On January 1, 2026, California launched DROP — the DELETE Act Registration and Opt-Out Platform. One deletion request, applied to every registered data broker in the state. No other state has anything like it.
How It Works
DROP runs through CalPrivacy (California Privacy Protection Agency). Submit a request, verify residency, and every registered broker has 45 days to delete your data. Noncompliant brokers face $200-per-violation penalties. Before DROP, this meant hunting down 500+ individual opt-out pages. Now it takes one submission.
What California Got Right
One request covers all brokers. No more 21 separate forms across 21 sites with 21 verification processes.
Mandatory compliance. Brokers operating in California must honor DROP requests. The per-violation penalty scales fast.
Expanded disclosure. SB 361 forces brokers to disclose whether data goes to foreign actors, government agencies, or AI developers.
Enforcement that bites. CalPrivacy landed the largest CCPA settlement to date in July 2025 — $1.55 million against a health information publisher. They enforce.
What DROP Does Not Cover
Only California residents. The other 49 states still submit opt-outs one at a time.
Only registered brokers. Unregistered brokers face penalties, but your data sits in their databases until enforcement catches up.
No facial recognition. Clearview AI, PimEyes, FaceCheck.ID — none of these fall under DROP. Your face is indexed separately.
Removal is temporary. Brokers re-acquire your information from public records and social media within weeks. Your data comes back.
No vehicle surveillance. License plate readers, connected car data, DMV records — all outside scope.
What to Do Next
If you live in California, submit a DROP request. It is free and covers every registered broker. That is step one.
Step two: audit your facial recognition exposure. Search yourself on PimEyes, FaceCheck.ID, Google Lens, Yandex, TinEye. California residents can opt out of Clearview AI.
Step three: check vehicle exposure through DeFlock.me. Harden social media settings. Disable ad tracking. Strip EXIF metadata. Monitor for re-listing — because your data will reappear.
Not in California? Nineteen states now have deletion rights with varying scope. You can still opt out of major brokers manually — Spokeo, BeenVerified, WhitePages, Radaris. PimEyes opt-outs work regardless of state.
The Verdict
DROP is the strongest consumer privacy tool in the country. Use it. But it covers one category of exposure. Your face, your vehicle, your location data, your dating profiles — all outside its reach. One portal does not equal complete privacy.
— J. Daniel, Dark Scrub