A Parent’s Guide to Kids’ Online Safety and Reputation

Your child has a digital footprint. They had one before they got a phone, before they posted on TikTok, and in many cases before they could read. Data brokers picked up their name from a property record, a school directory, or a relative’s social media post, and now that information is sitting on twenty different people-search sites where anyone with twelve dollars and a Wi-Fi connection can find your home address.

This parents’ guide to online safety walks through what data brokers collect on minors, where federal law (COPPA) falls short, what the new state laws (California’s DROP, Texas’s revised data broker act) let parents do, how to use the major platforms’ own removal tools, and which seven data broker sites cause the most damage and how to opt out of each. At the end, you will know whether a do-it-yourself approach is enough for your family or whether a paid service is worth it.

Key Takeaways

• A child’s name, home address, school, and relatives often appear on people-search sites by age 10, pulled from public records, parents’ social media, and resold app data. The Children’s Online Privacy Protection Act (COPPA) restricts what sites can collect from kids under 13, but most of the exposure parents see comes from outside COPPA’s reach.
• California’s Delete Request and Opt-out Platform (DROP), live since January 1, 2026, lets a parent submit one verifiable request that every California-registered data broker must process. Enforcement against brokers begins August 1, 2026. Texas does not have a one-click portal yet, but the Texas Data Privacy and Security Act gives families a per-business right to demand deletion.
• Google has two separate removal tools every parent should know: the “Results About You” dashboard, which monitors search results for personal contact information, and a standalone form for removing images of anyone under 18.
• Seven people-search sites account for most of the kid-related listings parents will encounter: Spokeo, Whitepages, BeenVerified, Radaris, Intelius, TruePeopleSearch, and FamilyTreeNow. Each has its own opt-out flow. Removals are not permanent and typically need to be redone every few months.
• For families with exposure on 20 or more sites, ongoing risk (a public-figure parent, a custody situation, a doxxing target), or no time to manage opt-outs manually, a professional data broker removal service handles the re-list cycle on a continuous basis to ensure kids’ online safety.

What Data Brokers Actually Collect on Minors and How They Get It

Data brokers collect kids’ full names, dates of birth, home addresses, school names, household income proxies, names of parents and siblings, photos, and behavioral profiles assembled from app, game, and education-software activity. Most parents are surprised by how comprehensive the profile is and by how little the child themselves did to create it.

The collection paths fall into four buckets.

Public Records

Public records come first. Birth records, court records, school enrollment lists, and county property records are all aggregated by brokers and matched to household members. When a parent buys a house, the county recorder publishes the deed. Within weeks, sites like Spokeo and Whitepages will list the deed-holder along with everyone living at that address, including minors.

Sharenting

“Sharenting” is the term researchers use for the photos, milestones, and details parents share about their own kids on social media. Birthday posts, first-day-of-school photos, family vacation check-ins, and graduation announcements all become permanent metadata. The kid did not consent, and in most cases cannot retroactively remove what a parent posted before they had an account of their own.

App and Game Data

Resold app and game data is the third source. The Washington Post reported on research finding that nearly 90 percent of education apps and websites send data they collect to ad-technology firms, which then use that data to estimate a child’s interests for ad targeting. Many of these apps are used in classrooms, which puts the data flow outside the parents’ direct consent in any practical sense.

School Apps and Vendors

School ed-tech and third-party vendors round out the picture. Learning platforms, single-sign-on tools, lunch-payment apps, and bus-tracking services all collect student data, and the privacy policies are often layered through three or four corporate parents.

A 2024 U.S. Senate Permanent Subcommittee on Investigations hearing documented data broker datasets explicitly aggregated by minor age range and household demographic. That data is bought by advertisers, debt collectors, lead-generation companies, and, in some cases, foreign governments.

