How To Remove Personal Information From the Internet for Free

Your personal information is bought, sold, and shared by the websites you use every day—and by countless data brokers you've never heard of. But recent developments may limit this activity in the future.

In October 2023, Gov. Gavin Newsom signed into law California’s Senate Bill 362, commonly known as the Delete Act. [1] The Act is set to take effect in January 2026 and will allow consumers to make a single request to have their personal information deleted from data broker websites. And while this law is effective only for Californians, similar laws are likely to follow, much like the 11 states that have passed comprehensive state privacy laws following California’s lead on the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

For now, consumers are on their own and must take proactive measures to protect their online privacy. This is no small feat considering the ever growing environment of data hungry websites and emerging tools such as generative AI. To help, we’ve created this resource to help you reduce your digital footprint by removing your personal information from the internet.

First things first, search your name online. Depending on the prevalence of your name, you might need to include a middle initial or city where you've lived. As you scroll through the search results, you'll probably notice your personal information on websites such as Mylife, Pipl, Spokeo, and Whitepages.

Welcome to the world of invasive people-search data broker websites that exist simply to traffic in personal information. These sites commonly publish your name, current and former addresses, data of birth, family members, phone numbers, email address, and numerous other private data points.

Many people-search websites offer an opt-out page while others require sending an email request. Keep track of which sites you've emailed and follow-up with a more direct email if necessary. Some data broker sites, such as WhitePages, will require you to sign up for an account to request deletion. Be sure to use a throwaway email address for any communications with these companies.

Screenshot of opt-out page for online data broker BeenVerified (Source)

These websites often reveal more than enough personal info for criminals to use in social engineering and identity theft schemes. That's why you should make every effort to remove personal information from internet data brokers. Go here for a comprehensive list of data brokers and opt out instructions.

You should also take the time to read the privacy policies associated with your bank accounts. Financial institutions are a primary source of information for the data broker industry but they often allow opting out of certain types of data sharing. For example, here is the opt-out page for Bank of America.

Finally, opt out of marketing associations to limit advertising by participating companies. However, the selections made through these associations are generally device or browser specific and require cookies to maintain preferences, limiting their utility.

• The Data & Marketing Association offers a service called DMAchoice which can be found here.

• The Network Advertising Initiative opt-out page can be found here.

• The Digital Advertising Alliance offers the AdChoices which can be found here while its AppChoices program is over here.

An emerging concern in the world of data privacy is the use of personal data by AI and large language models (LLMs) such as Open AI’s ChatGPT or Meta’s LLaMa. Already, artists are confronting artificial intelligence (AI) companies for using their music, writing, and other output to train AI and ML models. In the same way, it’s not unlikely that your personal information or activity has found its way into these models.

How to remove data from OpenAI (ChatGPT):

• To access OpenAI’s Personal Data Removal Request Form, click this link.

• To opt out of ChatGPT processing your chat data for training, click the three dots next to your name, select “Settings”, click “Show” to access the Data Controls toggle and, finally, switch off “Chat History and Training”.

How to remove data from Meta:

• To access Meta’s Generative AI Data Subject Rights page where you can request, correct, or delete personal information used for Meta’s AI training models, go here.

How to remove data from Bard (Google/Alphabet):

• To access Google’s Bard Activity page where you can manage and delete data, hop over to this page.

It's easy to forget about old online accounts you haven't accessed in years or even decades. For example, The New York Times published an article profiling a mother who had uploaded pictures of her children to Flickr, a photo sharing website that has seen its popularity decline steeply since its heyday.

The woman had forgotten about the account and was surprised to learn that her photos had been uploaded into a massive facial recognition database without her permission. Frustratingly, it's not uncommon for data to be provided by a user for one reason, but used by a company for another.

Internet companies are continually consolidating, which means user data is commonly transferred from one company to another. Take Classmates.com, which 20 years ago was a social network and one of the most visited sites on the internet. Now it's been acquired by Intelius, a major data broker specializing in background checks and people search websites. Intelius' CEO stated that the Classmates acquisition provided a "unique set of data about people, including their maiden name, school, picture."

However, deleting your account isn't always easy. In fact, many websites make the process difficult by using dark patterns to manipulate you into keeping your account active or giving you the false impression that it's been closed or deleted. If you need help, jog your memory of forgotten accounts with this helpful list of common websites and associated instructions on how to close your account.

Invoking privacy settings on social media accounts is crucial to reducing your online data trail. Social media sites regularly change these settings and bury them deep into menus making it difficult to maintain privacy on most platforms. That's because every social media platform makes money from targeted advertising.

For that reason, it's in their interest that your online account remains as open as possible which fosters more interactions, feeds algorithms, and categorizes more of your preferences and behaviors into a marketing profile.

It's also not a bad idea to get in the habit of deleting old social media posts. Sure, a bad take from five years ago or photos from a drunken night out can come back to haunt you. But more importantly, social media posts often make moments permanent when they should really be ephemeral. Once they're gone, you won't miss your tweets from 2015 or your Facebook posts from 2013.

The National Cyber Security Alliance has a list of links to most major social media and device privacy settings that you can find here. The Electronic Frontier Foundation offers a social media privacy primer here.

