If the NSA takes an interest in you, it doesn’t lead off with tapping your phone and tailing your movements. Rather, it starts with OSINT—Open-Source Intelligence. Agents create a dossier by capturing and collating publicly available information. In the same way, data aggregators and brokers don’t actively spy on you. They sift and match public data to cobble up personal profiles they can sell. Incogni, a personal data removal service that originated with the well-known VPN company Surfshark, automates sending removal requests to these brokers and repeats it as necessary to keep your profile off the market. It’s easy to use and effective. Even so, Optery, and Privacy Bee, our Editors’ Choice winners for this category, both track more brokers and offer a free report for opting out manually.

How Much Does Incogni Cost?

You can purchase one month of Incogni protection for $14.98. Opting for a yearly subscription cuts the price in half, to $7.49 per month, paid as a $89.88 yearly fee. Though still low compared with similar services, Incogni’s prices have steadily risen. At the time of my previous review, it ran $12.99 per month and $77.88 per year, and before that, $7.99 per month and $47.88 per year.

With a price of $72 per year or $8 per month, Yorba costs less than Incogni. However, Yorba doesn’t actively clear your profile from data brokers. Rather, it uses techniques such as finding and canceling unwanted online accounts to dry up the data sources mined by those brokers.

Incogni offers a family plan for up to four people. A one-year subscription costs $197.88. As with the individual plan, you can pay month-to-month. The monthly rate for the family plan is $32.98.

The Kanary costs roughly twice as much as Incogni, at $179.88 per year or $16.99 monthly. You can add family members for $8.49 per month apiece or a dollar less per month if you pay yearly.

Abine’s DeleteMe was the first service of this type I encountered, predating most competitors. DeleteMe protection for an individual costs $129 per year. You can protect yourself and a partner for $229 per year or purchase a family DeleteMe license (four individuals) for $329 per year.

Optery doesn’t offer partner or family plans, but it does come with a wide range of pricing. You can use it for free, in which case it gives you a report on which brokers have your data and advice for handling removals yourself. At the Core level, $39 per year, it actively handles opt-outs for more than 90 brokers and helps with DIY opt-outs for hundreds more. Paying $149 per year for the extended level gets you automated opt-out for more than 185 sites and greater flexibility in data submitted for tracking. At the $249 per year Ultimate level, Optery completely manages removals for you from as many as 560 sites.

Privacy Bee automates opt-outs for a vast number of sites, nearly 900. It’s priced at $197 per year. Like Optery, it will provide a free report on which sites sell your data, leaving you to opt out manually. Incogni doesn’t offer a free report but does provide detailed opt-out instructions for more than seven dozen sites.

IDX Complete is a whole suite of privacy tools—its Forget Me component is parallel to Incogni. This suite also includes dark web monitoring, identity theft remediation, a full-fledged VPN, and more. This collection of features costs $32.90 per month or $355.32 per year. If you don’t want the other features of this suite, it’s an expensive choice for data broker opt-out.

Likewise, for its $144 per year price, Aura does much more than opt you out from data aggregator sites. The opt-out feature is just a small part of this suite, which combines identity theft protection with lackluster local device security.

On a yearly basis, Incogni was once the least expensive of these services. That honor now goes to Optery’s entry-level tier. Still, the availability of a one-month subscription means you can give Incogni a try without risking much cash. My company contact points out that brokers have 30 to 45 days to respond to a removal request, but Incogni will finish its initial round of account removals even if your month runs out without renewal.

Getting Started With Incogni

Onboarding with Incogni is easy enough. You sign up for a monthly or annual plan and create an account. After responding to a verification email, you enter your full name and address along with your date of birth and phone number. Then you grant Incogni a (very) limited power of attorney to make those requests in your name.

At this point, you view and approve a summary of the information you’ve entered. You can also choose to add more personal information, and I suggest you do so—might as well get Incogni firing on all cylinders from the start. You can add up to three physical addresses, three email addresses, and three phone numbers.

You interact with Incogni through a simple online dashboard showing the number of opt-out requests sent, requests in progress, and requests completed. That last figure includes brokers that didn’t have your information and brokers that responded and removed your info. When I signed up, it quickly showed 305 requests sent, 242 in progress, and 63 completed.

