How Data Brokers Get Your Information: Collection Explained
Most privacy advice focuses on what you choose to share. Data brokers have built an industry on everything else.
The accurate version of the problem isn't that careful habits are useless reviewing app permissions and tightening social media settings do reduce some of what you broadcast directly. The more uncomfortable reality is that the broker system draws from independent inputs you never interact with, and layers on an inference engine that doesn't need much from you to reach sensitive conclusions about your health, finances, or family situation. Profiling happens with or without your cooperation. The profile can influence what you pay, what you're shown, and how you're categorized and in most states, you have no legal right to see the most consequential parts of it.
A quick scope note: data brokers sell three categories of products identity and fraud verification, people-search tools, and marketing segmentation. This article focuses on the marketing and segmentation side: specifically, how data brokers collect personal information, build behavioral profiles, and sell them to businesses that use the data to target, price, and classify consumers.
Understanding that system means following it through three stages: collection, integration and inference, and downstream use.
Where data brokers get their data: the main collection sources
Video of the Day
The collection infrastructure is not a single feed you can switch off. It is a set of overlapping pipelines, each generating data about you independent of the others.
A consumer who has never posted on social media still has a property record, voter registration, court history, and a phone running apps that embed third-party data layers. Careful behavior reduces one channel. It doesn't close the others.
Government and commercial records. Public filings property deeds, voter rolls, professional licenses, court records are accessible by design. Brokers collect them systematically, at scale. Retailers, loyalty programs, and other commercial partners contribute purchase and behavioral data through their own agreements. As Cornell Law research published earlier this year notes, brokers obtain data from government sources, other publicly available sources, and commercial sources. These records accumulate through the ordinary business of daily life, regardless of how carefully someone manages their online presence.
App SDKs. Many free apps embed third-party software development kits code modules that collect location, device identifiers, and behavioral signals in exchange for revenue shared with the developer. The user downloads a weather app; they also download a data collection layer whose role is often not apparent to users. The FTC's enforcement action against Outlogic illustrates how this works at scale: the agency secured what it described as a first-ever ban on the use and sale of sensitive location data from a broker that had allegedly run three simultaneous location collection pipelines apps built on its SDK, its own mobile apps, and outright purchases from other brokers and aggregators. According to the FTC, none of those pipelines required a direct relationship with the consumer.
Broker-to-broker purchasing. Brokers also buy datasets from one another, creating a secondary market that extends data well beyond its original source. A record that began with a retailer loyalty program can pass through several broker hands before contributing to a downstream profile, as the Cornell Law analysis describes.
Brokers collect two broad categories of data: demographic (age, gender, marital status, political affiliation) and behavioral (purchase history, location patterns, browsing activity). A consumer who withholds all demographic information still generates constant behavioral signals through shopping, movement, and device activity. And as the next stage makes clear, behavioral data alone is often sufficient for the inference engine to reach conclusions the consumer would consider deeply private.
Privacy caution focused on disclosure "don't overshare" targets only the channel you directly control. The government records, the SDK ecosystem, and the broker-to-broker market keep running either way.
Video of the Day
How scattered signals become a sensitive profile

Raw collection is only the first step. Brokers consolidate data from all their sources into a unified database, then run it through predictive algorithms to generate what researchers call "derived information" inferences about who you are and what you're likely to do. This is the step that makes even modest behavioral data consequential. The algorithm doesn't need your health history to infer a health condition. It needs patterns.
Think of it like a credit score, but applied across your entire behavioral record and invisible to you. A credit score doesn't catalog every transaction it produces a number from patterns. Derived information works on the same logic, except the outputs might label you as a probable new parent, a financially vulnerable consumer, or a person with a chronic health condition. Unlike a credit score, you have no legal right to see this label, question it, or know it exists in most states.
The Cornell Law research makes a specific finding worth stating directly: brokers can use entirely ordinary, innocuous data to infer sensitive characteristics. The input doesn't have to be sensitive for the output to be. A sequence of unremarkable purchases can generate a "Diabetes Interest" tag. A pattern of location visits can produce a religious inference.
The documented examples are specific. Broker-sold derived segments include labels such as "Expectant Parent," "Diabetes Interest," and "Financially Challenged," as well as inferences related to sexual orientation generated not from any disclosure, but from patterns detected across behavioral data, per the Cornell analysis. Target's documented ability to predict pregnancy from purchase data alone without any survey response from the customer remains the clearest consumer-facing demonstration of this logic. The FTC alleged that location broker InMarket classified consumers into segments including "parents of preschoolers," "Christian church goers," and "wealthy and not healthy" based solely on where their phones traveled, then sold those segments to advertisers. Per the FTC, InMarket never asked anyone their religion.
There's a visibility gap that makes this harder to address than it might seem. Brokers typically allow consumers to request access to their raw factual data, but not to the derived inferences the labels and scores that actually determine how they're segmented and sold. A consumer can see their listed address; they cannot see their "Financially Challenged" tag. That's not an oversight. The inferences are the product, and the research confirms that brokers normally provide access to factual data while keeping derived information opaque.
The accuracy problem compounds this. Even setting aside the visibility gap, the profiles can contain substantial inaccuracies. One of the largest data brokers reportedly acknowledged that as much as 30% of a consumer's profile may be wrong, according to the Cornell Law analysis. Errors in raw data cascade into errors in the inferences built on top of them. No predictive model escapes this algorithms work on correlation, not certainty. The Cornell research uses a straightforward illustration: if a model finds that 80% of consumers with a given characteristic bought a certain product, it predicts the same for everyone with that characteristic misclassifying the remaining 20%. Those people may be priced, targeted, or categorized based on a profile that simply doesn't describe them, with no mechanism to find out or push back.
This is where the privacy risk departs furthest from what personal habits can address. A consumer who has limited every optional disclosure still produces the behavioral exhaust location pings, browsing sequences, purchase patterns that feeds these models. The inference engine runs on what's left.
What the profile gets used for: pricing, targeting, and broader stakes

