[omnimike]

I can’t give specifics, I know someone who had to deal with “delete me” requests from these “privacy” companies. The privacy company would literally take your personal info (name, email), and _email it to every company they could think of_ asking the company to delete your account _even if you didn’t have one_.

[imiric]

I had a suspicion these services actually do more harm than good, even if they're well intentioned and not actively running a data collection scheme.

But this is really a chicken-egg situation. How do you tell companies to delete your information without telling them what identifies your information? It's in these companies' interest to make this as difficult as possible, so a solution based on data hashes is highly unlikely to appear out of their good will alone. This requires strict regulation and high fines.

There's also the issue of proving ownership of the data requested for deletion. Even in the EU with the GDPR, which is arguably the most progressive data privacy regulation we have, companies routinely violate this by requesting even more personal information from the requester.

[dpkirchner]

Ideally a regulator would intervene, demanding that the data provider prove that each person in their database has explicitly opted in. That should be really easy for these companies -- it's just another record to include in our files. If they can't prove it, they must delete all related data.

[hirsin]

And when they autofill that value with 1, because they obviously got all of that data legitimately? Will consumers be asked to prove a negative?

Even test cases will run into data sharing issues.

[bryanrasmussen]

>And when they autofill that value with 1,

amazingly enough the law is more clever than programmers assume it is, and the clever dodges programmers come up with tend to be seen through and just lead to jail time.

Prime Exhibit - https://en.wikipedia.org/wiki/Hans_Reiser

[20after4]

I don't understand how Hans Reiser is an example of this. He was convicted of murder and nothing about his case (that I could find) seems to indicate that he used "clever dodges" to skirt the law.

[bryanrasmussen]

if one followed the case at the time Reiser seemed very much the stereotype of the really superclever person who figured they were smarter than all those dumb folks who were never going to catch him and it all fell apart real quick.

Then when it fell apart he dropped back to arguing he just looked guilty because he was too smart to look innocent or something https://yro.slashdot.org/story/08/02/23/2218256/hans-reiser-...

https://www.eastbaytimes.com/2010/08/02/review-from-a-report... >He thought he was smarter than everyone else, but ultimately he was not

[databroken]

Why not just outlaw data brokers entirely?

[mk89]

Because they need them for their stupid election campaigns, surveys and crap like that.

[MeatBro]

Yeah. They sure did a great job surveying "accurately" every election cycle.

[mk89]

Well, my experience says that they are decently accurate, at least here in EU.

However, I would ban surveys because they can lead people to vote for the wrong person due to social pressure.

[notclive]

What does proof look like?

On past projects we've recorded the time the user submitted a from (with a checked consent checkbox), but this doens't feel like rigorous proof.

[dpkirchner]

A scanned signature would work, I think, on a form mailed in by the user. The form would need to be clearly identified as coming from the data broker but could be provided by the company ultimately seeking your data.

[planede]

Ah, the evil bit.

[godelski]

My impression is that it depends what company you use. I don't really trust them but at the same time, there are a lot of other companies. All I can really say is that Optery will give you a free report with very minimal information and on a test they dug up far more information that I provided (the minimum).

Given that these companies, like Incogni and DeleteMe, are now sponsoring big time YouTubers I'd imagine they are soon going to get a much closer look. At minimum, they are making far more people aware of the situation and data out there. Even though many of the VPNs fall far short of the promises, it is setting a strong signal that people care about privacy and entering the public lexicon is the first step. I hope these can be a catalyst towards more state or federal privacy protection.

[letitbeirie]

> actually do more harm than good

I've wondered about this too.

I have a common enough name that about 2/3 of the info data brokers have on me is garbage.

If every data broker could be relied on to faithfully delete my info I would sign up for Optery or Incogni today. I don't, because if even one of those 2/3 is a bad actor I'm just expending effort to clean up their data.

Specifically, the data I don't want them to have.

[tlogan]

When you use these ‘delete me’ services to remove your information from a platform like Dropbox, there’s a hidden catch. These services are often linked to companies that trade in email addresses. By submitting your email for deletion, you might unwittingly end up having it sold to marketers or data brokers, potentially leading to even more spam and unwanted contacts. Or maybe nice target ads … depending who bought your email address

[EasyMark]

Devil's advocate here, n=1 is just a data point is rarely the whole story. I would assume, but obviously I could be wrong, that the legit ones actually can check if your info exists in a company before they send a take down request. I have no proof of that but it's probably nearly as good as n=1.