Online Privacy 101: How Your Data Is Collected, Tracked, and Sold

Q: How do I remove my name from people-search sites?

Start by opting out manually (each site has an opt-out page). Alternatively, use a subscription service like DeleteMe. Many states now require data brokers to honor opt-out requests.

Your personal data is a commodity. Every click, search, purchase, and location ping is harvested, packaged, and sold — often without you knowing. In 2025, the average internet user generates over 1.5GB of data daily. Meanwhile, estate planning isn’t just about physical assets; it’s also about protecting your digital identity and ensuring your privacy survives you.

This guide is your online privacy 101 deep dive. We’ll expose how data is collected, tracked, and sold, and show you exactly what to do to safeguard your digital life — including how to weave privacy protections into your estate plan.

Table of Contents

The Data Economy: Your Information Is the Product

Billions of dollars change hands every year in the data broker industry. Companies like Acxiom, Oracle Data Cloud, and LiveRamp buy, sell, and merge data from thousands of sources. The result? A detailed profile on nearly every adult in the U.S.

How do they get your data? It starts with simple actions:

Social media activity – Likes, shares, friend lists, and location tags.
Public records – Property ownership, marriage licenses, voter registration.
Online shopping – Purchase history, browsing behavior, saved payment methods.
Mobile apps – Permissions for contacts, camera, microphone, and exact location.
Free services – Email providers, search engines, and Wi-Fi networks.

Data brokers then combine these fragments to form a 360-degree view of you: your income, health conditions, political leanings, and even your daily routines.

Estate planning context: When you pass away, your digital footprint doesn’t disappear. Data brokers continue to sell your information unless specific instructions are in your estate plan. That’s why including digital asset management in your will or living trust is critical.

How Your Data Is Collected

1. Active Collection (What You Voluntarily Share)

Whenever you fill out a form, create an account, or consent to cookies, you’re actively handing over information. This includes:

Name, email, phone number
Birth date and address
Payment details
Preferences and interests

Tip: Before submitting any form, ask yourself: Is this information necessary for the service?

2. Passive Collection (The Hidden Trackers)

Your device and browser leak data silently. Passive collection happens without your direct input:

Browser fingerprinting – Websites detect your screen resolution, installed fonts, operating system, and even your GPU model to create a unique ID.
Third-party cookies – Ad networks drop cookies that follow you across sites, building a profile of your interests.
Meta pixels – Facebook (Meta) places a snippet of code on millions of websites to track your behavior, even if you don’t have a Facebook account.
Email tracking pixels – Invisible 1×1 images in emails reveal when you opened an email, your IP address, and your device type.

3. Third-Party Data Sharing and Data Brokers

You might share your data with one company, but they often share it with hundreds of partners. This is known as data enrichment.

Source	Data Collected	Where It Ends Up
Retail loyalty programs	Purchase history, phone number	Data brokers, credit agencies
Health apps	Exercise, sleep, heart rate	Insurance companies, employers
Online quizzes	Personality traits, email address	Marketing firms, political campaigns

4. Location Tracking

Your smartphone sends location data to apps and services constantly. Even when you turn off GPS, your phone can triangulate your position using Wi-Fi networks and cell towers. Geotagging embeds coordinates in photos, posts, and files.

How to Reduce Your Digital Footprint: Practical Steps to Take This Week?

How Your Data Is Tracked Across Devices

Cross-device tracking matches you across your phone, laptop, tablet, and even smart TV. Advertisers use deterministic matching (when you log into the same service on multiple devices) and probabilistic matching (using algorithms to link devices based on IP addresses, times of day, and browsing patterns).

The Cookie Monster vs. The Cookie Apocalypse

Third-party cookies have been the backbone of ad tracking for decades. But browsers like Safari, Firefox, and Chrome are phasing them out. In response, advertisers have shifted to:

First-party data collection – Sites ask you to log in or provide consent for “personalized experiences.”
Server-side tracking – Data is sent directly to the advertiser’s servers, bypassing browser restrictions.
Contextual targeting – Ads are placed based on page content rather than user history.

Reality check: The death of third-party cookies does not mean the death of tracking. New methods like Google’s Topics API and FLoC still monitor your behavior at a group level.

How Your Data Is Sold

The data marketplace is largely unregulated in the U.S. Data brokers compile “people-search” sites like Spokeo, Whitepages, and BeenVerified. They sell your name, address, phone number, relatives, and even property records.

Real-World Example: The Home Address Sale

You buy a new house. The county recorder updates public records. Within days, you receive unsolicited mail from mortgage lenders, home improvement companies, and scammers — all because a data broker scraped public records and sold the list.

Medical Data: The Most Sensitive Gold Mine

Health apps, DNA testing kits, and pharmacy loyalty programs collect incredibly intimate data. While HIPAA protects medical records held by doctors, it does not protect data collected by apps or retailers. Your heart rate, sleep patterns, and even genetic markers can be sold.

Estate planning tie-in: If you use a health-tracking wearable, your family may lose access to your data after death. Some companies require a court order to release it. Specifying digital asset access in your estate plan can prevent this.

The Intersection of Online Privacy and Estate Planning

Most people think of estate planning as wills, trusts, and tax strategies. But your digital estate includes:

Email accounts (holding password resets)
Social media profiles
Cloud storage (Google Drive, iCloud, Dropbox)
Subscriptions (Netflix, Amazon, SaaS tools)
Crypto wallets and online bank accounts
Health data from wearables

If you leave no instructions, your loved ones may never access precious memories — or worse, your data could be sold to data brokers indefinitely.

