data Brokers and scrubbing your data from the internet. The intentions aren’t necessarily bad, but much like TurboTax, the incentives driving their business model are misaligned from what regular people want. If all the data brokers disappeared tomorrow, that’s their market going “poof”. They embody the Shirky Principle
, forced to preserve the problem they are the solution to to avoid mutual destruction.
Data brokers make their moola by vacuuming up data from around the web about people, then selling it to interested parties, including but not limited to: scammers & spammers. From what I can find, they are legally required to remove your data upon request - but that hurts their bottom line, so they make the process annoying & full of friction in hopes you won’t bother and they can keep making that sweet sweet cash off your personal information. To top it off, even if you successfully get it removed, they can just collect it again and rebuild the profile on you.
Example of adding friction to the process
I tried submitting requests for removal for my family from Whitepages. I had to go find the forms to fill out, then I had to give them a phone number to call for a 2-factor verification code. It worked for myself, but I could only use the same number for 2 family members before it blocked me and said “Number used for too many requests this year”. Sure, I could convince all my family members that this is important - but can I convince them to do it for the hundreds of brokers & different processes that exist?
In response to data brokers existence, enterprising individuals noticed that people really don’t like having their personal info sold online, but the friction in the opt-out process makes it daunting even if you care about online privacy. An annoying chore, frustrated users, and it can be automated? I smell a startup category emerging!
Thus came the rise of the Data Removal Services
. DeleteMe, Optery, PrivacyBee, … the list goes on. You can pay these data removal tools to “get your data scrubbed from the internet” - that sounds way more effective than opt-out requests! Not so fast.
You are just paying someone else to send requests of “Oh pwease pwease mr data broker will you delete this persons data?”. No magic. As far as I can find, they don’t have any more power to get your information removed than you do. They are still automating an annoying process that you don’t want to do, but not more.
If you’ve taken a look at these data removal services, you’ll notice many monthly subscriptions as their business model. But wait, can’t you just do a mass opt-out one time, like cleaning under the couch?
Nope! As we discussed earlier, data brokers can just recollect the information on you in the future. Because of this, you get to pay the data removal service monthly to keep sending requests and ensure data brokers actually keep you removed.
As the problem for people grows (e.g. increasing number of data brokers, acting shadier), the value proposition of data removal services gets stronger. I’m not superman, so I’m not going to manually send hundreds of opt-out requests every month.
Problem Status | Customers |
---|---|
Improving 📉 | Fewer Customers 📉 |
Worsening 📈 | More Customers 📈 |
Data removal services are disincentivized from improving the underlying problem. If the underlying issue is improved (e.g. less of my personal information is online), it’s harder to convince people to pay for their service. Also, this is only the best case scenario with good people running it! There are some data removal services that will only pretend to send opt-outs, or even feed the data brokers themselves !
This is not an individual problem - your average person shouldn’t be expected to spend dozens or hundreds of hours a year to prevent all the parasites trying to harvest data from you at every turn.
I’m on the upper end of the privacy conscious spectrum, and even I haven’t done 80% of the things you’re supposed to do to stay private and secure on the internet.
Instead of flying cars & jetpacks in the 2020s, we get to ponder if it’s worth spending hard-earned cash to get our personal information (maybe) removed from the internet, for a little while.
Lucky for us as consumers - this isn’t the only market where misaligned incentives come into play! The Shirky Principle hard at work, where Institutions try to preserve the problem to which they are the solution | Hacker News .
Clear is a $6 billion version of Line Leap - cutting the line because waiting in line for security is a hassle. If TSA were to get faster, people wouldn’t think their membership was worth it.
Now that Clear Secure is embedded within airports, the company has every reason to ensure that Congress and TSA let it keep profiting from airport line-cutting. And, like airports themselves, the company has little cause for concern if the security experience of non-CLEAR members grows more irritating. - Slate
The classic example, famous for lobbying the government to keep tax filing complicated and annoying.
Programming languages that do one thing, and do it well.
My journey from sink-hugging champion to teetotaling extraordinaire.
How could rational humans leave their dog poop on the sidewalk?