Data brokers: the leak you're paying for
The data brokerage industry. Who they are, what they know, how your data gets there, and what opt-out services are actually worth.
Last reviewed May 27, 2026 General public
01 / 06
Reality of exposure
If your data is already public, security changes nature. Before protecting, understand what has already leaked.
Most cybersecurity discourse starts with “protect your data”. It assumes an initial state of confidentiality that has not existed for a long time. Your data — emails, phone numbers, birth dates, professional history, photos, contacts, hashed passwords, sometimes in cleartext — already circulates in databases you have never seen.
This axis lays the mental framework that makes the rest of the site coherent. Before hardening a phone or choosing a VPN, you must understand that the question is not “how do I prevent the leak?” but “how do I operate in an assumed-leaked state?”. This shift changes everything: compartmentation becomes a priority, rotation becomes a discipline, resilience takes precedence over prevention.
The articles in this axis should be read in order. The first one (Your data is already public) is Shield’s manifesto article.
The exposure audit: what you find about yourself in 2 hours
Step-by-step method to map your real exposure. Leak DBs, public registries, honest OSINT. The personal exposure table.
Last reviewed May 27, 2026 General publicYour data is already public. What that actually changes.
The privacy-first fiction serves everyone but you. Honest inventory of what's already out there, and the strategic shift toward assumed-exposure operational security.
Last reviewed May 27, 2026 General publicIdentity compartmentation: operating as multiple versions of yourself
The 4-operational-identity model. Infrastructure, maintenance, links to avoid. Legitimate use cases — and what this is not.
Last reviewed May 27, 2026 Business travelThe right to be forgotten: why it almost never works
GDPR Article 17 read honestly. What de-indexing protects, what it doesn't touch. Alternative strategy: drown rather than delete.
Last reviewed May 27, 2026 General public