Google is the greatest compiler of data on the internet. That's why you should learn how to remove personal information from Google by accessing the search giant's activity controls where you manage web and app activity, YouTube history, and ad personalization.

• Find Google's activity controls here.

If you've been doxxed or just need to remove personally identifiable information (PII) from Google, go here to make the request. If you remove personal information from Google, yet it still shows up in cached Google search results, you can go here to request that the cache be cleared and information removed from the search engine.

Finally, if you need to report abuse or otherwise remove personal information from Google for legal reasons, click this link to make a removal request.

Mozilla's Firefox recently began blocking third-party cookies (i.e., cookies that track your activity across the internet) by default. Apple's Safari does the same and Google’s Chrome plans to ban third-party cookies starting in 2024. Other browsers, such as Brave, have been designed with privacy in mind from inception.

Regardless of what browser you use, numerous privacy settings can be applied and browser extensions can be added to enhance security. Most web browsers allow you to set cookies to automatically delete after each session while making exceptions for websites that you'd like to stay logged in to from session to session.

Furthermore, you can use privacy-focused search engines such as Duckduckgo to enhance your online privacy. You can also simply use incognito mode to avoid third-party cookies and use an ad-blocker to minimize ads.

Unfortunately, even the most secure browsers are still vulnerable to fingerprinting, which tracks you without cookies by analyzing your device's various settings. You can learn more about browser fingerprinting here and you can test your browser's overall security here.

Remember that, despite these tools and strategies, your employer and internet service provider (ISP) can always see everything you do online if they choose. This is why many of these types of guides recommend a VPN, but that's not always much better for privacy purposes as many of these services keep logs of user activity.

And even if a VPN claims it will not keep logs, you simply must trust that company to be telling the truth and hope that they will maintain high security standards, neither of which you can confirm. Even the TOR browser can't ensure total privacy. In the end, there's no such thing as anonymity on the internet. To get a better idea of how websites track your activity, enter some of your favorite websites in The Markup’s Blacklight tool.

There are many reasons to clean out or delete old email accounts such as Yahoo or AOL. In another example of how your personal information is bought and sold, AOL and Yahoo were acquired by Verizon in 2015 and 2017, respectively. In 2021, both entities were sold to Apollo Funds which again renamed the company Yahoo.

If you want to keep your Yahoo or AOL email account, go to Yahoo's privacy controls page here to manage your privacy preferences.

Use these links to delete unused email accounts:

• Gmail

• Yahoo

• Outlook

• AOL

In 2017, Google announced that Gmail would no longer be scanned for personalized advertising but many other free email services still do.

If you're interested in more secure email providers that prioritize privacy and won't scan your messages, try ProtonMail or StartMail.

Phone apps can leak data and monitor your activities whether you're using them or not. Take a few minutes to go through your phone and delete apps that you rarely use. For those apps that you keep, take a look at the permissions and consider whether they're appropriate.

For example, it makes sense for a food delivery app to have access to your location, but maybe not your microphone. Furthermore, if you only order food from the app occasionally, you can easily turn location tracking on and off when you use it.

Screenshot of location permissions in Android

Downloading any app generally opens you up to a host of privacy concerns. Unfortunately, Internet companies often make apps difficult to resist. For example, Facebook makes it difficult to send messages on a mobile device without downloading its invasive Messenger app. Without the Messenger app, you need to request the desktop site through your mobile browser's settings and then access messages through the Facebook website just like you'd do on your laptop.

Turn your phone's location data off when it's not needed. It only takes a moment to turn it on if you need to use location-based apps. It’s also a good idea to switch bluetooth off when it's not in use. But despite your best efforts, Google and other tech companies might be able to locate your device even when location tracking is turned off. This is done by determining when it’s near other devices or bluetooth beacons.

As our lives fill with smart speakers and televisions, we might overlook some of our emerging privacy vulnerabilities. For example, smart TVs typically use automated content recognition (ACR) to track what you watch and target you with advertisements. If this concerns you, review your TV's settings to restrict ACR. Here’s a guide to turning off ACR on most smart TVs.

Smart speakers are also a privacy concern. An investigation by Security Research Labs exposed how easily they can be hacked and used for eavesdropping. Furthermore, all major manufacturers have admitted that contractors review recordings.

To access Amazon's Alexa privacy settings, go here. For Google Home, use your smartphone app to open the Account tab and select My Activity. From there you can find options to delete all recordings and set future recordings to erase automatically. Apple does not offer an option to delete Siri's recordings. Finally, you can mute your smart speaker when it's not in use.

If you are fortunate enough to live in a country or U.S. state that has passed a comprehensive data privacy law, you might have more options than the rest of us. Privacy regulations such as the GDPR and CCPA allow consumers to opt out of the sale of their personal information and delete it upon request. In the U.S., comprehensive state privacy laws have been signed in California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia—but their protections vary.

Continually remove personal information from the internet

Minimizing a personal data trail might be difficult for some, but it is a liberating process much like finally cleaning out an attic or taking a big pile of old clothes down to the thrift store.

Recognize that your personal data trail is a complex web of connections that are used to discern your likes, dislikes, and behavioral patterns. The best strategy is to use articles like this one to break up those connections to make using the internet a less invasive experience and to prevent the potential misuse of your personal information by others.