Connect with us

Published

on

D3sign | Moment | Getty Images

Data brokers have long operated in the shadows of the internet, quietly amassing unprecedented amounts of personal information on billions of people across the globe, but few realize just how deep this data collection really goes.

In an age where every move you make online — every click, every purchase, every “like” — is meticulously harvested, packaged, and sold for profit, aggregated personal data has become a valuable commodity, and the global data broker industry is proof of that.

The rise of artificial intelligence tools poses the risk of even more personal information being scraped from the internet and an already opaque world of data brokering becoming even more aggressive, and that is heightening data privacy concerns. A 2023 study from Pew Research found that the American public increasingly says it does not understand what companies do with their data. According to Pew, 67% of Americans say they “understand little to nothing about what companies are doing with their personal data, up from 59% in its previous survey on the subject in 2019. A majority of Americans (73%) think they have “little to no control” over what companies do with their data.

Many people are unaware that something as simple as their phone number can be used by data brokers and bad actors to uncover highly sensitive information, including a Social Security number, address, email, and even family details, said Arjun Bhatnagar, co-founder and CEO of Cloaked, an app that disguises your personal information by generating a unique “identity” for each online account you have.

According to Roger Grimes, an expert at cybersecurity education firm KnowBe4, while many data brokers —especially the more well-known players — sell information responsibly, some of the smaller, unknown brokerages skirt regulations, push ethical boundaries, and exploit data in ways that can lead to misuse or harm. This is partly due to the hazy regulation landscape around data brokerage, which makes it easier for these practices to go unchecked.

Some of the largest providers of data brokerage services include Experian, Equifax, TransUnion, LexisNexis, Epsilon (formerly Acxiom), and CoreLogic, according to a ranking from OneRep, an online personal data management service. People-search services Spokeo and Intelius are also among the top data brokers, according to OneRep. These companies operate across multiple industries, handling both publicly available information and more sensitive consumer data. They offer various services, ranging from marketing analytics to credit scoring and background checks, and all of them have processes for requesting your data or asking for it to be deleted. However, depending on the state you live in, they may not have to comply.

Experian, Equifax and TransUnion are a good place to begin to understand how much the data industry has grown. While many consumers know these companies for their credit services, those are now just one piece of the revenue pie, with broader digital marketing of data increasingly important, according to Jeff Chester, founder and executive director of the Center for Digital Democracy, a Washington, D.C.,-based consumer privacy advocate. And data collection spans much farther across the economy, with companies from grocery stores offering discount programs to streaming video services amassing data that others will pay for. “Today, everyone is a data broker. Having the ability to reach someone online and target has become a core part of business,” Chester said.

“I try to lock down everything as much as I can, but I’m also aware that even though I’m a security expert, I’m probably overexposed,” said Bruno Kurtic, president and CEO of data security firm Bedrock Security.

As a basic step to limit financial risks, he recommends that all individuals freeze their credit reports as a proactive measure against identity theft and to prevent malicious actors from opening new accounts or loans in their name.

Inside data brokers’ massive vault

Cybersecurity experts estimate that data brokers collect an average of 1,000 data points on each individual with an online presence.

“It behooves them to collect as much as humanly possible about you, because the larger the information pool about you and the more specific they can get, the higher the cost of that data,” said Chris Henderson, senior director of threat operations at Huntress, a cybersecurity company founded by former National Security Agency personnel.

Here’s a breakdown of the types of information data brokers typically collect, according to privacy experts interviewed by CNBC:

  • Basic identifiers. Full name, address, phone number, and email.
  • Financial data. Credit scores and payment history.
  • Purchase history. What you search for online, what you buy, where you buy it, and how often you buy certain products.
  • Health data. Your medications, medical conditions, and your interactions with health-related apps or websites.
  • Behavioral data. Insights into your likes, dislikes, and the types of ads you’re likely to click on.
  • Real-time location data. GPS data from apps that track your commute, where you shop, and how often you visit certain places.
  • Inferred characteristics. Based on you’re your browsing and media consumption — the websites you visit, articles you read, videos you watch, data brokers draw insights about your lifestyle, income, preferences, religious or political beliefs, hobbies, and even your likelihood of charitable giving.
  • Relationships with family, friends, and colleagues. By analyzing your network of friends, followers, and connections on social media and messaging apps, data brokers can map out your relationships and even track how frequently you interact with certain individuals to determine the depth of your bonds.

Little oversight around data privacy

The lack of comprehensive regulation around data privacy allows data brokers to operate with little oversight, unlike the General Data Protection Regulation (GDPR) in the European Union.