Protect Your Digital Assets with a Living Trust

A properly drafted living trust can name a digital executor and specify how your online accounts should be handled. It can also require certain accounts to be deleted or preserved.

One excellent resource to begin integrating digital privacy into your estate planning is the bestselling workbook: Living Trusts, Wills & Estate Planning for Seniors – The Complete 3-in-1 Guide. This guide includes ready‑to‑use forms and clearly explains how to protect your digital legacy.

For a broader approach that also covers retirement and tax planning, consider Living Trusts + Wills, Retirement, Tax & Estate Planning – The 6-in-1 Guide. It’s rated 4.5 stars and helps you avoid costly legal fees.

Practical Steps to Take Control of Your Privacy Today

You don’t have to wait for legal documents to reclaim your data. Start with these actions:

A. Audit Your Digital Footprint

Search your name on Google and people‑search sites.
Use How to Remove Your Information from Data Brokers guides to opt out.
Check your privacy settings on every major platform.

B. Lock Down Your Browser

Install an ad blocker (uBlock Origin)
Use a privacy‑focused browser like Firefox (with enhanced tracking protection) or Brave
Disable third‑party cookies
Use a private search engine like DuckDuckGo

Browser Privacy Tools: Ad Blockers, VPNs, and Private Search Engines Explained

C. Secure Your Communications

Encrypt emails using PGP or services like ProtonMail
Use Signal or WhatsApp for messaging (end‑to‑end encryption)
Avoid opening tracking pixels by disabling image auto‑load in email

Email Privacy: Securing Sensitive Messages and Avoiding Tracking Pixels

D. Manage Your Smartphone

Turn off location services for apps that don’t need them
Remove permissions for camera, microphone, and contacts
Review app tracking requests (iOS 14.5+ and Android 12+ give you more control)

Smartphone Privacy Settings: What to Turn Off on iOS and Android Right Now

E. Use a VPN (When Needed)

A VPN encrypts your traffic and hides your IP from websites. But it’s not a magic bullet — it doesn’t stop cookies or tracking within sites you visit.

How to Use a VPN Safely and When You Actually Need One?

F. Opt Out of Data Broker Lists

Services like DeleteMe or OneRep automatically remove you from hundreds of data broker sites. You can also manually opt out using templates from the Privacy Rights Clearinghouse.

G. Educate Your Family

Children’s data is especially valuable. Schools, apps, and gaming platforms collect everything from photos to voice recordings.

Online Privacy for Parents: Protecting Children’s Photos, Data, and Screen Activity

Legal Rights: What You Can Demand Under New Laws

Privacy regulations are expanding. If you live in the U.S., several state laws give you more control:

Law	Key Right
CCPA/CPRA (California)	Right to know, delete, and opt out of sale
VCDPA (Virginia)	Right to access, correct, and delete
CPA (Colorado)	Right to opt out of targeted advertising
CTDPA (Connecticut)	Similar to Virginia, with stronger consent rules

You can submit data deletion requests directly to companies. Many have forms on their privacy policy pages.

Legal Rights Around Online Privacy: What Consumers Can Demand under New Laws

Incognito Mode Myths: What Private Browsing Really Does

Incognito or private browsing does not make you anonymous. It prevents your browser from saving history and cookies locally. But your ISP, employer, and the websites you visit still see your IP and activity.

Incognito Mode Myths: What Private Browsing Really Does and Does Not Hide

The Future of Data Tracking: What’s Coming Next

AI‑powered profiling – Machine learning predicts your behavior, including health risks and political leanings.
Facial recognition – Public cameras and even your own devices can identify you.
Voice assistant eavesdropping – Amazon Alexa and Google Home record snippets, and those recordings can be stored and analyzed.

Your estate plan must account for these emerging threats. For example, who gets control of your voice recordings after death? A well‑drafted digital estate clause can answer that.

FAQ: Online Privacy & Estate Planning

Does incognito mode hide my browsing from my ISP?

No. Incognito/Private browsing only prevents your browser from saving history locally. Your ISP, employer, and the websites you visit still see your IP address and activity.

How do I remove my name from people‑search sites?

Start by opting out manually (each site has an opt‑out page). Alternatively, use a subscription service like DeleteMe. Many states now require data brokers to honor opt‑out requests.

Can my health data from a fitness app be sold?

Yes. While HIPAA protects medical records from doctors, apps are not covered. Always read the privacy policy and limit data sharing permissions.

What should I include in my digital estate plan?

List all online accounts, passwords (perhaps in a password manager), and specify whether each should be deleted or preserved. Name a digital executor in your will or living trust.

Do I need a living trust for digital assets?

Not strictly, but a living trust can streamline asset transfer and avoid probate. It’s especially useful for assets like cryptocurrencies or online businesses.

How often should I review my privacy settings?

At least once every three months. Services update their policies and default settings frequently. Also review after major software updates.

Your online privacy is not a one‑time fix — it’s a continuous practice. And your estate plan must evolve alongside digital threats. By taking action now, you protect not only yourself but also the people you leave behind.

Remember: every piece of data you protect today is one less piece for a broker to sell tomorrow. Combine strong privacy habits with a solid estate plan, and you’ll safeguard your legacy in every sense.