The downstream risk is concrete. According to a 2021 Javelin Strategy and Research study cited by Security.org, 1 in 50 U.S. children become victims of identity theft every year. That figure is the most current authoritative estimate available, though the underlying study is now several years old. Kids are higher-value targets than adults because their Social Security numbers are unused, and the theft can go undetected until they apply for a credit card at 18 or a student loan at 17.

The COPPA Framework and What It Doesn’t Cover

The Children’s Online Privacy Protection Act (COPPA), enforced by the Federal Trade Commission, requires websites and online services directed at children under 13 to get verifiable parental consent before collecting personal information. The FTC has used COPPA to bring multi-million dollar enforcement actions against TikTok, YouTube, Epic Games, and others. Within its scope, COPPA works. The problem is that the scope is narrow.

Four gaps account for most of the exposure parents will find on a kid’s digital trail.

The Age Cliff: COPPA stops at 13. The day a child turns 13, federal privacy protections drop off, and there is no federal baseline privacy law for teenagers. Research from screen-time and child-safety researchers consistently shows that the most active social media years for kids are exactly the years COPPA no longer applies.

Sharenting: COPPA regulates what companies collect from children. It does not regulate what parents themselves post about their children. Photos parents upload, birthday tags, and “first day of school” captions all become part of the kid’s permanent digital record and feed the broker industry.

Public Records: COPPA cannot pull back information that is already a matter of public record. Court filings, property deeds, school directories, and youth sports team rosters that get scraped into broker databases are all outside the statute’s reach.

Enforcement Timing: COPPA is reactive. The FTC investigates and sues after a company is caught violating the rule. By that point, the data is already brokered, sold, and copied to dozens of secondary aggregators. Settlements typically require future compliance and sometimes restitution, but they rarely require the broker network downstream to delete what it bought.

The FTC finalized updates to the COPPA Rule in early 2025 that require separate verifiable parental consent for the use of children’s data in targeted advertising and tighten requirements for data retention and deletion. Those updates strengthen the rule, but they do not change its scope.

At the federal level, the Kids Online Safety Act (KOSA) has been reintroduced and debated for several Congresses now. As of mid-2026, KOSA has passed the Senate but has not become law. Parents should not wait for federal action. The practical tools, state delete laws, platform removal forms, and credit freezes are available right now.

State-Level Remedies: California DROP, Texas, and What’s Coming Next

Where federal law is thin, four states have enacted data broker laws that give parents and consumers the right to demand content removal and learn more about how to protect kids online. California’s mechanism is the most powerful, and it works for families anywhere in the country if a parent or child is a California resident.

California: The Delete Request and Opt-out Platform (DROP)

California’s Delete Act, signed in 2023, required the California Privacy Protection Agency (CPPA) to build a single portal where any California resident could submit one request that every registered data broker must honor. That portal, called DROP (Delete Request and Opt-out Platform), launched on January 1, 2026, at privacy.ca.gov/drop.

Starting August 1, 2026, every data broker registered in California must check DROP at least every 45 days and delete the personal information of consumers who have submitted a verifiable request, subject to limited statutory exceptions.

For a parent acting on a child’s behalf, the process is straightforward but requires more verification than an adult acting on their own. A California resident may submit a DROP request for a child. The CPPA may require the parent to verify identity with a government-issued ID and, in some cases, a phone or video call with a CPPA-trained reviewer.

The functional benefit is real. A single submission reaches every registered broker. The catch is that DROP only binds brokers that have registered with CPPA. A broker headquartered overseas or one that ignores the registration requirement may still surface a kid’s data.

Texas: TDPSA and the Amended Data Broker Act

Texas does not have a centralized delete portal. It has two related statutes that work in tandem.

The Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024, gives every Texas resident the right to access, correct, and delete personal data held by a business that meets the law’s thresholds. Businesses must respond to a verified request within 45 days. The TDPSA also requires opt-in consent before a business processes sensitive data from a known child.

