This article tests the claim that data brokers create and sell “shadow profiles” — detailed dossiers about people who did not directly provide the information — by comparing the strongest counterevidence, official reports, academic studies, and expert explanations. The term data brokers shadow profiles is used throughout to describe the claim under examination, not to assert it as fact.
This article is for informational and analytical purposes and does not constitute legal, medical, investment, or purchasing advice.
The best counterevidence and expert explanations
-
FTC industry study: The Federal Trade Commission’s 2014 report documents how data brokers collect, aggregate, analyze, and share large volumes of personal information “without interacting directly” with many consumers. The FTC found data brokers buy public records, commercial transaction data, and information from partners, and use analytics to make inferences (for example, categorizing people as likely parents or car owners). That report is primary source documentation that the industry compiles broad dossiers at scale, which supporters of the shadow‑profile claim cite as supporting evidence. The FTC also recommended greater transparency and consumer control.
Why it matters: the FTC’s formal 6(b) study is an authoritative, contemporaneous description of data broker activity and explicitly documents aggregation and inference practices. Limitations: the FTC study profiled nine firms and summarized industry practices rather than producing a public inventory of every company’s internal dossiers or the exact content of all commercial profiles.
-
Academic quantification of platform tracking and inferred profiles: researchers studying major platforms (notably research on Facebook) have quantified how web tracking can let an online service assemble inferred profiles about non‑users or partial users by combining browsing signals, contact lists, and inferences from user data. One working paper measuring Facebook’s cross‑web tracking estimated that the platform could observe a substantial share of browsing activity and produce accurate demographic predictions for both users and non‑users — an empirical demonstration of a mechanism people call a “shadow profile.” This is direct academic evidence that tracking+inference can create useful dossiers even for people who have not directly given their data to a single platform.
Why it matters: this research provides measurable limits on how much third‑party tracking and inference can recover about non‑users. Limitations: the paper studies Facebook’s tracking context and methodology; it does not prove every named data broker has identical practices or that every compiled profile is complete or accurate.
-
Documented app and SDK data flows: analyses by privacy NGOs and researchers (for example, Privacy International and other technical audits) have shown that many mobile apps and websites share identifiers and usage data with third parties (advertising SDKs, analytics providers) that in turn feed data marketplaces. Those data flows are a documented mechanism by which brokers can receive event‑level signals and later link them to offline records to enrich profiles. This technical pathway undercuts claims that “no record” can be created for people who never sign up anywhere.
Why it matters: it identifies concrete engineering routes for data collection and cross‑device linking. Limitations: technical flow does not alone prove that a specific broker built an identified, named dossier for any particular person; the existence of flows and the commercial practice of matching are documented, but the contents and accuracy of resulting profiles vary.
-
Industry disclosures and opt‑outs: many prominent brokers publicly document their data sources and provide opt‑out mechanisms (for example, registry listings or corporate privacy portals). State data‑broker registries and company filings show companies claim some methods to let consumers opt out or correct data, which contradicts versions of the claim that assert people have absolutely no recourse. At the same time, regulators and privacy advocates have repeatedly said those opt‑outs are often limited, complex, or ineffective in practice.
Why it matters: this is counterevidence to any absolute assertion that brokers operate in total secrecy with zero consumer remedies. Limitations: disclosures do not equal comprehensive transparency, and opt‑outs may not remove historical or third‑party copies of data.
-
Public statements and litigation context: major platforms and companies sometimes resist the “shadow profile” label or say they do not maintain named dossiers in the way critics assert; for instance, platform executives have been asked in congressional hearings about “shadow profiles” and given qualified denials or different technical descriptions of their systems. Those statements are relevant counterevidence to claims that a single, coordinated industry practice labeled “shadow profiles” exists in identical form everywhere. However, independent research and other documents show companies do collect auxiliary data about non‑users through contact lists, tracking pixels, and partner data. These materials together show a mixed record: companies’ public denials or semantic objections, and research/documentation of practices that match people’s intuitive worries.
Why it matters: official denials create a factual dispute about definitions and scope. Limitations: public testimony and PR statements are not the same as forensic audits or regulatory findings; their evidentiary weight depends on corroboration.
Alternative explanations that fit the facts
Several documented technical and commercial processes can explain why third parties (including brokers, platforms, and adtech vendors) may appear to have “shadow” information about a person even if that person never created an account with that company:
-
Contact‑list and social‑graph spillover: when users upload address books, platforms can link phone numbers and emails to identities, producing inferred connections and partial dossiers about people who never registered. Technical reports and congressional questioning of executives document this precise mechanism.
