New Jersey Data Privacy & Data Broker Removal

New Jersey has a comprehensive privacy law that gives you the right to access, delete, and control your personal data. Here is how those rights work in practice and how to remove yourself from data brokers.

Your rights in New Jersey

New Jersey residents are protected by the New Jersey Data Privacy Act (NJDPA) / New Jersey Data Privacy Law.

• Right to Access & Know — Request a copy of the personal information a company holds about you.
• Right to Correct — Request corrections to inaccurate personal information.
• Right to Delete — Ask a company to delete your personal information.
• Right to Data Portability — Get your data in a portable format you can take to another service.
• Right to Opt Out of Sale — Tell a company to stop selling your personal information.
• Right to Opt Out of Targeted Advertising — Stop companies from targeting you with ads based on your personal data.
• Right to Opt Out of Profiling — Stop companies from building a behavioral profile about you.
• Right to Appeal — Challenge a company's decision to deny your privacy request.

Does this cover the company that has my data?

Most companies that collect or sell personal data in New Jersey are likely covered.

Controls/processes personal data of 100,000+ Nj consumers (excluding payment-transaction-only data), Or 25,000+ consumers And derives revenue or receives a discount from the sale of personal data (no minimum revenue percentage — broader than most states)

How to remove yourself from data brokers in New Jersey

Your state law gives you the right to request deletion — but exercising it across hundreds of brokers takes real effort. Here are the most effective steps, in order.

1. Enable Global Privacy Control

Global Privacy Control is a free browser setting that automatically tells every website you visit not to sell or share your data. It takes two minutes to enable and works silently in the background on every site. New Jersey law requires covered businesses to honor it — so this is not just a request, it carries legal weight.

2. Submit direct opt-out requests

For brokers not covered by the registry or GPC, you can submit requests directly. Look for the "Do Not Sell My Personal Information" link in each company's website footer — most major brokers have one. You can also submit formal access, deletion, or correction requests through each company's privacy policy page.

Under New Jersey's law, covered companies must respond within the statutory deadline. If they don't, you have grounds to file a complaint with the New Jersey Attorney General, through the Division of Cons....

3. Automate ongoing removal

Here is the part nobody tells you: even after you complete every step above, brokers re-ingest your information from public records, data-sharing networks, and commercial databases. Within a few months, your profiles reappear. Staying removed from hundreds of brokers is not a one-time task — it is an ongoing commitment that most people cannot maintain manually.

New Jersey's data broker law: what it means for you

New Jersey does not have a dedicated data-broker registry. Most national data brokers are registered in California and honor opt-out requests from residents of any state — but without a New Jersey-specific law requiring it, you have no legal recourse if a broker ignores your request. Services like Delist handle this across states and brokers in one place.

Other privacy protections in New Jersey

Beyond the comprehensive privacy law, New Jersey has additional protections that may apply to you:

• DANIEL'S LAW (N.J.S.A. 56 — 8-166.1; related criminal provision N.J.S.A. 2C:20-31.1), enacted Nov 2020 after the murder of Daniel Anderl (son of U.S. District Judge Esther Salas).
• It lets covered persons — active/retired/former judges, prosecutors, and law-enforcement officers, plus their immediate family — request that any person or business cease disclosing and remove their home address and unpublished home phone number from the internet.
• As amended in 2023, a recipient must comply within 10 business days; willful non-compliance exposes violators to actual or $1,000 liquidated statutory damages per violation, punitive damages, and attorneys' fees, and rights are assignable (enabling firms like Atlas Data Privacy to file on covered persons' behalf).
• LITIGATION/REFORM IN FLUX — Atlas filed ~200 suits against data brokers; the Third Circuit (Sept 2025) certified to the NJ Supreme Court the question of whether a mens rea/intent standard is required (argued March 2026), after questioning the law's First Amendment validity; the NJ Supreme Court upheld the law in June 2025 against a journalist challenge.
• A reform bill (S4109 / Sen.
• Johnson's 'Protect Daniel's Law Act,' introduced Nov 13, 2025) would extend the compliance window to 45 business days, restore the Office of Information Privacy, add an online portal, expand covered persons, and limit assignee-driven mass litigation.
• Also — Address Confidentiality Program (administered by the NJ Department of Community Affairs) for DV/stalking survivors.
• Biometric data — No standalone biometric statute with a private right of action (biometric data is 'sensitive data' under the NJDPA).

How to file a privacy complaint in New Jersey

New Jersey Division of Consumer Affairs — https://www.njconsumeraffairs.gov/ ; Office of the Attorney General — https://www.njoag.gov/

Most state agencies enforce privacy laws in the aggregate — they investigate patterns of violations rather than resolving individual disputes. Filing a complaint still matters: it creates a record that helps trigger enforcement actions.

Frequently asked questions

Sources

• njleg.state.nj.us
• danielslawredact.nj.gov
• troutmanprivacy.com
• news.bloomberglaw.com
• regulatoryoversight.com