New Jersey Regional Operations and Intelligence Center, "Reduce Online Exposure by 'Opting Out'," February 23, 2017. Unclassified/For Official Use Only.
National Security Archive
New Jersey’s 2017 ‘opt‑out’ memo exposes how data‑brokers turned personal records into a security liability for law‑enforcement, prompting a rare local‑level counter‑measure.
Source: New Jersey Regional Operations and Intelligence Center, "Reduce Online Exposure by 'Opting Out'," February 23, 2017. Unclassified/For Official Use Only. Date: Feb 23, 2017 Archive: Public Intelligence .
Editorial Analysis
Original analysis by the DriftSeas editorial desk. The complete primary-source document, transcribed from the National Security Archive scan, appears in full below.
A bureaucratic response to a digital threat
The February 23, 2017 memo from the New Jersey Regional Operations and Intelligence Center (ROIC) is a textbook example of how local law‑enforcement agencies tried to grapple with a problem that had exploded onto the national security agenda after the 2015–2016 wave of high‑profile terrorist attacks. By early 2017, the intelligence community was no longer talking only about the physical movement of foreign fighters; it was warning that extremist groups, most notably the Islamic State, were harvesting the personal data of police officers, judges and military personnel from the same commercial data‑brokering ecosystem that fuels targeted advertising. The ROIC’s “opt‑out” guidance is the concrete product of that warning, aimed at a narrowly defined audience—law‑enforcement, military and government officials in New Jersey—who were suddenly being listed on public‑record sites alongside ordinary citizens.
The memo’s context is clear: in late 2016 the Department of Homeland Security’s Office of Intelligence and Analysis issued an alert that ISIL had begun posting doxxed information on social‑media platforms, encouraging “lone‑wolf” attacks against U.S. officials. That alert spurred a cascade of inter‑agency memoranda, and the ROIC, part of the DHS‑wide Regional Operations and Intelligence Centers network, produced its own threat‑analysis product. The document is labeled “Unclassified//For Official Use Only,” a classification that reflects its operational sensitivity rather than any classified content. It was disseminated to New Jersey police chiefs, sheriff’s offices and the state’s homeland‑security apparatus, but it was never intended for public release—hence its later appearance in the National Security Archive’s digital collection.
The data‑broker ecosystem as a security vulnerability
What makes the memo noteworthy is its frank acknowledgement that the primary conduit for personal data is not a hostile hacker but a thriving commercial industry. The report lists a dozen data aggregators—LexisNexis, PeopleFinder, Spokeo and the like—describing them as “profit‑driven” entities that collect names, addresses, shopping habits and even IP addresses, then sell that information to anyone who pays. The language is deliberately sober: “Data brokers are not always legally obligated to remove your information,” the memo warns, underscoring the limited regulatory recourse available to victims.
The list of sites and the step‑by‑step “opt‑out” instructions reveal a paradox. To disappear from a data‑broker’s database, a public official must first prove their identity, often by submitting a copy of a driver’s license or a notarized form. In effect, the very act of protecting oneself can feed the broker additional data. The memo’s authors are aware of this trap, noting that “opt‑out is not a permanent solution” and urging continuous monitoring of one’s online footprint. This candid assessment reflects a broader shift in U.S. security thinking: the recognition that privacy erosion is a force multiplier for adversaries.
From local guidance to a national conversation
While the ROIC document is narrowly scoped, its themes echo across the country. Similar advisories appeared in California, Texas and Virginia during the same period, each echoing the same set of recommendations. The federal government, meanwhile, was wrestling with the question of whether existing privacy statutes—such as the Fair Credit Reporting Act—could be stretched to shield public officials from data‑broker exploitation. No legislative breakthrough emerged, but the memo contributed to a growing body of evidence that the private data market had become an inadvertent front line in the fight against terrorism.
The significance of the memo lies less in the specific URLs it lists—many of which have since changed or disappeared—and more in the institutional acknowledgment that the United States’ own information economy creates vulnerabilities for its security personnel. By codifying a set of “best practices,” the ROIC both empowered individual officials and signaled to data brokers that their practices were under scrutiny.
