8 Ways Your Data Is Being Sold (And How to Stop It)

Imagine checking your symptoms online, or using your phone to find a clinic. What feels like a private moment is actually being watched. Data companies are tracking these intimate health decisions – from your late-night medical searches to which medical facilities you visit. They're packaging this sensitive information and selling it to buyers.

In today's climate, where healthcare privacy matters more than ever, your personal health choices could be exposed without your knowledge.

Recent incidents paint an alarming picture:

• GoodRx was fined $1.5 million in 2023 for sharing sensitive health information with tech giants without user consent.
• Confidant Health exposed thousands of therapy session records in 2023 through a database misconfiguration.

Don't worry - we'll show you how to fight back. Stick around for actionable protection steps at the end.

That loyalty card saving you $2 on groceries? Those social media posts about your recent anxiety? Each click, like, and purchase is painting an intimate portrait of who you are. Companies aren't just tracking what you buy – they're analyzing your emotional states, life changes, and personal struggles.

When you lingered on those anxiety support posts or used your store card for vitamins, you weren't just sharing preferences – you were feeding a massive system that pieces together your personal story.

That time you started liking posts about engagement rings? Companies knew you might propose before your partner did. Those midnight shopping searches for baby products? Your changing life stage was already being sold to advertisers before you shared your news.

Recent incidents paint an alarming picture:

• PayPal moved to share customers' detailed purchase data with retailers - including personal details like clothing sizes and shopping preferences - all for targeted advertising.
• Mastercard was caught in 2023 selling cardholders' spending data to marketers, letting them build detailed profiles of customers' purchasing habits without explicit consent.
• The Facebook-Cambridge Analytica scandal in 2018 exposed how millions of users' data was harvested without consent to create psychological profiles for political manipulation.
• Meta (formerly Facebook) paid a massive $725 million settlement in 2022 over allowing third parties to access users' personal data without permission for targeted advertising.

Think about your morning routine. You check your email, scroll through social media, maybe order a coffee through an app. By lunchtime, data brokers have already logged dozens of details about your life. They know when you woke up, what news caught your eye, and even your favorite coffee order.

These companies are like invisible biographers, collecting snippets of your daily life from hundreds of sources – and for less than the cost of a pizza, anyone can buy your complete story.

Recent incidents paint an alarming picture:

• Thomson Reuters agreed to a massive $27.5 million settlement after selling millions of Americans' personal photos and data through their Clear platform without consent.
• Data brokers Gravy Analytics and Mobilewalla faced FTC action for tracking and selling people's sensitive location data – including visits to healthcare facilities and places of worship – all without user knowledge.
• Back in 2021, U.S. senators pushed the FTC to crack down on 'people search' sites over privacy concerns and potential misuse by stalkers.

Did you check the weather this morning? Maybe mapped your route to a new restaurant? Those simple actions are worth real money to companies you've never heard of. That weather app isn't just telling you if it's going to rain – it's watching where you go, when you check the forecast, and what locations matter to you. Even that quick walk to grab lunch becomes valuable data.

Companies are paying to know if you visited a gym, stopped at a pharmacy, or spent Sunday morning at a place of worship. Your daily journey, from your morning commute to your weekend wanderings, has become a hot commodity in the data marketplace.

Recent incidents paint an alarming picture:

X-Mode was caught in 2020 collecting precise location data from Muslim Pro (an app with 98 million downloads) and selling it to U.S. military contractors – leading to an FTC order prohibiting the company and its successor Outlogic from sharing or selling sensitive location data.

That meditation app helping you sleep better? The period tracker keeping you informed about your health? Even the simple calculator you sometimes use? They're doing more than just their day job. These apps, which you've invited into the most private moments of your life, might be quietly collecting data about when you're stressed, when you're trying to get pregnant, or even when you're awake at 3 AM doing calculations.

See also - If Any of These 17 Apps Are on Your Phone, Someone Might Be Spying on You

You downloaded them for one purpose, but they're serving another – gathering intimate details about your daily habits and health patterns. That free app isn't really free; you're paying with your personal information, which is then packaged and sold to the highest bidder.

Recent incidents paint an alarming picture:

• A 2022 study found 84% of period-tracking apps were sharing sensitive health data with third parties without proper user consent.

