In South Africa you could add your contact details to the Direct Marketers' Association's Do Not Call list, but the list was hacked and the contact details sold.
It’s all about how proactive you want to be. Generally you can do it for free if you know where to remove data from. The people search engines make it intentionally complicated to find their removal links and they make it like an 18-step process unnecessarily. See https://www.removemyphone.com/learn/intelius-removal-guide for instance. That said, I wish some (not all, but some) European style personal data protection laws were on the table for discussion in the US. I’m not sure if the US can manage good privacy laws without benefiting big corporations over smaller social media upstarts, so I think we’re mostly stuck with this state of affairs here.
> 7. Periodically repeat the previous steps. As their data sources and crawlers can find your data again, there's always a possibility that your data will show up again in the future. Monitoring it for the long-haul is super important.
Oh I laughed so hard on that 7.!!! Why can't they just sinkhole your name/number/data so that anyone trying to add you it will be auto-deleted?? Nice scummy behaviour, but I guess they simple call this "business/operating model".
In Germany you can put a „no ads“ sticker on your mailbox and it works. In case someone puts ads into your mailbox anyhow, you can report them to the consumer protection agency and they risk a fine.
Well, I lived in Germany for a long time and had that sticker on my mailbox, but still got them. Though less than anywhere else, so it does scare some, but not all of them.
It's crossed my mind before to start a service that collects junk mail and sends it to the home address of the executives at the junk mail aggregates (there's only a handful of them last I tried to stop receiving junk).
On the one hand it's definitely harassment to find out someone's address just to send them things they don't want for the purposes of changing their behavior. On the other hand, that's their business model.
How much is your time worth? Doing it manually is a pain in the ass and takes a lot of time. Deleteme is not perfect, but they do a pretty good job. Customer since 2010
I think that the value here is for people that want the bulk of what’s out there to be removed from the start. The 3 month follow ups are like maintenance
Dang this is ahead of schedule, but here we are anyway. We are working on something for this at KBYE.io. (It's in beta testing.) Screen grab here: https://ibb.co/TgKS6dR
Email me if you want to help out. We think there are some neat solutions enabled by GDPR.
(And thanks to Basecamp for permission to slightly denigrate the HEY logo :)
Here's the HN post we wrote to help scope the project before we started:
Summary: you know those irritating “prospecting” databases which sell your email address to people who want to send you spam? (Hunter.io is a good example.) We built a tool, in partnership with our friends at a great law firm, which will unsubscribe you from more than 50 of them with a single click.
Background: my inbox is besieged by cold emails from people I don’t want to hear from. Recruiters, outsource software teams, boutique investment banks I’ve never heard of… it’s a constant source of mild low-level frustration. I don’t have the time to unsubscribe from them all, and archiving is work I don’t want to do. (They also tend to not honour unsubscribe requests…) They call it “prospecting”, I call it “spam”.
After GDPR kicked in, I started replying to them with a quick keyboard macro. If I type in ‘gdprfob’, my email client inserts a properly structured GDPR subject access and deletion request. As part of the subject access request, I ask where they got my email in the first place, and what consents they sought.
More than 50% of all the cold emails I get use some sort of prospecting database, and none of them — neither the marketers nor the prospecting databases themselves — ever obtained an opt-in. Of course there’s no obligation for them to obtain my permission, as their replies always point out, but that doesn’t really excuse either the discourtesy, or the fact that “this thing we do isn’t illegal” is as unedifying as justifying bigotry with "freedom of speech derrrr!"
So we’re cutting them off at the source. We’d love to help people stop these low integrity services from buying and selling their contact details. At the very least it’ll get you out of their system, but maybe if enough people do it, they’ll do the kind, courteous thing and switch to an opt-in service which obtains consent to list your contact details for anyone to see.
How it works: give us your email address. Once you’ve verified that you control the account, we manually fill out the forms and send GDPR deletion requests where filling in the forms is not possible. At the end, we’ll send you a receipt which you can use to take up your case with the ICO in case one of the deletion requests is not honoured. We hash your email address after the final receipt is sent so that we can double check you aren’t using us to spam the spammers, but we have no access to your data and our logs are scrubbed clean. We won’t be selling your info like unroll.me did, and we’ve made sure that we can’t ever do it just in case.