“There is no comprehensive federal privacy law that specifically regulates the industry, which makes it hard to combat them,” said Chelsea Magnant, adjunct instructor of cyber leadership at NYU’s Center for Global Affairs and a director at corporate consulting firm Brunswick. “We essentially have a patchwork of state laws with varying privacy protections that these companies know how to navigate.”

California was the first to enact comprehensive legislation in 2018 with the California Consumer Privacy Act, giving residents more control over their personal data. In 2020, California voters approved an expansion of the CCPA, called the California Privacy Rights Act, which took effect in 2023. It offers the most extensive protections in the U.S., including data correction, limiting the use of sensitive information, and requiring businesses to honor opt-out preference signals. It also imposes stricter data-protection obligations on companies, such as minimizing data collection.

Since then, about 20 other U.S. states have followed suit; however, the specific rights and thresholds for which companies must comply vary widely between states.

“Different states have different business environments, economies, and viewpoints. This lack of a unified approach, something that protects all citizens across the country, leaves us vulnerable to data brokers,” said Rob Hughes, chief information security officer at RSA.

Even in states where the privacy laws are strict, there is skepticism that smaller companies on the margins of the data brokerage industry will follow them. “They have extremely sensitive data sets under their management, and they have to essentially behave like the most sensitive enterprises. And we know that some of these data brokers just don’t operate businesses like that,” Kurtic said.

How to take control of your data

To start protecting your privacy, it’s important to rethink how much personal information is shared on a daily basis, says Cloaked’s Bhatnagar. While we can’t fully hide, consumers need to develop new habits and tools to limit what we expose, from turning off permissions that track your location to saying no to cookies and refraining from posting personal details online. Additionally, using tools like secure browsers, VPNs, and tracker blockers can help.

Some of the largest technology companies in our daily lives, such as Apple, are continually updating and adding to privacy options, such as on the new iPhone and latest iOS update.

An Equifax spokeswoman said U.S. consumers can opt out of their personal information being shared in accordance with U.S. state privacy laws. On average, she said, opt-out requests made through the Equifax Privacy Preference Center are processed in less than one business day and consumers are informed of a successful submission through the company’s Preference Center. Consumers can also review the types of third-parties that companies such as Equifax share personal data within its privacy section.

Opt-out links and instructions are readily available for most of the major data brokers:

But data privacy experts says reclaiming or deleting your data from brokers can be a deliberately complex process that is not only time-consuming but frustrating. Each broker has its own opt-out requirements, and even after you’ve removed your data, it often reappears, sourced from other places.

“Removing your data from their systems impacts their bottom line, so they are disincentivized to make this easy for you,” said Henderson. “Ultimately, if you remove the information, they can’t sell that. So the more people who request their information be removed, the less attractive of a broker they are to the advertisers.”

There are data-removal services, such as DeleteMe, Kanary, OneRep, and PrivacyDuck, which charge a fee to manage these ongoing tasks, and are becoming increasingly popular. In October, Consumer Reports launched Permission Slip, a free app that helps you control which companies can collect, store and sell your personal data. It relies on donations to keep it going, either through the app or the Consumer Reports website.

For those opting for the DIY approach, here’s what the data privacy experts interviewed by CNBC recommend to get started:

Identify the brokers collecting your data. As already stated, this can be a daunting task, as many operate behind the scenes. However, there are a few methods you can use to track them down, says Henderson. One is to conduct a Google search using your name, phone number, and email address and see which brokers pop up. You’ll most likely find your name on sites like Spokeo, Whitepages, or MyLife. Another strategy is to visit the websites of the largest data brokers and search your information.

Submit opt-out requests. If you live in a state with data privacy regulations, you can submit a request to delete your data on the opt-out page of these companies’ websites, including at the links listed above, so they cannot share your data with third-party companies. It’s important to note that each broker may have different processes for handling these requests and state laws vary when it comes to what types of data are covered. Some data brokers may also require you to provide identification or verify your identity.

Check your results. After submitting opt-out requests, revisit the data brokers’ sites periodically to ensure your data has been removed. It may take several weeks or months for your request to be processed.

Engage in digital hygiene practices. Regularly reviewing and updating your online security practices is essential. Secure passwords, two-factor authentication, and encryption tools can help protect your information. Using virtual identities, such as alternative email addresses and phone numbers, can further safeguard your personal information.

Seek legal recourse if necessary. If a data broker refuses to comply with a deletion request, you may be able to file a formal complaint with regulatory authorities such as the Federal Trade Commission, which has brought cases against the industry.

However, it’s important to understand that not every state provides the same level of protection. Consult a privacy attorney if you believe your rights have been violated.

