Data Removal Services

Data Removal Services: a reader asks…

I just learned about Incogni. Is this something you recommend?

Actually, no. While I’ve not delved deeply into so-called data removal service providers like incogni.com, up to this point I’ve felt that it’s a service with very limited value, and don’t recommend it for anyone. That’s based on these three factors:

• The dark web is full of information about each one of us who has used the internet. Hackers hoover up personal data about each of us from the internet and then package it for sale to other hackers and scammers on the dark web.
• Data removal services operate on the legitimate businesses where your personal data is stored. This includes huge data aggregators like Google, Meta and Microsoft as well as virtually any business you interact with (and give your personal information to). This personal information of yours is often considered the currency you pay to have ‘free’ services like gmail and facebook: When you share your personal information with any entity online and you haven’t paid them for service, your personal data is your payment. These data aggregators then sell your personal information to anyone willing to pay for it.
• Dark web operators use automated tools to gather personal information from the internet and use machine tools (and increasingly, AI) to connect each bit of information with other bits to build profiles on people. Like the legitimate folks in #2 above, they sell this data to anyone willing to pay for it.

Once a bit of your personal information is online and hoovered up by people in #3, you can’t fully remove it, even if you pay a data removal service provider. The data removal service operators can’t even guarantee that the legitimate businesses they work with will honor data removal requests. Your personal data does have value, and companies like Google are not in the business of giving away money. I would even think it possible that by using a data removal service, you could increase the value of your personal data, especially to bad guys.

I haven’t been convinced that any of these data removal services can do more than scratch the surface of the issue with your personal data being compromised. So to me, it would be money wasted. If you still think it’s worth spending your money on, you should read reviews like this one at PCMag.com which says that other service providers are better than Incogni (e.g., Optery or Privacy Bee). But please, read on…

What you can do is use a tool (such as Keeper Security’s free dark web scan tool) see at least some of your personal information is on the dark web. But you can pretty much bet that there is some of your personal information on the dark web, so this may not be overly useful to you. What is of more use: follow good digital security practices. What’s this, you ask? I’ve written about this many times in the past. I know it’s like telling you to close the barn door after the horses have escaped, but it’s the best I can offer. Here’s my dirty dozen:

1. Use random and unique passwords for every online place you visit. The only way to do this is to use a password manager, as nobody can keep all those passwords memorized. Do not use variations of your favorite password, use only truly random passwords. These can be generated by your choice of password manager software such as Apple’s Keychain/Password (learn about it here), 1Password, KeeperSecurity, BitWarden, NordPass, Dashlane, and others. Note that I’m not including the password manager built into your web browser in Chrome, Edge, etc.
2. Add multi-factor authentication (2FA, MFA, etc.) to whatever online accounts that offer it. Avoid using text messaging for that feature, use a good MFA app like the one built into Apple’s Keychain/Password app, Google Authenticator, Microsoft Authenticator, etc., or whatever authenticator comes with the password manager you use.
3. More and more online entities offer passwordless authentication, such as Google, Microsoft, and Apple. Actually, Apple requires it, and more and more online entities will be moving in this direction. Using the authenticator app (either one of the above or the one that comes with your password manager), you can actually remove the password, and use your device (usually smartphone) to authenticate yourself online on whatever other device or computer you use. These usually use some form of biometric verification (FaceID in Apple’s case) that’s on your smartphone. This does take some effort to activate, and many online entities don’t offer it yet.
4. If you’ve not already got all your passwords strong and unique, go online to every online entity you’ve got an account and change passwords to a unique and strong password.
5. Most online entities will allow you to create a set of one-time use codes to use in case you lose access to your authentication device. Be sure to save these in a safe place.
6. For your computing devices, be sure you have good computer protection. Microsoft Windows computers have the built-in Microsoft Defender, and you can add Malwarebytes Premium (and the free Malwarebytes Browser Guard) to that for added security (but don’t replace Microsoft Defender with another 3rd party tool); Apple computers can also use Malwarebytes Premium for added protection.
7. Keep the operating system and other software up-to-date on every device you use. Security vulnerabilities are constantly being uncovered, so the manufacturers and software developers have to keep issuing patches and updates to their firmware and software in order to block those security vulnerabilities. This kind of maintenance work takes a bit of time, but don’t skip it.
8. Be sure your personal data is backed up on a regular basis. Don’t trust the live cloud-based storage services (Microsoft OneDrive, Google Drive, iCloud Drive, etc.) to keep your data safe, create an offline backup as often as you think necessary to recover your data, should it suddenly disappear.
9. Don’t ever give access to your computer or computing devices to someone else you don’t know and trust in the physical world. Scammers and hackers are constantly finding new ways to scam people out of their money and their personal data. They also are happy to take over your computer and get it to work for them in a botnet to spread their malware and take over other users’ computers.
10. Don’t respond to unsolicited email, text, phone or other communications that warn you about various issues including computer security. These scammers and hackers are hard at work crafting very creative and believable scams. Often they are emails that look so real you think you got a message from your bank, from a delivery company, from a payment processor (Paypal, Intuit, etc.), etc. It’s gone way beyond the old Nigerian Prince scam, now you get believable calls from “Microsoft Tech Support”, a government official or agency, UPS or Fedex bills or bills of lading, real-looking bills from paypal.com, etc. The scams are so numerous they can’t be listed here and you can’t know all of them, so the advice here is to be more than a little paranoid about any incoming communications.
11. If you do get scammed, don’t hide the fact out of embarrassment. Report it to your local law enforcement as well as higher law enforcement authorities. These scammers are benefitting from their victims’ shame, and getting away with their scams because law enforcement only sees perhaps 20% of all such scams.
12. Lastly, don’t rely on experts unless they’re proven to be actual experts in the field you need. Your plumber can’t advise you about computer security, nor your doctor, nor even a casual Google search. There is just so much misinformation and disinformation online, you need a trusted advisor you can count on to give you real, good advice when it comes to the security of your digital life. I’ve been advising consumers for over 25 years and do the research to make sure what I’m advising is the right answer.

I’m not trying to sell anything here, this website is primarily an education resource on consumer technology, and is only supported voluntarily by my readers. Feel free to send in your questions here, but I don’t give immediate and direct response to questioners. I work hard to get you the right answer, and that takes time. If you need immediate, direct support, I do recommend Baer Technology.

Reiterating my response to the original question above, I can’t recommend any service that I haven’t both tried out and also tried out other competitive solutions. That is often prohibitively expensive. But what I can do is look at the technology you’re considering and research to determine if it will do what you want it to do, or not – and if it offers a reasonably good value for your money. In the case of these data removal services, I’ve determined that they are so marginally effective as to be simply not worth the money they charge you.