The Texas Data Broker Act, originally enacted in 2023 and amended by SB 2121 and SB 1343 in 2025 (effective September 1, 2025), requires data brokers to register annually with the Texas Secretary of State. The 2025 amendments broadened the definition of “data broker” to include businesses that process third-party data even without reselling it. The amendments also require brokers to tell consumers how to exercise their privacy rights under the TDPSA.

For a Texas parent, the practical workflow is per-business: identify the broker, submit a verified deletion request through the contact channel listed in the broker’s privacy policy, and file a complaint with the Texas Attorney General’s Consumer Protection Division if the broker does not comply within 45 days. There is no one-click option yet.

Vermont, Oregon, and the Broader Trend

Vermont was the first state to require data brokers to register, back in 2018, and Oregon followed in 2024. Neither state has a one-click delete portal of the kind California now operates. Several other states have considered similar legislation, and a federal “DELETE Act” has been introduced in successive Congresses. Whether the federal version becomes law during the current administration is an open question.

What State Law Cannot Do

State laws bind brokers that operate in those states. A broker that ignores registration, operates from overseas, or claims an exemption (for example, news media or public records aggregators sometimes argue they are exempt) may still surface a kid’s data. State law gets a family most of the way. Platform tools and direct opt-outs cover the rest.

Platform-by-Platform: Removing Your Child’s Information from the Big Sites

Every major platform has at least one removal pathway specifically for content involving a minor. These forms are not advertised, and most parents do not know they exist. The summaries below are current as of May 2026. Each platform updates its forms periodically, so verify the URL on the platform’s own help center before submitting.

Google: Results About You and the Minor Image Form

Google has two separate tools that parents should understand as different products.

Results About You is a privacy dashboard inside a Google account, available here. It scans Google Search for results containing the account holder’s contact details (phone number, email, home address) and lets the account holder request removal of specific results. Google redesigned the tool in early 2025 and added monitoring for government ID numbers in February 2026. For an account in a teen’s own name, Results About You is the fastest first stop.

The minor image form is separate and does not require the child to have a Google account. From a Google image result of anyone under 18, a parent or the child can click the three-dot menu and select “Remove result,” choose the minor option, and submit. Google evaluates the request and, if approved, removes the image from Google’s search results. The source page on the underlying website is unaffected, so the image may still appear if someone navigates to the site directly.

For sensitive cases involving non-consensual sexual content of a minor, Google has a dedicated escalation path. Parents should also report the underlying content to the National Center for Missing and Exploited Children CyberTipline.

Facebook and Instagram (Meta)

Meta applies more restrictive privacy defaults to accounts owned by users under 16, including private-by-default settings and stricter messaging permissions. Those defaults assume the account holder accurately stated their age.

For content that needs to come down, Meta’s Help Center has dedicated forms for reporting child sexual abuse material, for reporting non-consensual intimate imagery, and for general privacy violations involving a minor. From an offending post or photo, parents can use the three-dot menu and select “Report” to start the flow. Removal for clear-cut policy violations is typically quick. Cases that require judgment can take days.

The Facebook “Privacy Checkup” tool inside the account settings is worth running periodically on any account a child controls or one that has photos of the child.

TikTok

TikTok offers a Family Pairing feature that lets a parent link their account to a child’s account and adjust direct-message permissions, screen-time limits, and content filters. Family Pairing is opt-in by the child, which means it works best when negotiated rather than imposed.

For content removal, TikTok’s Safety Center has a youth-safety reporting form. The platform also has a dedicated form for requesting the removal of videos that show a minor in a way the parent did not consent to.

Snapchat

Snapchat’s Family Center, available inside the app under Settings, lets a parent see who their teen is messaging without revealing message content. Parents can also report posts or stories from inside the app using the report flag.

Removal of saved Stories or Spotlight content involving a minor follows Snap’s general content-violation flow. A direct removal request can be made through Snap’s privacy form.