‘The future is unfortunately dark’

Experts say deleting the data is an imperfect solution, “a Band-Aid to address a gaping wound,” according to Chester.

“Consumers have been placed in a bad position,” he said. “Data is now a form of payment,” he added, referring to cases where the consumer wants a discount in the grocery store or pharmacy. “This is a comprehensive privacy problem which requires Congress or the FTC. The idea an individual can take care of their privacy … you can shut down a tiny bit of it, but you would need to spend a great deal of time, and once you opt-in to get a discount at a store, it all starts over again.”

The future of the data broker industry looks both promising and troubling as technological advancements continue. Javad Abed, assistant professor of information systems at Johns Hopkins Carey Business School, warns that data brokers will continue to evolve as AI and machine learning advance.

“With AI, data brokers will create even more detailed and predictive profiles, incorporating everything from biometric data to behavioral tracking,” Abed said. “The problem will increase, and things are going to become more complicated.”

Abed sees potential in blockchain and privacy-enhancing technologies, which could disrupt the data brokerage model by increasing transparency and giving individuals more control over their digital identities. However, he remains skeptical: “The future is unfortunately dark. It needs to be collaborative work. I don’t see the motivation right now from the main actors for a collaborative change.” 

“Telling our grandmothers or a child to configure settings on their social media and their browsers and search engines is not a winning proposition,” Kurtic said. “It’s going to take a combination of regulation, technology on the vendor side, and know-how on our own personal side.”

Until regulation steps in, data brokers will continue to collect as much data as possible. “These are revenue streams for companies that might not have other recurring revenue streams,” Henderson said. “And given there’s no regulation stopping businesses from selling information about you, I don’t see the practice stopping, especially given how lucrative it is.”

The rising tide of real estate cyber crime

Continue Reading

Technology

Peter Thiel-backed cryptocurrency exchange Bullish files to go public on NYSE

Published

on

By

Peter Thiel-backed cryptocurrency exchange Bullish files to go public on NYSE

Peter Thiel, co-founder of PayPal, Palantir Technologies, and Founders Fund, holds hundred dollar bills as he speaks during the Bitcoin 2022 Conference at Miami Beach Convention Center on April 7, 2022 in Miami, Florida.

Marco Bello | Getty Images

The Peter Thiel-backed cryptocurrency exchange Bullish filed for an IPO on Friday, the latest digital asset firm to head for the public market.

The company, led by CEO Tom Farley, a veteran of the finance industry and former president of the New York Stock Exchange, said it plans to trade on the NYSE under the ticker symbol “BLSH.”

A spinout of Block.one, Bullish started with an initial investment from backers including Thiel’s Founders Fund and Thiel Capital, along with Nomura, Mike Novogratz and others. Bullish acquired crypto news site CoinDesk in 2023.

“In the first quarter of 2025, Bullish exchange executed over $2.5 billion in average daily volume, ranking in the top five exchanges by spot volume for Bitcoin and Ether,” the company said on its website. The prospectus listed top competitors as Binance, Coinbase and Kraken.

The IPO filing says that as of March 31, the total trading volume since launch has exceeded $1.25 trillion.

Read more CNBC tech news

The filing is another significant step for the cryptocurrency industry, which has fought for years to convince institutions to embrace digital assets as legitimate investments.

It’s already been a big year on the market for crypto offerings, highlighted by stablecoin issuer Circle, which has jumped more than sevenfold since its IPO in June. Etoro, an online trading platform that includes services for crypto investors, debuted in May.

Novogratz‘s crypto firm Galaxy Digital started trading on the Nasdaq in May, moving its listing from the Toronto Stock Exchange. And in June, Gemini, the cryptocurrency exchange and custodian founded by Cameron and Tyler Winklevoss, confidentially filed for an IPO in the U.S.

Meanwhile, investors continue to flock to bitcoin. The digital currency is trading at over $117,000, up from about $94,000 at the start of the year.

President Donald Trump, on Friday, signed the GENIUS Act into law — a set of regulations that establish some initial consumer protections around stablecoins, which are tied to assets like the U.S. dollar with the intent of reducing price volatility associated with many cryptocurrencies.

In its filing with the SEC, Bullish says its mission is partly to “drive the adoption of stablecoins, digital assets, and blockchain technology.”

Crypto industry players, including Thiel, Elon Musk, and President Trump’s AI and Crypto czar David Sacks spent heavily to re-elect Trump and have pushed for legislation that legitimizes digital assets and exchanges.