The broker ecosystem doesn't exist in isolation. Derived profiles flow to advertisers, retailers, and pricing intermediaries who use them to determine what consumers are shown, what they're offered, and what they're charged. Surveillance pricing where the same product carries different prices for different consumers based on profile data is among the most documented consequences, and it's the point where the collection pipeline acquires a direct dollar cost for individual people.
The FTC's initial findings from its surveillance pricing market study, released in early 2025, found that signals including precise location, browsing history, demographic data, and even mouse movements on a webpage can be used to set different prices for the same product for different consumers. Per the FTC press release: same item, same moment, different price. Products left unpurchased in an online shopping cart a clear signal of price sensitivity can be tracked and used to adjust pricing or promotions when that consumer returns.
A note on methodology: the FTC's report uses hypothetical examples rather than documented retailer-specific cases, because the study data was aggregated and anonymized to protect trade secrets from the companies that responded to the agency's investigative orders. The thermometer scenario commonly referenced from this study a consumer profiled as a new parent being shown higher-priced items first is a hypothetical drawn from study findings, not a documented incident at a named retailer. What is documented: the FTC staff found these intermediaries served at least 250 clients spanning groceries, apparel, and other retail sectors.
Pricing is the visible tip of a less visible risk. When algorithmic inferences track on characteristics correlated with race, gender, or health status, a nominally "neutral" model can produce unequal treatment across groups. The same derived profiles that classify consumers for marketing purposes could enable discrimination in what products are shown and what prices are offered and potentially in higher-stakes domains like credit, insurance, and housing, though the research base on those downstream applications is thinner. The Cornell Law analysis flags derived information as potentially enabling discrimination "by providing previously unavailable sensitive data and seemingly innocuous inferences produced by algorithms that consider suspect features, such as race and gender."
One actor distinction is worth flagging: the FTC's surveillance-pricing investigation focuses on pricing intermediaries companies that help retailers optimize prices algorithmically rather than traditional data brokers. The connection is the shared data infrastructure. The same location, behavioral, and demographic data that brokers compile and sell powers the pricing and targeting tools that retailers deploy downstream. The actors differ; the pipeline connecting them is the same.
What you can do and what requires something bigger than personal habits

The preceding sections make a case that should not end in fatalism. Personal habits still matter at the margin. The honest accounting is that they reduce some inputs, cannot touch others, and cannot reach the inference layer at all.
What still matters:
- Location data is among the most inference-rich signals in the pipeline. Setting app permissions to "while using" rather than "always on," and limiting free apps with no clear revenue model other than data, reduces the SDK-sourced location feed. This is one of the highest-use individual actions available.
- Some states with data privacy laws allow consumers to submit opt-out requests for marketing uses. Whether a broker must honor that request, and how completely, varies by jurisdiction check the specific law in your state before assuming coverage.
- Reducing the volume and variety of accounts, loyalty programs, and subscriptions limits the commercial data trail, even if it doesn't eliminate it.
What personal habits cannot reach:
- Public records property, court, voter registration are collected regardless of any individual privacy behavior. No consumer-facing action touches this input.
- Broker-to-broker data purchases happen entirely outside the consumer relationship. Data collected years ago by one company may still be circulating in the broker market.
- Derived inferences the labels and scores generated from your data cannot be seen, disputed, or corrected in most states. Even a successful opt-out addresses the raw profile, not the inferences already built from it.
The regulatory picture is still catching up. As of November 2023, 13 states had enacted data privacy laws, according to the Cornell Law analysis, and more have followed since. But nearly all of those early laws focus on notice requirements disclosing what categories of data are collected rather than on the derived inferences that drive downstream harm. Seven of those 13 states limited consumer access only to data the consumer directly provided; six states that allowed broader access preserved trade-secret exemptions that can shield inferred profiles entirely. The FTC has been active on enforcement: it finalized consent orders against Gravy Analytics and Venntel for selling sensitive location data tied to health facilities and places of worship in early 2025, and issued investigative orders to eight surveillance-pricing firms in the summer of 2024. Enforcement is accelerating but it remains case-by-case, and the legal frameworks still don't reach inferred data as a category.
Where this leaves things
Lock down your social media, review every app permission, submit opt-out requests where your state allows it and a data broker profile almost certainly still exists for you. It draws from records you didn't choose to file, apps whose data arrangements were buried in terms of service, and algorithms that converted your purchase history into a health or financial label you've never seen and can't correct.
That gap between the raw inputs privacy law increasingly covers and the derived inferences it largely ignores is the structural fault line in the current regulatory landscape. A law that mandates notice about data collection categories but exempts inferred profiles leaves the most consequential part of the broker system legally unaddressed. The profiles that determine whether you're classified as "Financially Challenged" or steered toward higher-priced products aren't built from anything you explicitly disclosed. They're built from what the algorithm made of everything else.
The question worth watching is whether legislators extend privacy rights to cover derived information specifically not just the raw inputs it's built from. Until that happens, the practical advice is to take the available steps at the collection layer, be clear-eyed about which ones actually help, and recognize that the inference layer currently operates beyond what any individual can control or see.