Californians can use DROP to delete data from brokers starting Aug. 1

2026-01-18 By Main Street Independent

What is DROP?

California residents can use a new state privacy tool, the Delete Request and Opt-out Platform, or DROP, to request that their personal information be deleted from databases maintained by data brokers. The system is designed for people to submit deletion requests for personal data held by more than 500 data brokers, according to the tool’s description and accompanying guidance.

The platform is available at privacy.ca.gov/drop. The guidance says users should read the terms of use before accepting.

How Californians can make a deletion request

To start, people sign up through the DROP website and create a profile. The tool provides two ways to verify that someone is a California resident: entering personal information or using a login.gov account.

Most people are expected to verify identity by providing name, date of birth, and address, along with a phone number or email address to receive a verification code. If users choose login.gov, they need to upload a copy of a passport, driver’s license or state ID, the guidance says. After verification, users fill out a deletion request with their name, birthdate and ZIP code, and again provide a phone number or an email address to receive a verification code.

The tool also allows users to add multiple versions of certain information types if they previously used a different name, such as a maiden name, except for birthdate. A line on the DROP website says: “The more information you provide, the more likely your personal data will be deleted.”

Optional unique identifiers and who can skip them

DROP includes an area for a “unique identifier” that can help match a requester to data held by brokers. The guidance says this can include a Mobile Advertising ID for iOS or Android devices, a connected TV ID, or a vehicle identification number, or VIN.

It also provides device-specific notes, saying Android identifiers can be found in the settings menu and that Apple does not allow users to find the code, but it can be turned off in settings. Users who do not have the identifier information readily available can skip that section and add it later.

When deletions begin and how often requests are processed

Although people can sign up immediately, brokers will not begin deleting information until Aug. 1, the guidance says. After that start date, brokers will process deletion requests every 45 days.

The guidance also states that brokers that fail to comply face fines of $200 a day.

If someone’s information changes after submitting a request—such as moving to a new house or buying a new phone or car—the guidance says they can return to their profile, update it with additional information, and submit a fresh deletion request at any time.

What data brokers collect, and what requests cover

Data brokers are described as intermediaries that collect scraps of personal information about consumers and package them for sale in large databases, sometimes without consent. The guidance says data can be purchased from businesses consumers deal with, or scraped from websites or captured through tracking tools on mobile devices.

The California privacy watchdog describes potential buyers as ranging from landlords and insurance companies to what it calls malicious actors such as fraudsters, hate groups, domestic abusers, or hostile foreign governments. It also warns that misuse of this data can lead to identity theft, stalking, or other harmful outcomes.

The guidance lists types of personal information collected by brokers, including online purchases, web browsing history, employment data, and IP addresses. It also says brokers may collect sensitive information such as social security or passport numbers, driver’s license numbers, precise geolocation, and information about health and sexual orientation.

Deletion requests are also described as covering “inferred preferences”—assumptions about what someone might buy based on the data. At the same time, the guidance notes that the tool covers only data brokers registered in California and that some categories are exempt, including public records for car and real estate ownership and credit rating information.

Privacy advocates welcome DROP, but say it has limits

Privacy advocates welcomed the tool as a step toward giving people more control over data collected for marketing and other purposes. Hayley Tsukayama, director of state affairs at the Electronic Frontier Foundation, said DROP was “a good step for people to take.”

Tsukayama also said the focus on deletion and opting out is important, but that “the law itself doesn’t address (data) collection that strongly,” in contrast with European Union privacy rules known as GDPR that spurred cookie consent popups.

In a statement shared with the guidance, Tsukayama said she hopes DROP will reduce spam texts or emails for lists people did not subscribe to, describing those messages as the sorts of things that are sold and as a tangible way to understand what a data broker is. She also said another benefit is cutting the amount of location or medical data that can get fed into algorithms, adding: “For everyone’s privacy, I hope that data brokers would have less access to some of this sensitive information.”

Sources

Associated Press
Associated Press · Jan 15, 2026

Machine-readable details

Article metadata

Published: 2026-01-18
Place: California, United States
Topic tags: computing and information technology, government policy, civil rights
Primary entities: DROP, California, Hayley Tsukayama, Electronic Frontier Foundation
Themes: privacy, consumer data, data brokers, identity theft risk, consumer rights
Floor values engaged: Informed citizenship, Truthfulness, Equality & fairness, Accountability of power, human_life_and_dignity
Source cluster: cluster_ap_2026-01-18_california-data-privacy-tech-tip-cb6a69c
Framework version: 1.1.0
Generated: 2026-05-22
Consensus floor: current
Mindspec: current