Legacy and relevance today
A half‑decade later, the concern expressed in the 2017 memo remains acute. Data‑broker aggregators have multiplied, and the rise of deep‑web people‑search services has made doxxing easier than ever. The federal government’s recent push for a “Data Privacy Act” at the congressional level echoes the same anxieties that prompted the ROIC’s guidance. Moreover, the memo foreshadows today’s debates over “digital hygiene” for public servants, a topic now covered in mandatory cybersecurity training across many agencies.
In short, the New Jersey ROIC’s “opt‑out” brief is a snapshot of a moment when local law‑enforcement, federal intelligence and the private data market collided. Its plain‑spoken warnings and pragmatic instructions reveal how a bureaucratic unit attempted to turn a sprawling, market‑driven privacy problem into a manageable operational task. The document’s endurance in the public record reminds us that the battle over personal data is not merely a technological contest—it is a security imperative that continues to shape policy and practice.
UNCLASSIFIED//FOR OFFICIAL USE ONLY Reduce Online Exposure by “Opting-Out” Information Report Office of the Regional Operations and Intelligence Center (ROIC) Threat Analysis Unit ~ ROIC201702-01702T Office of the ROIC SIN: NJ-TER-0300 (Events); NJ-TER-0400 (Groups/Individuals)/DHS SIN: HSEC 1, 6, and 8 23 February 2017
Key Findings: Law enforcement and public officials should take the following proactive steps to limit the amount of personally identifiable information (PII) that is accessible online. Cyber criminals and extremists, such as the self-proclaimed Islamic State of Iraq and the Levant (ISIL), capture personal information of law enforcement, military, and government officials, and then share it with their associates, encouraging both physical and virtual attacks. The Office of the ROIC Threat Analysis Unit, and the Cyber Threat Intelligence Unit, are providing these “opt-out” guidelines to reduce online exposure from websites that provide or sell PII.
Details:
- Data brokers profit from the sale of personal information, therefore, they will continue to expand their databases to generate revenue.
- Data brokers collect and store personal data such as: names, addresses, shopping habits, internet protocol addresses, and other meta-data.
- Data is stored and sold through multiple exchanges for various reasons.
- Law enforcement, dignitaries, military personnel, and government officials are vulnerable because data brokers share personal information with anyone willing to pay.
- “Opting-out” is not a permanent solution. Individuals must consistently monitor their online footprint to limit exposure.
- Data brokers are not always legally obligated to remove your information. Some sites attempt to collect PII during the “opt out” process, then redistribute it.
Recommendations for Law Enforcement, Military and Government Officials:
- The attached document contains links to commonly used websites that collect and/or store personal information, along with instructions to “opt-out”.
- The list is not comprehensive, but highlights the most popular data sources.
- Some sites require you to submit personal data in order to prove you are the person requesting to “opt-out”.
- Individuals may want to create a temporary or administrative email to communicate with data brokers.
Source: Open Source Reporting, NJ Cyber Threat Intelligence Unit Source Reliability: Reliable Dissemination: New Jersey Law Enforcement and Public Safety Partners Suspicious Activity Reporting: Suspicious activity with a possible nexus to terrorism should be reported immediately, per existing protocols. Activity can also be reported 24/7 to the NJ Office of Homeland Security and Preparedness, Counterterrorism Watch by phone: 866-4SAFENJ (866-472-3365) or email: tips@njohsp.gov.
Contact Information Any questions or suggestions about this product should be directed to the Office of the ROIC Threat Analysis Unit at (609)963-6900, ext. 2053, or NJROICthreat@nj.njsp.org.
