A recent investigation by CalMatters and The Markup revealed that dozens of data broker sites are making it nearly impossible for users to delete their personal information, even when state law mandates it. This issue, involving data brokers opt-out hiding, uncovers troubling industry practices and highlights the need for clearer compliance and greater transparency.
What’s Going On?
Under California privacy law, data brokers are required to offer a way for consumers to request deletion of their personal data. Yet investigators found that at least 35 companies out of nearly 500 reviewed actively prevented their opt-out pages from appearing in Google and other search results. They did this by including code such as meta tags to block search engine indexing.
One example highlighted was Telesign, which buried its "Data Deletion" form deep within dense legal text and made it invisible to search engines.
Why This Matters
When opt-out tools are hard to find or effectively hidden, users lose control over their personal information. This friction can deter them from taking action, especially those whose privacy is most at risk, such as survivors of domestic violence or individuals seeking anonymity.
Privacy advocates refer to these tactics as dark patterns, UI or design choices that mislead, confuse, or delay users from exercising their rights.
What’s Being Done?
Authorities are pushing back. California regulators and others following suit are treating these practices as violations of consumer autonomy. Under investigation are major brokers like IQVIA Digital, Comscore, and Findem, who have been asked to explain their website setups, audit results, and plans to restore visibility to opt-out tools by a given deadline.
Several firms have already removed the blocking code after being contacted by The Markup or CalMatters.
Lessons for Businesses and Consumers
Even small businesses can learn a lot from this broader issue. Ensuring user-facing privacy tools are accessible and appropriately indexed is not only best practice it’s increasingly critical for compliance and trust.
-
Don’t hide user rights behind code or deep navigation layers. Make opt-out or deletion options easily discoverable, with direct links.
-
Audit your site’s behavior with search engines. Ensure privacy or user settings are indexed, unless there's a specific reason to limit visibility.
-
Monitor regulatory developments, like California’s Delete Act, which will launch a “one-stop shop” for data deletion requests in 2026.
Final Thoughts
The recent scrutiny around data brokers opt-out hiding is a pivotal moment in data privacy enforcement. It demonstrates the gap between legal requirements and real-world design behaviors and the importance of holding companies accountable for transparent practices.
Consumers deserve clarity and control for all organizations handling personal data. If your business stores or shares user data, now is the time to review your consent flows, opt-out visibility, and search indexing behaviors.
Need guidance assessing or improving your data privacy practices? At Capital Data Service, Inc., we help organizations align with evolving regulations while strengthening customer trust. Contact us today to make sure your site empowers not obscures user privacy.