Are you in the US? I'm asking this in a non-snarky/good faith way- if you're in the US, and the company is in the US, why would they honor a GPDR request? I understand the EU may have worded GPDR broadly, but sovereignty is still a thing- just because Europe says the law applies globally doesn't mean it really does.
I don't mean this as a criticism- I've been manually deleting myself off of data broker sites for a while- just curious how that works. I see GPDR get invoked a lot here on HN, but I'm not sure people have a firm grasp on how international legal systems work. I mean, as an American I'm not subject to the legal system of Zimbabwe, Myanmar or Saudi Arabia either, even if they pass a law that says I am....
I split my time between the US and UK. One of the interesting things about GDPR has been that a lot of non-EU information controllers appear to have adopted it as their de facto DSAR / right to be forgotten standard, so for many of these "services" GDPR works irrespective of territory (or the GDPR standard), and nearly all others have a simple format for deletion.
The thing which GDPR turbocharges is that you can submit a DSAR or deletion request to _any active email address_ and it must be actioned. So you don't actually have to use the obnoxious forms they try to force you through.
This is a great idea. Thank you for working on it.
Allow me to suggest a feature for your roadmap that might be particularly helpful to people like myself that take this rather seriously: Support users that are in a habit of creating and using a unique email address per service that they subscribe to. (perhaps this is a bit niche for MVP, I realize)
For instance, I own a domain that I use solely for email. I have a configuration that allows me to type <any-thing-here>@<my-domain>.<TLD>, after which that email address will automatically route to my main inbox. Therefore, I have probably 100+ email addresses that have been used for various accounts and services like Netflix, Amazon, Foobar Business LLC, etc. It would be great to be able to use your service with my many 'primary keys' rather than just one. Perhaps you plan to support this already, but if not hopefully this comment leads to a discussion/consideration in your team.
Do you have plans to expand to CCPA requests as well? Some US companies will loudly and vehemently not care about European laws, but are beholden to California laws.
Thanks for the summary. Do you have a list of the 50 or so databases you unsubscribe from? Do you have any metrics around how many such databases exist in total?
India tried this. But was a big failure. Getting on the list was non-trivial and it wasn't enforced well anyway. Of course that isn't to say the US can't do better, but general consumer rights is down in the dumps these days...
I used to work for a pair of real estate investors involved in a pyramid scheme in my early days as a developer. The investors would pay a lot of money to access a data broker to find houses that were, for example, going through foreclosure, short sale, arbitration, etc. We got some pretty violent phone calls regarding how exactly we knew what we did—your home is usually the last thing you want to lose next.
There isn’t any panacea for scrubbing your data from these brokers. All the spam email, texts, calls, or even snail mail most of the time are coming from hydras like the real investors I mentioned, not large companies. Personally, I’m so sick of spam emails, smses, and calls that I’m just going to bite the bullet and start over by making an anonymous email/sms/voip service with Twilio (I did this professionally for 7 years) and put an end to it all.
When I used to work at Reputation dot com they had a service that would do this, opting out of most of the worst of the data brokers and other mailer/aggregation companies. They've pivoted to corporate reputation management AFAIK, but may still have the personal opt-out service as a side benefit.
I used https://brandyourself.com/ a while ago when I was starting a new company...had a connection to the founder over there so decided to give it a shot. They seem to have added more functionality over the years, but I cannot speak to those. What I can say is it met my expectations at the time, and if they successfully developed what was on their road map its probably a decent place to start.
I also downloaded an email client that let me instantly unsubscribe from lists I was somehow on, use a VPN, DuckDuckGO even has an app...idk, I mean the list goes on...i found that in the end, it was up to me to make sure i was closing myself off intelligently while digitally engaged.
On HN, more comments will de-rank the post to make space for newer less discussed content. This bumping is spam and opposite of what you intended to do.
