Incogni Review: Automated Data‑Broker Removal Service Promises Quick PII Erasure
What Happened — Incogni, a privacy‑focused startup spun out of Surfshark in 2021, offers an automated “one‑click” workflow that contacts dozens of data‑brokers and people‑search sites to delete a user’s personally identifiable information (PII). ZDNet’s March 2026 review confirms the service can complete the onboarding and removal process in seconds, while noting a few feature gaps versus competing products.
Why It Matters for TPRM —
- Data‑broker exposure creates downstream compliance, litigation, and brand‑reputation risks for any organization that outsources PII handling.
- An effective removal service can reduce the attack surface of exposed personal data, but gaps may leave residual records that still violate GDPR, CCPA, or sector‑specific privacy mandates.
- Understanding the tool’s capabilities helps third‑party risk managers decide whether to endorse it as a supplemental privacy‑control for vendors or employees.
Who Is Affected — All industries that collect, store, or transmit PII and rely on third‑party data‑brokers, especially FIN_SERV, HEALTH_LIFE, TECH_SAAS, and RETAIL_ECOM.
Recommended Actions —
- Audit existing contracts with data‑broker vendors for explicit data‑deletion obligations.
- Verify that any PII‑scrubbing service (including Incogni) aligns with your organization’s GDPR, CCPA, and other privacy frameworks.
- Conduct a limited pilot to measure actual removal rates and residual exposure before rolling out enterprise‑wide.
Technical Notes — Incogni uses an automated request engine that submits deletion requests to a curated list of data‑brokers; no public CVEs or exploit vectors are involved. The service targets PII such as name, address, phone, and email that data‑brokers collect without explicit consent. Source: ZDNet Review