-
Cross‑device and cross‑site tracking: adtech pixels, cookies, and SDKs can deliver signals about visits, purchases, and app events to marketplaces that match those signals to existing offline records (public records, purchase lists) using probabilistic or deterministic matching. Research shows this tracking can produce accurate demographic inferences.
-
Data brokerage from public and commercial records: many brokers combine public‑record data (property, court, business filings), commercial purchases (loyalty programs, subscription lists), and purchased datasets to build composite records. The FTC documented these sources and the common practice of creating inferred categories.
-
Re‑identification vs. named dossiers: academics and privacy researchers emphasize a distinction: a dataset that contains “identifier‑free” attributes may still be re‑identifiable when combined with other information. The practical result can look identical to a named profile even if the origin systems were trying to keep data pseudonymous. This nuance explains why different actors may describe the same activity in contrasting terms.
What would change the assessment
-
Definitive internal documents or whistleblower disclosures showing a broker or platform intentionally maintained a separate, named “shadow profile” product sold or used without any opportunity for consumer notice or correction would strengthen the claim—especially if those documents proved the existence of a systematic, centralized dossier practice beyond ordinary data matching. Currently available public materials document analogous practices but rarely show an explicit product called a single, universal “shadow profile” held in a central repository with guaranteed completeness.
-
Independent forensic audits or regulatory enforcement actions that publish concrete examples of dossiers (with redactions) and their downstream uses (for hiring, insurance, law enforcement purchase, etc.) would move anecdote toward documented proof for specific harms and company practices. The FTC report and recent state actions document practices and recommend regulation, but they stop short of publishing exhaustive broker inventories.
-
Conversely, credible industry disclosures showing consistent deletion or never‑building of identified profiles about non‑users would weaken the general claim, though the absence of disclosures is not proof of absence. Industry opt‑out mechanisms and privacy portals are documented but uneven in scope.
Evidence score (and what it means)
- Evidence score: 48 / 100
- The score reflects a moderately strong documentary base that data aggregation, tracking, and inference happen at scale (FTC study; technical audits; academic work).
- Direct, public proof that a named, centralized product called a singular “shadow profile” exists across the industry (with uniform contents and a single definition) is limited; documentation more often shows mechanisms, not a single unified product.
- Independent academic and NGO studies corroborate mechanisms (tracking + matching) but are usually platform‑specific or limited in sample, which constrains generalization.
- Industry disclosures and opt‑out portals exist and are documented, which reduces the plausibility of absolute secrecy claims, but those disclosures are often partial and the practical effectiveness of opt‑outs varies.
- Regulatory interest (FTC recommendations, state registries) strengthens documentation of practices but has not, to date, produced an exhaustive public catalogue of every broker’s dossiers.
Evidence score is not probability:
The score reflects how strong the documentation is, not how likely the claim is to be true.
FAQ
Q: What exactly do people mean by “data brokers shadow profiles”?
A: The phrase is used as shorthand for claims that brokers or platforms compile detailed dossiers about individuals who did not directly provide data to that company — often by combining public records, purchases, third‑party tracking, and social contacts, and then making inferences. Different actors use the term differently; researchers typically analyze the concrete mechanisms (tracking pixels, SDKs, public records matching) rather than relying on one popular label.
Q: Does the FTC say data brokers build these kinds of profiles?
A: The FTC’s 2014 investigative report documents that data brokers collect and analyze data from many sources and create inferred categories about consumers; the report calls for more transparency and consumer control. The FTC’s study supports the claim that brokers aggregate and infer, but it does not label every compiled record uniformly as a single industry product called a “shadow profile.”
Q: Can companies really infer sensitive attributes about people they never met?
A: Empirical research shows that cross‑site tracking and behavioral signals can produce accurate demographic inferences in many cases; academic work measuring one major platform’s tracking concluded such inferences are feasible and substantial. That supports the plausibility of inferences, while accuracy and completeness vary by dataset and method.
Q: If I’m not on a service, can I opt out of getting included in broker lists?
A: Many brokers publish opt‑out procedures or state registries list companies with consumer notice options, which is evidence against claims of total secrecy. However, opt‑outs are often device‑ or cookie‑based, incomplete, or require multiple steps; researchers and advocates report practical limits. Check state registries and company privacy pages for current options.
Q: What’s the single most reliable way to resolve disputes about specific alleged dossiers?
A: Independent forensic audits, court discovery, regulatory orders, or authenticated internal documents are the strongest forms of evidence for specific allegations. Public reports, academic studies, and registries document mechanisms and scale, but they rarely substitute for direct, case‑level documentation of a named dossier and its downstream uses.
Tech & privacy writer: surveillance facts, data brokers, and what’s documented vs assumed.