There’s another figure of interest called Suppression list entries. Getting on a broker’s suppression list means that it’ll refrain from gathering your data in the future. Incogni knows which ones maintain a suppression list and will automatically sign you up. Right after I registered, it showed 48 suppression lists activated.

During the removal process, you may receive emails from some brokers, though most go straight to Incogni. Shortly after signing up, I got one stating, “This email is your notification that the actions you requested have been completed, your data deleted, and any future data will be suppressed from our entering our systems.” Incogni’s welcome email notes that some brokers may require your direct participation to complete the opt-out process and that you’ll be notified if any of these turn up.

Incogni’s Results After One Day

A smart, patient person would just put Incogni on the back burner for a while at this point. As the company points out, brokers legally have 30 to 45 days to respond, and some use the whole time. In addition, the initial scan of public databases can take up to 48 hours. Being impatient, I checked my dashboard the very next day.

At the top of the dashboard is a graph showing progress over time. With just one day of data, the graph didn’t reveal anything useful. The personal data removal component in Cloaked (which recently added personal data removal to its temporary email address and password management services) includes a similar progress graph.

Overnight, however, my stats had evolved to 91 in progress, 214 completed, and 111 added to suppression lists. It claimed to have saved me 160 hours and 30 minutes, meaning that’s how long it would have taken me to manage these removal requests on my own.

An activity log lists events like, “Dynata has completed the removal request,” but it’s not very useful. You only see 15 items at a time, there’s no detail available, and by observation, you can receive 10, 20, or more notifications for the same broker.

Fortunately, the Detailed view page is much more informative. For each broker, it reports status such as in progress or completed. It also reports the severity of your exposure based on Incogni’s analysis. And each broker gets a Compliance score: Compliant, Inconsistent, or Resistant.

The list still only shows 15 items at a time, but you can filter on any of the criteria. For example, you might want to pay special attention to brokers with a high severity level and low compliance rating.

The detailed view is further divided into private and public sources, initially displaying the private ones. When I switched to the public page, I found it blank. A note from Incogni reminded me that scanning could take up to 48 hours.

New Custom Removals Service

Running across your personal profile on a website you don’t like is frustrating, and that frustration may well be the push that sends you seeking a personal data removal service. Finding that the offending site isn’t managed by the service you chose surely doubles your frustration. But fear not; Incogni now offers custom removal of personal data.

The page for custom removals points out that this is a beta feature. When you invoke it, you get several pages of instructions. The instructions explain that this feature should only be used on data published by others without your consent. They also point out types of data inappropriate for custom removal, such as court records, government records, and social media accounts. With those instructions in mind, you can submit up to three URLs at a time for consideration.

Optery reserves custom removals for those at the expensive Ultimate tier. You submit the precise URL for your profile and a screenshot, and Optery’s experts attempt removal. Optery offers detailed instructions on which sites are appropriate and how to submit them. Privacy Bee has a list of more than 160,000 sites for which custom removal is known to work, but will also attempt removal from any site you request. Both note that custom removals are successful about 75% of the time. You can use DeleteMe’s Privacy Advisor to request removal from custom sites. Kanary has no such built-in feature, but invites requests via email support.

The custom removals feature is a plus for Incogni, even though it’s still in beta. Try it if you spot your data on a site Incogni doesn’t track. But remember that none of the personal data removal services guarantee success for these custom requests. They only promise their best effort.

How Do You Know What Incogni Found?

DeleteMe seeks out your personal data on broker websites and generates periodic reports on its actions. For each broker, the report either indicates it’s free of your data or spells out in detail what personal data is being removed. The Kanary reports each found instance of your personal info and reports back when removal is complete. Optery takes the unusual step of providing screenshots, one of your data visibly in the system before removal and another showing the (correctly) failed search for you afterward.

As noted, Incogni does check for your personal data on public people search sites before requesting removal. It doesn’t list just what types of data were found, but it verifies their removal.

For private brokers, it simply sends a removal request to the ones that seem likely to have you on file. It doesn’t check that they’ve removed the data; it just reports Completed when the broker responds that they either removed your data or never had it. To be fair, there are massive fines for mishandling such requests under the GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act), so it’s reasonable to assume the responses are accurate.