YouTube

YouTube’s standalone Privacy Complaint Process covers videos that identify a minor without consent. Submitting requires the URL of the video, the timestamp where the minor appears, and a description of the harm. YouTube evaluates and removes when the request meets its policy.

For families with younger children, YouTube Kids and the supervised account experience for older kids are separate products with their own controls.

X (Formerly Twitter)

X has a “private information” reporting flow that covers home addresses, contact information, and images posted without consent. The escalation route for content depicting a minor sits inside the broader child safety reporting flow.

Reddit

Reddit’s privacy-violation reporting platform has a specific minor-content escalation route and a separate flow for reports involving non-consensual imagery. Reddit is also subject to DMCA takedowns for copyrighted content, including original photos.

What every platform removal has in common is that the platform removes content it hosts. Data already copied onto third-party sites is unaffected. Platform removal is necessary, but for any case that touches a data broker, it is only step one.

The Worst Data Broker Sites for Kids’ Information: A Triage List

Of the hundreds of people-search and data broker sites that aggregate U.S. consumer data, seven account for most of the kid-related listings parents encounter. The list below is ranked by frequency of appearance in parent-submitted opt-out queues and by severity of the data each site exposes. Removal is free in every case if a parent does it themselves. Each site re-lists data on a different cadence, so plan to recheck every site quarterly.

1. Spokeo

Spokeo aggregates names, current and past addresses, phone numbers, household member names, and age information. It is one of the most visible people-search sites in Google results.

Opt-out here:spokeo.com/optout

Spokeo asks for the URL of the profile and an email address for confirmation. Removal usually completes within a few days. Re-listing typically occurs within 30 to 90 days as Spokeo refreshes from its underlying public-record sources. Difficulty: easy.

Review our step-by-step Spokeo opt-out instructions for more information.

2. Whitepages

Whitepages shows full names, age range, phone numbers, current and past addresses, and household relatives. Family members of a child, including the child’s own name in some cases, often appear in the same profile.

Opt-out here:whitepages.com/suppression_requests

The form requires a profile URL, an email, and a phone verification step. Removal typically takes 24 to 48 hours. Re-listing happens roughly every 60 to 90 days. Difficulty: easy.

Review our complete Whitepages removal guide for more information.

3. BeenVerified

BeenVerified aggregates names, addresses, phone numbers, relatives, and sometimes social media handles. It also operates several sister sites that share the same database.

Opt-out here: beenverified.com/app/optout/search.

Search for the profile, claim it via an email verification link, and the listing is suppressed. Removal completes in a day or two. Re-listing occurs every few months. Difficulty: easy.

Review our BeenVerified opt-out walkthrough for more information.

4. Radaris

Radaris pulls together names, addresses, relatives, and in some cases a photo composite assembled from public sources. It is more aggressive than most about re-listing after a removal.

Opt-out here: radaris.com/control/privacy

The form requires the profile URL and an email. Radaris will email a confirmation link that must be clicked. Removal typically takes 48 hours. Re-listing can happen within 30 to 60 days. Difficulty: moderate.

Review our Radaris removal step-by-step guide for more information.

5. Intelius

Intelius is one of the older people-search engines and shares data with several sister brands (PeopleFinders, USSearch, ZabaSearch). Removing from Intelius does not automatically remove from the sister sites; each must be opted out of separately.

Opt-out here:suppression.peopleconnect.us

The form requires a photo of a government-issued ID with everything but the name and photo redacted. Removal typically completes in 72 hours. Re-listing follows a quarterly pattern. Difficulty: moderate.

Review our Intelius opt-out walkthrough for more information.

6. TruePeopleSearch

TruePeopleSearch is notable for how much it exposes for free and how aggressively it surfaces relatives. A child’s full name often appears within a parent’s profile.

Opt-out here:truepeoplesearch.com/removal

The form asks for the profile URL, an email, and a captcha. Removal usually completes within 24 hours. Re-listing typically takes 2 to 4 months. Difficulty: easy.

