Subscribe or upgrade your account to read:

Why you cannot escape people-finding websites

Data protection

Why you cannot escape people-finding websites

People who asked to remove their names and addresses find details reappearing

After three months of emailing and a call that began with 25 minutes of hold music, Karen Irwin was able to remove her personal details from people search engine MyLife.

She had tried to limit access to an online profile that included her address and phone number, but the website required a fee to control the information. Emailed requests to remove the data for free had been unsuccessful, and only after Ms Irwin spoke to a customer services agent did it finally vanish.

“I refuse to pay to control my information,” she said, adding that she had similarly discovered details of her friends’ relatives and net worth “for free, simply by knowing their name and the town they live in”.

People search engines, including MyLife, Spokeo, Instant Checkmate and PeopleSmart, are data brokers, collecting vast amounts of personal information and packaging it into profiles to be sold. The customers of such websites, which charge relatively low fees for access to profiles, are largely curious individuals, businesses doing background checks and law enforcement agencies.

Profiles can include addresses, spouses, details of lawsuits and photos, all of which are gathered from public records, such as divorce proceedings and bankruptcies, social media profiles and paid-for databases.

Information is also collected from dating sites: those that rely on Google for traffic, such as Badoo and Plenty of Fish, allow the search engine to index some user profiles, making them publicly visible.

And industry experts say the quantity of data per person on people search engines is increasing: it is both more granular, and from new sources, such as genealogy site

As consumers become more privacy conscious, growing numbers of people are trying to take control of their data. But removing personal details from the sites is arduous — and the information often reappears within months, according to companies that monitor broker sites.

Some people search engines permit individuals to remove their information from sites, but in many cases, although data are taken down from a website, it is not necessarily deleted from the broker’s records. At the same time, some “opt out” requests are completed within a few hours, while others take weeks — and some even require individuals to submit more information about themselves in order to “verify” their identities.

DeleteMe, a service developed by Abine, an online privacy company, sends opt out requests on behalf of customers to more than 20 people search engines, and monitors data repopulation. According to the company, at least one record reappears online for 45 per cent of people within four months.

OneRep, which offers a similar service, said at least one record reappeared within a year for 41 per cent of its customers. The information was back online in an average of 67 days.

If you have a distinct name or they know your middle initial, it’s really hard to hide

Pam Dixon, World Privacy Forum

People search engines stress that they simply collate existing public information, and that opting out does not remove the data from the internet. Since their sites are constantly acquiring new data, they need to be able to match those who have opted out with incoming records. A broker’s terms often state that if it cannot do this — if someone’s surname changes, for example — the new information may appear on its site.

“This is a complicated process, but at the same time [brokers’] whole business is based on how well they cross match these profiles,” said a spokesperson for OneRep.

Yet campaigners such as Pam Dixon, executive director at the World Privacy Forum, warn that for vulnerable groups, such as victims of domestic violence, the availability of huge swaths of personal information is a “very significant safety threat”.

Individuals who fled dangerous situations had been “outed” by these sites, in some cases resulting in their deaths, she said, adding: “If you have a distinct name or they know your middle initial, it’s really hard to hide.”

Spokeo, which gets 18m unique visitors a month and expects to generate $72m in sales this year, said identifying all opt outs in new data were “a hard technical problem” that the company was “committed to solving”.

The problems are industry wide, privacy groups say, and the frequency of complaints highlights the need for countrywide regulation.

In 2014, the US Federal Trade Commission said people search engines were lacking in accountability, and recommended new national legislation to give consumers more control over the use of their information.

Although no federal legislation has yet been enacted, brokers are increasingly coming under closer scrutiny at the state level. In Vermont, companies trading residents’ data must now register, while California has passed a law allowing Californians to opt out of having their data sold on.

In Washington, senators are working on the first draft of a federal privacy bill that would give consumers across the US more control over their data. Though the draft has not yet been made public, Congressional aides say it will allow individuals to find out more about what information is held on them. At the same time, technology industry lobbyists are campaigning against any move to stop companies selling data on to third parties.

Ms Dixon said that since much of the data came from official US public records, if the laws that require their public disclosure does not change, “it’s going to be very hard to stop [data appearing online]”.

“Companies don’t police it,” she said. “It’s a complete mess.”

Additional reporting by Kiran Stacey in Washington

Copyright The Financial Times Limited . All rights reserved. Please don't copy articles from and redistribute by email or post to the web.

Content not loading? Subscribers can also read Why you cannot escape people-finding websites on