What you can remove, and what’s permanent

Data brokers, people-search listings, and search-engine results respond to removal requests. Public records such as property deeds, court filings, and voter registrations generally don’t, because government agencies publish them for legal reasons outside any company’s control. Anything already screenshotted, archived, or reposted by someone else is also effectively out of your hands: you can ask the original poster or platform, but you can’t force a third party’s copy to disappear.
Where to start: triage before you opt out

Treating every task on a digital-footprint checklist as equally urgent wastes the first weekend on low-value cleanup. Start by finding what’s already exposed: search your full name in quotes, then your name with your city, then your name with your employer, and check your email inbox for old “welcome” or “verify your account” messages to surface accounts you’ve forgotten. Then work through risk in this order.
| Risk category | Example | Rough time cost | Priority |
|---|---|---|---|
| Full name, home address, and birthdate on a people-search site | A Whitepages-style profile showing your address, age, and relatives | 15 to 20 minutes per listing | Do now |
| Reused or breached credentials on active accounts | An old email and password combo used on your bank login | 1 to 2 hours for a password-manager audit | Do now |
| Contact info indexed by Google | Your phone number or address showing in search results | 20 minutes to submit, days to weeks for review | Do soon |
| Dormant accounts holding stored personal data | A forgotten shopping or forum account with saved payment info | Several hours spread over a few weeks | Do soon |
| Ad tracking and browser fingerprinting | Ad ID, third-party cookies | 15 minutes in device settings | Do later |
| Content someone else posted about you | A tagged photo or a friend’s public post | No fixed time | Handle as it arises |
How long before I see results? There’s no single number. Individual broker listings can clear in as little as 72 hours once verified. California-registered brokers must finalize DROP requests within 90 days of retrieval. Google’s own review process has no published fixed turnaround.
Clearing data brokers and people-search sites

Every people-search listing traces back to a data broker: a company that buys, scrapes, or licenses public records, phone-carrier data, and other commercial feeds, then republishes them as a searchable profile. Two very different removal paths exist depending on where you live.
| Path | Covers | How you submit | Processing time |
|---|---|---|---|
| Individual site opt-out (example: Whitepages) | One broker at a time | Broker’s suppression form, often with phone or email verification | Whitepages states up to 72 hours after verification |
| California’s DROP | 600+ brokers registered in California | One request through privacy.ca.gov, California residents only | Brokers must check DROP at least every 45 days and finalize within 90 days of retrieval, enforced from August 1, 2026 |
| Non-California, non-DROP brokers | Any broker outside California’s registry | Broker-by-broker manual opt-out | No standardized timeline; varies by company |
| Google Search’s contact-info listings | Any indexed site, including broker pages | “Results about you” removal request | Reviewed individually; no fixed public turnaround |
California residents now have a materially different mechanism from everyone else: one request instead of hundreds, with a statutory 90-day deadline and a per-day penalty behind it. That gap didn’t exist before this year (California Privacy Protection Agency, DROP).
Whitepages, one of the larger US people-search sites, runs its opt-out through a suppression-request form, and states that a confirmed request clears within up to 72 hours once phone verification is complete.
What if a data broker ignores my opt-out request? For California-registered brokers, non-compliance with a DROP request can trigger a $200-per-day penalty enforced by the state privacy agency, and you can report the failure directly to CalPrivacy. Outside California, there’s no equivalent enforcement path; your options are a follow-up request, an FTC complaint, or a formal deletion demand citing whatever state law applies where the broker is headquartered.
Removing personal information from Google Search

Google’s Results about you tool scans Search for your phone number, home address, and email, and lets you request removal. It has real limits worth knowing before you rely on it: it won’t touch content you control yourself, since a social media post is your job to delete, it won’t remove pages Google judges to serve a public interest, such as court records or news coverage, and an approved removal clears the result from Google Search, not from the source website or from other search engines.
Re-search your name a few days after approval. Google’s cached version of a page can lag behind the live removal by several days before it clears on its own.
How do I know a removal actually worked? Re-check the specific search query the listing appeared under, not just your name alone. For faster confirmation, use Google’s separate outdated content tool to force a recrawl of the exact URL instead of waiting for the cache to expire on its own.
Locking down or deleting old accounts and social profiles

Start with your inbox: search for “welcome,” “verify,” or “confirm your account” to surface logins you’d otherwise forget you have. For accounts you’re keeping, tighten visibility to friends or connections only and remove old posts that reveal your address, routine, or family details. For accounts you’re closing, export anything you want to keep first.
- Don’t log back in mid-deletion. Even a brief login while a deletion is processing can reset the platform’s retention clock, so once you’ve started, stay out until it’s confirmed complete.
- Check tagged content, not just your own posts. Photos and mentions from other people rarely show up in a self-audit of your own account.
- Cancel subscriptions before deleting. App-store and platform-level subscriptions often survive an account deletion and keep billing separately.
Can I get something removed if someone else posted it about me? In the US, there’s no general legal right to force another private individual to delete a post about you. Ask the poster directly first. If that fails, most platforms have a reporting flow for content revealing private information without consent, and Google’s doxxing policy can remove search results for pages combining your personal info with threats or harassment, even when you don’t control the source page.
When a removal request is refused or doesn’t apply

Three situations account for most refusals. The content sits in a record a government agency controls, which sits outside any company’s deletion authority. The broker or platform operates outside California and has no legal deadline to meet, so a request becomes a favor rather than an obligation. Or the content lives on a page you don’t own and the poster won’t cooperate.
The realistic options in any of these cases: a formal complaint, to the FTC for a business practice, to CalPrivacy for a California data broker, or to a platform’s trust-and-safety team for a policy violation; a request citing whatever state or national law applies; or simply monitoring the exposure instead of expecting it to disappear.
Keeping your footprint down

Removal isn’t a single pass. Brokers relist people as they refresh their data feeds, and platform default settings change over time.
| Data type | What’s known about reappearance | Practical recheck interval |
|---|---|---|
| California DROP-covered broker data | Brokers must re-check the DROP list at least every 45 days by regulation | Every 6 to 8 weeks |
| Individual (non-DROP) broker opt-outs | No regulator publishes a mandatory re-listing schedule; brokers relist as they refresh source feeds | No official figure exists; 3 to 6 months is an industry estimate, not a guarantee |
| Google Search removals | Persists unless the source page or a new copy reappears | Rely on Google’s notification setting instead of manual rechecking |
| Social media privacy settings | Stays as set until you or the platform changes it | Recheck after major platform redesigns |
| Region | Applicable law | Practical strength of the deletion right |
|---|---|---|
| California | CCPA/CPRA plus the Delete Act’s DROP platform | Strong: a statutory right, a single-request mechanism, and a $200-per-day penalty for broker noncompliance |
| Other US states | Varies; a growing number have their own consumer privacy laws | Depends on the specific state; none yet run a DROP-equivalent one-stop platform |
| US states without a comprehensive privacy law | No state deletion statute | Weak: removal depends on each company’s voluntary policy |
| EU/EEA | GDPR Article 17 | Strong: a controller must act without undue delay, generally within one month, extendable by two months for complex requests, with named exceptions for free expression, legal obligations, and public-interest archiving |
Do I need to live in California or the EU for these rights to matter? No, you can send removal requests from anywhere. But leverage differs sharply: a California or EU resident invokes a specific legal deadline and penalty structure, while someone in a state without a comprehensive privacy law is asking a company to honor a policy it isn’t legally required to have.