Review our TruePeopleSearch opt-out guide for more information.

7. FamilyTreeNow

FamilyTreeNow positions itself as a genealogy site but operates as a people-search aggregator. Its profiles surface full names, ages, addresses, and detailed family relationships, including minor children listed as “possible relatives.”

Opt-out here: familytreenow.com/optout

The form requires only the profile URL and a captcha. Removal typically completes within a day. Re-listing patterns are inconsistent. Difficulty: easy.

Review our FamilyTreeNow removal guide for more information.

An Honest Disclaimer About Data Broker Removal

Data broker removal is not a one-time fix. Every site on this list rebuilds its database from underlying public records (county recorder data, voter rolls, property transactions, court filings) on a continuous basis. A name removed in May will often re-list by August. Maintaining a clean record requires either a recurring DIY routine or a service that monitors and resubmits opt-outs on the family’s behalf.

Child Identity Theft: The Credit Freeze Every Parent Should Place

Every parent of a child under 16 can place a free security freeze on the child’s credit file at all three major credit bureaus. The freeze prevents anyone, including the parent in the future, from opening a new line of credit in the child’s name until it is lifted. It is the single most effective preventive measure against child identity theft, and it costs nothing.

The freeze blocks new credit accounts but does not remove information already on data broker sites. A freeze and a data broker opt-out work on different problems and together provide layered protection.

To place a freeze, contact each of the three bureaus separately. Each accepts requests by mail and, in most cases, online.

Experian: Required documents include the parent’s government-issued ID, proof of address (utility bill or insurance statement), the child’s Social Security card, the child’s birth certificate, and proof of guardianship for non-parents. Make a request here: http://experian.com/help/minor-request

Equifax: The minor freeze flow requires the same documents. Make a request here: equifax.com/personal/credit-report-services/credit-freeze

TransUnion: TransUnion offers a specific “protected consumer freeze” for minors and dependents. Make a request here: https://www.transunion.com/credit-freeze/credit-freeze-faq#freeze-other-minor

If a child’s identity has already been stolen, the response sequence is to contact each bureau’s fraud department to dispute the fraudulent accounts, file an FTC report at IdentityTheft.gov (the report number will be required by creditors and law enforcement), file a local police report, and contact the IRS if there has been tax-related fraud.

The FTC’s consumer advice page has step-by-step recovery instructions if the worst has already happened.

DIY vs. a Removal Service: A Decision Framework for Parents

Doing it yourself works when the family has time, the kid’s data appears on fewer than five to ten sites, and the family lives in a state with a delete law (especially California, where a single DROP submission reaches every registered broker).

A paid service makes sense when data appears on twenty or more sites, when re-listing keeps happening faster than the family can keep up, or when the family includes a member at elevated risk of being targeted: a public figure, a domestic violence survivor, an attorney or judge, a physician, or a family in the middle of a custody dispute.

Use the following decision points to choose.

How many sites have your child’s information?

Run a search for the child’s full name in quotes plus the family’s city. Count how many people-search results appear in the first five pages. Under ten sites, DIY is realistic. Over twenty sites, a service will save dozens of hours per quarter.

Where do you live?

A California family can use DROP for free, and that single submission covers a large portion of the registered broker universe. A Texas family has the TDPSA right to delete but no single portal. Families in states without a delete law need to work site by site, and a service amortizes the cost of doing that work continuously.

How much time can you allocate?

Active DIY data broker removal takes roughly three to six hours per month: an initial removal sweep, quarterly re-submissions for sites that re-list, and ongoing Google search auditing. A reputable service charges between a few hundred and a few thousand dollars per year, depending on scope, and replaces that monthly time investment.

What is your family’s risk profile?

Most families face routine background-noise exposure: random people-search listings, occasional spam from data aggregators. Families with a public profile, an active stalker or harasser, a custody battle, or a recent doxxing incident face a different problem, where speed and continuous monitoring matter more than checkbox compliance with privacy law.

