Data privacy laws are not up to scratch

Data privacy laws are not up to scratch, but it’s the lack of awareness that’s holding Americans back, survey shows

Press release


Incogni surveyed 2310 Americans in California, Colorado, Virginia, Texas, Florida, and New York to check if state privacy laws impact consumers’ attitudes towards online privacy. 

A recent survey has found that Americans in states with privacy laws in place are no more likely to take action to protect their personal data than those in states without such laws. Laws like the California Consumer Privacy Act (CCPA) give residents the right to opt out of the aggregation and sale of their personal information by data brokers and other third parties. Yet 76% don’t know how to remove their data from the market effectively.

Even where the opt-out is guaranteed, 55% of respondents don’t know they can request access to the information data brokers hold or even have that data removed. 63% don’t even know data brokers exist. Knowing there’s a problem is a precondition for taking corrective action. Among those who claimed to know what data brokers are, only 21%  knew what data brokers do, and just 20% understood how data brokers might use their personal information. 

Most surveyed have previously experienced problems – received spam emails (90%) and robocalls or encountered scam attempts and personal data breaches (70%). Inevitably this leads to the opinion of 71% that companies should be more tightly regulated when handling users’ private data. Although, only 31% admitted knowing the laws protecting their privacy online. 

“Data privacy is becoming increasingly alarming, yet many people are still unaware of the hidden market in which data brokers operate. However, based on recent studies, the actual process of taking back data is extremely tedious. Moreover, it requires legal knowledge and ton of persistence, which might put people off the wish to practice their rights actively,” – says Darius Belejevas, Head of Incogni.

With the mass data collection online and the absence of stringent federal data privacy regulations in the US, Americans can choose from two options: approach each company that has their data individually or use a data removal service. Although getting an automated data removal service to handle these opt-out processes is far more effective and time-efficient, less than 1/4 of Americans surveyed are aware of such services. In any case, 62% of respondents said they have never asked any company to remove their private information. 

Requesting data to be removed from each company individually is a wild goose chase. With hundreds of data brokers registered in the US alone, it would take dozens of well-placed opt-out requests to take a single person’s data off the market. Incogni estimates that it would take 304 hours of work to complete even a single round of opt-out requests.


About Incogni is a data privacy tool from the cybersecurity company Surfshark that periodically sends official data removal requests to personal information brokers on behalf of its clients. The Incogni team is equipped with the legal experience customers may not have. Instead of having to read through reams of legalese and having to remember which brokers answered their emails at all, Incogni subscribers can simply monitor the process via regular updates.

Is this article helpful?
Scroll to Top