WATCH: Trump’s crypto plan

Trump's crypto reserve plan is 'incredibly bullish' for crypto as a whole, asset manager says

Continue Reading

Technology

Microsoft stops relying on Chinese engineers for Pentagon cloud support

Published

on

By

Microsoft stops relying on Chinese engineers for Pentagon cloud support

Microsoft Chairman and Chief Executive Officer Satya Nadella (L) returns to the stage after a pre-recorded interview during the Microsoft Build conference opening keynote in Seattle, Washington on May 19, 2025.

Jason Redmond | AFP | Getty Images

Microsoft on Friday revised its practices to ensure that engineers in China no longer provide technical support to U.S. defense clients using the company’s cloud services.

The company implemented the changes in an effort to reduce national security and cybersecurity risks stemming from its cloud work with a major customer. The announcement came days after ProPublica published an extensive report describing the Defense Department’s dependence on Microsoft software engineers in China.

“In response to concerns raised earlier this week about US-supervised foreign engineers, Microsoft has made changes to our support for US Government customers to assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services,” Frank Shaw, the Microsoft’s chief communications officer, wrote in a Friday X post.

The change impacts the work of Microsoft’s Azure cloud services division, which analysts estimate now generates more than 25% of the company’s revenue. That makes Azure bigger than Google Cloud but smaller than Amazon Web Services. Microsoft receives “substantial revenue from government contracts,” according to its most recent quarterly earnings statement, and more than half of the company’s $70 billion in first-quarter revenue came from customers based in the U.S.

In 2019, Microsoft won a $10 billion cloud-related defense contract, but the Pentagon wound up canceling it in 2021 after a legal battle. In 2022, the department gave cloud contracts worth up to $9 billion in total to Amazon, Google, Oracle and Microsoft.

ProPublica reported that the work of Microsoft’s Chinese Azure engineers is overseen by “digital escorts” in the U.S., who typically have less technical prowess than the employees they manage overseas. The report detailed how the “digital escort” arrangement might leave the U.S. vulnerable to a cyberattack from China.

“This is obviously unacceptable, especially in today’s digital threat environment,” Defense Secretary Pete Hegseth said in a video posted to X on Friday. He described the architecture as “a legacy system created over a decade ago, during the Obama administration.” The Defense Department will review its systems in search for similar activity, Hegseth said.

Microsoft originally told ProPublica that its employees and contractors were adhering to U.S. government rules.

“We remain committed to providing the most secure services possible to the US government, including working with our national security partners to evaluate and adjust our security protocols as needed,” Shaw wrote.

WATCH: Microsoft Security VP Vasu Jakkal talks cybersecurity with Jim Cramer

Microsoft Security VP Vasu Jakkal talks cybersecurity with Jim Cramer

Continue Reading

Technology

The investor behind Opendoor’s 190% run nearly shut down his fund

Published

on

By

The investor behind Opendoor's 190% run nearly shut down his fund

Courtesy: Opendoor

On June 6, online real estate service Opendoor was so desperate to get its beaten-down stock price back over $1 and stay listed on the Nasdaq that management proposed a reverse split, potentially lifting the price of each share by as much as 50 times.

The stock inched its way up over the next five weeks.

Then Eric Jackson started cheerleading.

Jackson, a hedge fund manager who was bullish on Opendoor years earlier when the company appeared to be thriving and was worth roughly $20 billion, wrote on X on Monday that his firm, EMJ Capital, was back in the stock.

“@EMJCapital has taken a position in $OPEN — and we believe it could be a 100-bagger over the next few years,” Jackson wrote. He added later in the thread that the stock could get to $82.

It’s a long, long way from that mark.

Opendoor shares soared 189% this week, by far their best weekly performance since the company’s public market debut in late 2020. The stock closed on Friday at $2.25. The stock’s highest-volume trading days on record were Wednesday, Thursday and Friday of this week.

Jackson said in an interview on Thursday that the bulk of his firm’s Opendoor purchases came when the stock was in the 70s and 80s, meaning cents, and he’s bought options as well for his portfolio.

Nothing has fundamentally improved for the company since Jackson’s purchases. Opendoor remains a cash-burning, low-margin business with meager near-term growth prospects.

What has changed dramatically is Jackson’s online influence and the size of his following. The more he posts, the higher the stock goes.

“There’s a real hunger for buying the next big thing,” Jackson told CNBC, adding that investors like to find the “downtrodden.”

It’s something Jackson’s firm, based in Toronto, has in common with Opendoor.

Watch CNBC's full interview with Social Capital's Chamath Palihapitiya

When Opendoor went public through a special purpose acquisition company in 2020, it was riding a SPAC wave and broader gains driven by low interest rates and Covid-era market euphoria. Investors pumped money into the riskiest assets, lifting money-losing tech upstarts to astronomical valuations.