The mainstream consumer services (DeleteMe, Incogni, Aura, Kanary) all run automated opt-out submissions across a published list of brokers. They differ in pricing, coverage breadth, and reporting. NetReputation’s Internet Privacy program is built for families and individuals who want a U.S.-based team handling not just opt-outs but escalations when a broker refuses or re-lists aggressively, including legal-letter follow-ups under the California Delete Act, the Texas TDPSA, and applicable state mugshot statutes.

What no service can do is remove information that the child or a family member has voluntarily posted publicly. That requires the platform tools covered earlier in this guide, or in extreme cases, professional reputation management that combines content suppression with takedown work.

Monitoring for Re-Listing Without Spyware on Your Kid’s Phone

Monitoring a child’s online presence is not the same as monitoring the child. The goal is to track what the internet says about the kid, not to surveil what the kid is doing. The two answer different questions, and confusing them is how parents end up with high-powered surveillance tools they did not need and the kid’s data still on Spokeo.

Three habits cover most families without spyware.

Set a Google Alert

This tool creates alerts for the child’s full name, the child’s name plus the family’s city, and any common misspellings of the child’s name. Google emails when a new search result matching the query appears. Alerts catch new listings on news sites, school directories, and (less reliably) data broker pages.

Audit Google Search Once a Quarter

Open an incognito browser window, search the child’s full name in quotes, then again with the family’s city, and again as an Image Search. Note any new people-search listings, any unexpected social media profiles, any photos that should not be there. The quarterly cadence catches re-listings before they accumulate.

Re-Check the Worst Data Broker Sites

The seven sites listed earlier do most of the damage. Visiting each one quarterly and confirming the prior removal is still in place takes 20 minutes total.

When the family is dealing with active targeting, a custody dispute, an unusual name that surfaces few false positives, or a busy schedule that makes quarterly audits unrealistic, paid monitoring is worth its cost. NetReputation’s individual internet monitoring service watches a name across search engines, social media, news, blogs, and review sites and flags new threats in close to real time, so a parent does not have to remember to run the audit.

A separate category of tools (Bark, Aura Parental Controls, Net Nanny, Qustodio) monitors what the child is doing on their device: which apps they open, what they search, and who they message. Those tools are useful for families that want device-level safety, but they do not address the data broker problem. Choose the tool that fits the question.

When Your Child Is Already Affected: A 48-Hour Response Plan

If a parent finds harmful content already live, a leaked photo, a defamatory post, or an exposed home address on a stalker-aligned site, the first 48 hours matter more than the next 48 days. Acting fast on platform takedowns and credit protection prevents the situation from compounding while the longer removal work begins.

Hours 1 to 6: Contain

Take screenshots of every offending post or listing, including the URL and timestamp visible in the screenshot. Do not engage publicly or respond to the poster. Secure the child’s accounts: rotate passwords, turn on two-factor authentication, sign out of any device the child no longer controls.

Hours 6 to 24: Submit Takedowns

Use the platform forms in the platform section above for any content hosted by a social or video platform. For images of a minor in Google search results, submit through Google’s minor image form. For exposed personal information on people-search sites, submit opt-outs to the top three sites where the data appears first.

Hours 24 to 48: Escalate

If the situation involves threats, sextortion, doxxing, or stalking, contact local law enforcement and file a report with the FBI’s Internet Crime Complaint Center at ic3.gov. For exploitation or imagery of a minor, contact the National Center for Missing & Exploited Children CyberTipline at cybertipline.org. If financial identity theft is involved, file a report at IdentityTheft.gov and place credit freezes at all three bureaus if they are not already in place.

A professional reputation firm earns its retainer in cases where content is spreading across multiple sites, where removal requires legal escalation, or where the family does not have the bandwidth to manage a multi-channel response. NetReputation’s personal reputation management team has handled cases involving leaked content, defamation, doxxing, and harassment that required coordinated takedown, suppression, and in some cases legal coordination.