Incogni May Offer Profiles From Strangers

As noted, the process of getting your data removed can be slow. After registering my personal data and taking notes on the process, I put Incogni aside for several days to work on other projects.

When I checked back in, a notification from Incogni asked me to review some profiles that might belong to me. A couple were reasonable, with the last name Rubenking and some other connection, like being in a state or area code where I once lived. But five other names proved completely unfamiliar: Neira Araiza, Emil Blomberg, Harrison Elgin, Noble Hodgin, and Nicole Oberlander. Who are these people?

My Incogni contact explained, “Our algorithm calculates the accuracy rate for each data point…by evaluating the extent of the difference between the query and the potential match.” He concluded, “Quite a lot of people search sites have broken search and often return unrelated results. Due to this inaccuracy, we ask our users to confirm which profile is an actual match.”

Reviewing Incogni’s Findings in Detail

With a fresh understanding that the oddball profiles came up due to errors by brokers, not by Incogni, I discarded them and continued reviewing Incogni’s findings. Looking at the dashboard, I saw that a lot happened in those few days away. It now showed 470 requests sent, 390 completed, and 80 in progress. The dash reported that Incogni saved me over 290 hours of manual drudgery. And it put my profile on the suppression list for 122 sites.

Note that the stats above don’t mean Incogni found my data on 470 different sites. Adding up the total from the public and private database lists, I could see 55 of the former and 113 of the latter, for a total of 168. The larger figure comes because Incogni can send more than one request to a given site.

As noted, Incogni rates the severity of data exposure for each broker as High, Medium, or Low. Using its own analysis of previous removal attempts it assigns a compliance rating: Compliant, Inconsistent, Resistant, or Undetermined. You can open any broker entry in either list to view detailed information. You can also see when the removal request was made and when it was completed (or an estimated time to completion). For completed entries, Incogni reports when it plans to repeat the removal process.

The details for an entry also flesh out the reasoning behind its severity rating. Incogni provides a summary of the nature and purpose of each private broker. Here’s an example: “Provides highly targeted lists on 200MM individuals and 110MM households. Companies can target their desired audience based on credit, shopping, financial, lifestyle, and other personal data.” The public brokers don’t need such a summary, as they’re all in the same business—selling your data profile.

Incogni uses tags to identify the risks associated with each broker. Even one with a low severity rating might be tagged for risks such as Data leaks, Identity theft, or Targeted advertising. Brokers marked at high severity might also display tags such as Affected credit rating, Insurance scams, or Stalking.

When I recently tested Cloaked, it didn’t find my personal information on any of the sites it covers. Incogni seems to have found a lot more, but it’s hard to be sure. It can’t check for the presence of your data on private databases—they’re private, after all! So, it just sends opt-out requests and trusts the response. With public people search databases, it does seek your information, but its reporting doesn’t show what it found.

I did perform a spot check on several dozen people search sites, none of which turned up my personal information. But that could just mean that my profile was already absent before Incogni’s scan. I don’t insist on before and after screenshots like you get from Optery, but I’d like to see more transparency from Incogni about exactly what it accomplished.

A Campaign to Standardize Personal Data Removal

The legal process for requesting the removal of personal data is built on a model of one person opting out from one data broker. That’s fine for individuals, but it doesn’t scale up easily to an automated process. Services like Incogni must interact with each broker in their own preferred fashion and watch for responses that differ for different brokers.

Incogni belongs to a consortium working on a standardized protocol for such requests called the Data Rights Protocol. Other group contributors include Consumer Reports. MIT, and Yorba. We’ll see what comes of this initiative.

Verdict: Incogni Does What It Promises

Incogni acts as your proxy, sending data removal requests to people search sites that have your data and to brokers that are likely to have your data. Some competitors offer the opportunity to empirically confirm removal, meaning you can see your data was present and that it isn’t anymore. We’d like to see Incogni move in that direction, but as far as we can tell, it does what it promises. That said, we still prefer Optery and Privacy Bee, our Editors’ Choice winners in the personal data removal realm. Both check for your data at more sites than Incogni does, and both offer a free report that you can use to handle opting out manually if you wish.