Opendoor’s business involved using technology to buy and sell homes, pocketing the gains. Zillow tried and failed to compete.

Opendoor shares peaked at over $39 in Feb. 2021 for a market cap just above $22.5 billion. But by the end of that year, the shares were trading below $15, before collapsing 92% in 2022 to end the year at $1.16.

Rising interest rates hammered the whole tech sector, hitting Opendoor particularly hard as increased borrowing costs reduced demand for homes.

Jackson, similarly, had a miserable 2022, coinciding with the worst year for the Nasdaq since 2008. Jackson said his key client withdrew its money at the end of the year, and “I’ve been small ever since.”

‘Epic comeback’

While his assets under management remain minimal, Jackson’s reputation for getting in early to a rebound story was burnished by the performance of Carvana.

The automotive e-commerce platform lost 98% of its value in 2022 as investors weighed the likelihood of bankruptcy. In the middle of that year, with Carvana still far from bottoming out, Jackson expressed his bullishness. He told CNBC that April that he liked the stock, and then promoted its recovery on a podcast in June. He also said he liked Opendoor at the time.

Investors willing to stomach further losses in 2022 were rewarded with a 1,000% gain in 2023, and a lot more upside from there. The stock closed on Friday at $347.52, up from a low of $3.72 in Dec. 2022, and almost triple its price at the time of Jackson’s appearance on CNBC in April of that year.

After Carvana’s 2022 slide, “then obviously began an epic comeback,” Jackson said. Opendoor, meanwhile, “continued to roll down the mountain,” he said.

Jackson said that the fallout of 2022 led him to pursue a different method of stockpicking. He started hiring a small team of developers, which is now four people, to build out artificial intelligence models. The firm has experimented with several models —some have worked and some haven’t — but he said the focus now is using what he’s learned from Carvana to find “100x” opportunities.

In addition to Opendoor, Jackson has been promoting IREN, a provider of power for bitcoin mining and AI workloads, and Cipher Mining, which is in a similar space. He’s seen his following on Elon Musk‘s social media site X, which he said was stuck for years between 32,000 and 34,000, swell to almost 50,000. And after a lengthy lull, investors are reaching out to him to try and put money into his fund, he said.

Jackson has a lot riding on Opendoor, a company that saw revenue and number of homes sold slip in the first quarter from a year earlier, and racked up almost $370 million in losses over the past four quarters.

In early June, Opendoor announced plans for a reverse split — ranging from 1 for 10 to 1 for 50 — to “give us optionality in preserving our listing on Nasdaq.” With the stock now well over $1, such a move appears less necessary, as shareholders prepare to vote on the proposal on July 28.

“I think it’s a terrible idea,” said Jackson. “Those things usually further cement a company’s move into oblivion rather than hail some big revival.”

Opendoor didn’t respond to a request for comment.

Banking on growth

Analysts are projecting a more than 5% drop in revenue this year, followed by 20% growth in 2026 and 12% expansion in 2017, according to LSEG. Losses are expected to narrow over that stretch.

Jackson said his analysis factors in projections of $11.5 billion in revenue for 2029, which would be well over double the company’s expected sales for this year. He looked at the multiples of companies like Zillow and Carvana, which he said trade for 4 to 7 times forward revenue. Opendoor’s forward price-to-sales ratio is currently well below 1.

With Zillow and Redfin having exited the instant-buying home market, Opendoor faces little competition in allowing homeowners to sell their property online for cash, rather than going through an extended bidding, sales and closing process.

Jackson is banking on revenue growth and increased market share to lead to a profitable business that will push investors to value the company with a multiple somewhere between Zillow and Carvana. At $82, Opendoor would be worth about $60 billion, which is roughly 5 times projected 2029 revenue.

Jackson said his model assumes that “like Carvana, Opendoor can prove that it can permanently turn the tide and get to sustained profitability” so that the “market multiple would get reassessed.”

In the meantime, he’ll keep posting on X.

On Friday, Jackson wrote a thread consisting of 11 posts, recounting the challenge of having “99.5% of my AUM” disappear overnight after his primary investor pulled out in 2022.

“Translation: he fired me for losing him too much money,” Jackson wrote. He said he almost shut down the fund, and was even encouraged to do so by his wife and accountant.

Now, Jackson is using his recent momentum on social media to try and attract investor money, while still reminding prospects that he could lose it.

“All I have is my reputation,” he wrote, “and, unless I keep picking good stocks, it will be gone.”

WATCH: Don’t yet know if IPO market is back to full health

Don't yet know if IPO market is back to full health, says Raymond James' Sunaina Sinha Haldea

Continue Reading

Trending