Documentation matters. The screenshots taken in hour one will be requested by law enforcement, by platform appeals boards, and by any attorney the family hires. Save everything in a single folder, organized by date, before the offending content is taken down and disappears from the parents’ evidence trail.

Frequently Asked Questions

Does COPPA protect teenagers?

No. The Children’s Online Privacy Protection Act applies only to children under 13. Once a child turns 13, federal privacy protections drop off. There is no federal baseline privacy law for teenagers in the United States. State laws in California, Texas, Virginia, Colorado, Connecticut, Utah, and a handful of others provide some teen-applicable rights, and the proposed federal Kids Online Safety Act would extend certain protections to minors up to 17, but as of mid-2026, KOSA has not become law.

What is California DROP and can a parent use it for a child?

DROP, the Delete Request and Opt-out Platform, is a California Privacy Protection Agency portal at privacy.ca.gov/drop that lets a California resident submit one verifiable request to delete personal information from every data broker registered in California. Yes, a parent or guardian may submit a DROP request on behalf of a child who is a California resident. The CPPA may require additional verification, including a government-issued ID and possibly a phone or video call with an agency-trained reviewer.

How do I remove my child’s image from Google search?

Use Google’s dedicated minor image removal form. From the offending image in Google search results, click the three-dot menu, select “Remove result,” choose the option indicating the image shows a minor, and submit. The form does not require the child to have a Google account. Google will evaluate the request and, if approved, remove the image from search results within a few days. The image will remain on the source website unless the website operator removes it; for that, contact the site directly or escalate through professional reputation management.

How do I find what data brokers have on my child?

Search Google for the child’s full name in quotes, then again with the family’s city. Note every people-search and data broker result on the first five pages. Visit Privacy Rights Clearinghouse at privacyrights.org/data-brokers for a comprehensive directory of registered brokers. For a California resident, the public data broker registry at CPPA shows every broker that has registered with the state. Each broker that appears for the child’s name has its own opt-out flow; the seven highest-priority sites are covered in the data broker section of this guide.

Is it legal to remove a child’s information from data broker sites?

Yes. Federal and state laws explicitly give consumers, and parents acting on behalf of minors, the right to request deletion. Data brokers in California, Texas, Vermont, and Oregon are legally required to honor verified deletion requests under their respective state statutes. Brokers in other states often honor requests as well, partly because the patchwork of state laws makes it easier to comply universally than to track who is covered where.

How long does it take to remove a child from data broker sites?

Individual removals at most major people-search sites complete within 24 to 72 hours. A coordinated removal across the top seven sites typically takes one to two weeks, including the verification steps each site requires. Re-listing begins within 30 to 90 days for most sites, which is why monitoring and quarterly re-submission are required. A professional service compresses the initial cleanup and replaces the quarterly maintenance work with ongoing automation.

Should I freeze my child’s credit?

Yes, every parent of a child under 16 should place a security freeze on the child’s credit file at all three major bureaus. It is free, it is permanent until the parent lifts it, and it is the single most effective preventive measure against child identity theft. The freeze blocks anyone from opening a new credit account in the child’s name. It does not remove data already on broker sites, so a credit freeze and a data broker opt-out solve different parts of the same problem.

1 in 50 U.S. children fall victim to identity theft every year, according to the 2021 Javelin Strategy & Research Child Identity Fraud Study cited by Security.org. This figure remains the most recent authoritative estimate and is the figure used by federal and state consumer protection agencies.

This article provides general information and is not legal advice. Parents facing custody disputes, defamation, harassment, or other situations with legal implications should consult an attorney licensed in their state. NetReputation’s reputation management and internet privacy services are designed to reduce a family’s exposure but cannot guarantee specific search engine outcomes. Results vary by case.