12 Ways to Reduce Your Online Data Footprint

Mobile apps don’t stop collecting data just because you stopped opening them. SDKs embedded in apps routinely harvest device identifiers, location data, contacts, and usage patterns — even when the app is sitting unused in your app drawer. A 2024 study found that the average smartphone has 80+ installed apps, but users actively use fewer than 30.

Go through your phone right now and delete anything you haven’t opened in the last month. Before deleting, open the app and look for a “Delete Account” option in settings — uninstalling removes the app but often leaves your account and data on the company’s servers. On iOS, check Settings > Privacy > Tracking to see which apps have requested permission to track you across other apps.

Grocery store loyalty cards, retail rewards programs, and pharmacy discount cards are some of the most prolific data collectors in everyday life. A single loyalty program can generate 500+ data points per year about you — purchase history, shopping frequency, brand preferences, and location patterns. This data is routinely sold to data brokers and marketing aggregators.

If you’re not willing to give up the discounts entirely, create a dedicated email address and use a VoIP phone number (see Tip 4) when signing up. Never use your primary email or real phone number. Some stores let you use a phone number at checkout without a formal account — use the VoIP number for these too. The goal is to break the link between your real identity and your purchase history.

Your home address is one of the hardest pieces of information to scrub from the internet. Every time you give it to a new service — a subscription box, an online retailer, a utility company — it enters data supply chains that eventually feed people-search sites. And unlike a phone number or email, changing your physical address is expensive and disruptive.

For non-critical registrations, use a PO box (USPS boxes start around $20/month) or a virtual mailbox service like Traveling Mailbox, Anytime Mailbox, or Earth Class Mail. Virtual mailboxes give you a real street address (not a “PO Box” prefix), scan your mail, and forward packages. Reserve your real home address for situations that legally require it — banks, government documents, and your employer.

Your real phone number is one of the strongest identifiers data brokers use to link records across databases. It connects your name, address, employment history, and relatives into a single profile. Once your number is in the broker ecosystem, it’s nearly impossible to fully remove — it gets re-ingested from public records, app data, and marketing lists.

Services like Google Voice (free) and MySudo ($1–$15/month) give you secondary numbers you can use for online signups, retail accounts, and anything that isn’t your bank or government. Google Voice provides a free US number that forwards calls and texts to your real phone. MySudo lets you create up to nine separate identities, each with its own number, email, and browser. Keep your real carrier number for trusted contacts and institutions only.

When you use the same email address everywhere, it becomes a universal key that brokers use to merge data from multiple sources into a single profile. A breach at one service exposes the email you use at every other service. Email aliases let you give each service a unique address that forwards to your real inbox.

SimpleLogin (free tier: 10 aliases) and Apple Hide My Email (included with iCloud+) generate random addresses like abc123@simplelogin.co. You can also use Gmail’s built-in plus addressing: yourname+netflix@gmail.com, yourname+amazon@gmail.com. The plus-address trick is easy but less effective — some services strip the plus suffix, and scrapers know to do the same. Dedicated alias services are stronger because the generated address has no visible link to your real email.

Voter registration records are one of the largest public data sources that feed people-search sites. In most US states, your name, address, date of birth, and party affiliation are legally considered public record. Data brokers purchase these files in bulk and use them to build profiles.

What you can do depends on your state. Some states (like California and Virginia) let you request confidential voter status if you can demonstrate a safety concern. Others let you opt out of having your data sold to commercial entities while keeping it available for election-related purposes. Contact your county registrar or secretary of state’s office to ask about your options. At minimum, avoid listing your phone number or email on voter registration forms — these fields are usually optional.

Chrome shares browsing data with Google’s ad network. Search engines log every query and tie it to your profile. Switching browsers won’t stop data brokers from listing your address, but it does reduce the steady stream of behavioral data that feeds into ad-tech and marketing databases.

Firefox with Enhanced Tracking Protection (enabled by default) or Brave (blocks ads and trackers out of the box) are the two strongest mainstream options. Pair with DuckDuckGo as your default search engine — it doesn’t build a search profile tied to your identity. This is a low-effort, low-friction change. The impact is modest on its own, but it compounds with the other steps on this list.

Credit bureaus sell “credit header” data — your name, address, date of birth, and Social Security number — to data brokers. This is separate from your credit report and doesn’t require your authorization. It’s one of the primary ways brokers confirm that the “Robert Thorpe in Brooklyn” on a voter roll is the same person as the “Robert Thorpe” in a marketing database.

You need to contact each bureau separately. Equifax: call 1-888-548-7878 and request to opt out of prescreened offers and data sharing. Experian: submit a request through their privacy portal or call 1-888-397-3742. TransUnion: use their online opt-out at optoutprescreen.com or call 1-888-567-8688. This process is tedious — expect to spend 30–60 minutes on hold across all three — but it cuts off one of the richest data sources brokers use.

People-search sites like Spokeo and Whitepages are the most visible data brokers, but marketing data brokers operate on a much larger scale behind the scenes. Companies like Acxiom (now Liveramp), Oracle Data Cloud, Epsilon, and LexisNexis aggregate billions of records and sell consumer profiles to advertisers, insurers, and employers.

Each has its own opt-out process. Acxiom: visit isapps.acxiom.com and submit a removal request. Oracle: email privacyofficer@oracle.com citing CCPA or GDPR rights regardless of your state. Epsilon: call 1-888-780-3869 or submit a written request. LexisNexis: use their consumer portal at consumer.risk.lexisnexis.com. These removals take 4–8 weeks and need to be repeated annually, as your data re-enters their systems through credit applications, warranty registrations, and public records.

Data minimization is an ongoing process, not a one-time project. Even after you opt out of every broker and lock down your accounts, new listings can appear when your information re-enters the data supply chain. Google Alerts gives you a free early-warning system for new exposures.

Go to google.com/alerts and create alerts for: “Your Full Name” (in quotes), your phone number (with and without dashes), and “Your Name” + your city. Set delivery to “as-it-happens” or daily digest. This won’t prevent data collection, but it tells you when new information surfaces so you can act quickly. For more comprehensive monitoring, use a dedicated scanner like Delist.ai that checks people-search sites directly rather than waiting for Google to index them.

Social media profiles are a primary data source for people-search sites. Brokers scrape public profiles to harvest phone numbers, email addresses, locations, employment history, and relationship data. Even if your posts are set to “friends only,” your profile details are often still public by default.

Quick checklist for the major platforms: Facebook — Settings > Privacy, set “Who can look you up using your phone number/email” to “Only me”; disable search engine indexing. Instagram — switch to a private account if you’re not using it for business. LinkedIn — Settings > Visibility, turn off “Profile visibility off LinkedIn” and restrict who can see your email and phone number. X (Twitter) — Settings > Privacy, disable “Let others find you by phone/email.” These changes take 5 minutes per platform but immediately stop new scraping of your contact details.

If you own a business — even a single-member LLC or freelance sole proprietorship — your home address is likely on public business filings at the state level. Secretary of state databases are routinely scraped by data brokers, and the filings typically include your full name, address, and sometimes your phone number. This data feeds directly into people-search sites.

A registered agent service (Northwest Registered Agent, Incfile, ZenBusiness) provides a business address and accepts legal mail on your behalf. Costs range from $100–$300 per year. When you form or update your LLC/corporation, use the registered agent’s address instead of your home address. If your home address is already on existing filings, most states let you file an amendment to update it. This is especially important for freelancers and solo founders who work from home — business filings are one of the few data sources that are genuinely public record and difficult to suppress.