Remember signing that lease for your apartment? Filing for marriage? Or maybe dealing with that old parking ticket? These moments of your life – ones you thought were just between you and your local courthouse – are being packaged and sold online. What used to take a determined person hours of digging through dusty files can now be bought with a few clicks.

That time you refinanced your home? It's in there. That small claims court case from years ago? That's for sale too. Your life's paperwork, which once sat safely in government filing cabinets, is now being traded like baseball cards in the digital age.

Recent incidents paint an alarming picture:

• The Consumer Financial Protection Bureau proposed new rules to rein in data brokers, aiming to restrict their ability to sell sensitive personal and financial information by classifying them as consumer reporting agencies.
• A Brennan Center investigation revealed how data brokers are creating and selling detailed personal profiles by combining public records with other data sources, with government agencies among the buyers.
• Data brokers faced FTC action for selling sensitive information including pregnancy status and political beliefs to anyone willing to pay.
• Regulators are now moving to ban the sale of social security numbers by data brokers, highlighting how even our most sensitive identifiers are being traded.

Picture getting that dreaded email: 'We regret to inform you of a data breach...' Most of us just change our password and hope for the best. But your stolen information isn't just sitting idle on some hacker's computer – it's likely already up for sale on hidden marketplaces. That fitness app account you forgot about? Those old online shopping credentials? They're being bundled with thousands of others and sold to the highest bidder.

Like stolen goods moving through a digital pawn shop, your personal information changes hands multiple times. Each seller adds it to larger databases, making your private details part of an underground economy where everything – from your email password to your credit card history – has a price tag.

Recent incidents paint an alarming picture:

• AT&T exposed sensitive data of 73 million customers, including social security numbers and passcodes that ended up on the dark web.
• National Public Data suffered a breach affecting nearly all Americans, with hackers stealing social security numbers and personal data of up to 2.9 billion individuals, offering it for sale at $3.5 million.

Think about the last time you used your phone's GPS. Instead of going through the court system for a warrant, some government agencies are simply purchasing this kind of location data from private companies. Your morning jog, your drive to work, your weekend trip to another city – all these movements are being collected by apps and sold to the highest bidder, including government bodies.

Recent incidents paint an alarming picture:

• The Department of Homeland Security was revealed in 2020 to be buying location data from private brokers to track individuals without warrants

Awareness is the first step, but it doesn’t have to stop there. You have options to push back against the constant collection and sale of your personal information:

1. Limit What You Share:
   Be cautious about which apps you download and what permissions you grant. Think twice before providing details like your phone number, date of birth, or location unless it’s absolutely necessary.
2. Review Privacy Settings Regularly:
   Check your social media and mobile apps’ privacy settings. Turn off location sharing unless you need it, opt out of targeted ads where possible, and disable any data collection features that aren’t serving you. I wrote an article about this - Why You Should Disable Location Services on Your Phone at Night and How to Do It.
3. Use Tools to Hide Your Activity:
   Consider using a reputable VPN service. A VPN can help encrypt your internet traffic, making it harder for third parties to track and package your data.
   Example: Services like Surfshark VPN can cloak your browsing habits and location, adding a layer of security against prying eyes.
4. Take Control of What’s Already Out There:
   If you’re concerned about data brokers and “people search” sites, you can take proactive steps to remove or minimize your personal information.
   Example: A data removal service like Surfshark Incogni contacts data brokers on your behalf and requests that your information be taken down, helping you reclaim a bit of your privacy without getting lost in endless opt-out forms.
5. Regularly Update Passwords and Use 2FA:
   Strong, unique passwords and two-factor authentication reduce the risk of data breaches. If your data does get leaked, these measures make it harder for hackers to access other accounts or monetize your information.
6. Stay Informed About Consumer Rights:
   Keep an eye on emerging privacy legislation and use your rights under data protection laws. In some regions, you can request access to the data companies hold about you, correct inaccuracies, or demand its deletion.

By taking these steps, you’re not just reacting to a world that profits from your personal information—you’re actively shaping a more private and secure digital presence for yourself.

I'll be posting more helpful guides with tips on staying safe online and protecting yourself and your loved ones. If you found this helpful, feel free to share and follow me for more updates coming soon!