(U) INFORMATION NOTICE: This product contains UNCLASSIFIED information that is FOR OFFICIAL USE ONLY (U//FOUO). Recipients should not release any portion of this product to the media, the public, or other personnel who do not have a valid need-to-know. UNCLASSIFIED//FOR OFFICIAL USE ONLY
UNCLASSIFIED//FOR OFFICIAL USE ONLY
| Data Sites | Website | Opt Out link | Notes |
|---|---|---|---|
| Lexis Nexis /Accurint /Choicepoint | http://www.accurint.com/ | https://optout.lexisnexis.com/oo.jsp | Partial opt out only. Complete form on opt out link. |
| Thomas Reuters / Clear | http://legalsolutions.thomsonreuters.com/law-products/ | http://static.legalsolutions.thomsonreuters.com/static/pdf/info_request_form.pdf | Partial opt out only. Complete form on opt out link (copy of identification required). |
| MyLife | https://www.mylife.com/ | No opt out link | Opt out by phone or email only. (888) 704-1900 or privacy@mylife.com |
| That's Them | https://thatsthem.com/ | https://thatsthem.com/optout | Complete form in opt out link. |
| Melissa Data | http://www.melissadata.com/ | No opt out available | No opt out available |
| Familytree | http://www.familytre enow.com/ | http://www.familytre enow.com/optout | Follow instructions in opt out link. |
| Radaris | http://radaris.com/ | http://radaris.com/page/how-to-remove | Open recovered Information link and click on arrow to the right of name and select "Control Information" next choose "Remove Information". |
| Truthfinder | https://www.truthfinder.com/ | https://www.truthfinder.com/opt-out/ | Complete form in opt out link. |
| Peoplespy | http://peoplespy.com/ | http://peoplespy.com/opt_out_form.pdf | Complete form on opt out link (copy of identification required / fax or postal mail only). |
| Been Verified | https://www.beenverified.com/ | https://www.beenverified.com/f/optout/search | Follow instructions in opt out link (email address required). |
| Intelius | https://www.intelius.com/ | https://www.intelius.com/optout | Complete form in opt out link (copy of Identification and email required). |
| PeekYou | http://www.peekyou.com/ | http://www.peekyou.com/about/contact/optout/index.php | Complete form in opt out link. |
| Peoplefinders / Public Records Now /Privite Eye | http://www.peoplefinders.com/ | http://www.peoplefinders.com/manage | Follow instructions in opt out link. |
PAGE 2 OF 4
UNCLASSIFIED//FOR OFFICIAL USE ONLY
UNCLASSIFIED//FOR OFFICIAL USE ONLY
| Data Sites | Website | Opt Out link | Notes |
|---|---|---|---|
| PeopleLookup | https://www.peoplelookup.com/ | https://www.peoplelookup.com/privacy.php | Follow instructions in opt out link under how to remove your information. Must submit an Identity Verification Form found in the opt out link (copy of identification and notary required). |
| Pipl | https://pipl.com/ | No opt out available | No opt out available |
| Peoplesmart /Snoop Station / Free Phone Tracer | https://www.peoplesmart.com/ | https://www.peoplesmart.com/optout-go | Follow instructions in opt out (email required). If you are not the person being opted out, or an immediate family member, People may require documentation that you are authorized to act on the person's behalf. |
| Reverse Genie | http://www.reversegenie.com/ | http://www.reversegenie.com/data_optout.php | Follow instructions in opt out link (Copy of identification required / fax or postal mail only). |
| SPOKEO | http://www.spokeo.com/ | http://www.spokeo.com/opt_out/new | Follow instructions in opt out link and enter URL of recovered information (email required). |
| USA-People-Search | https://www.usa-people-search.com/ | https://www.usa-people-search.com/manage/ | Follow instruction in opt out link. |
| USSearch | https://ussearch.com/ | https://www.ussearch.com/about/privacy | Follow instructions in opt out link under how to remove your information. Must submit an Identity Verification Form found in the opt out link (copy of identification and notary required). |
| ZabaSearch | http://www.zabasearch.com/ | http://www.zabasearch.com/privacy.php | Follow instructions in opt out link (Identification required / fax or postal mail only). |
PAGE 3 OF 4
UNCLASSIFIED//FOR OFFICIAL USE ONLY
UNCLASSIFIED//FOR OFFICIAL USE ONLY
The following websites aggregate their data from the websites listed above. Data removed from the above sites, will be removed from these sites as well.
| Data Sites | Website | Opt Out link | Notes |
|---|---|---|---|
| Anywho / Yellowpages | http://www.anywho.com/whitepages | http://www.anywho.com/help/privacy | Click "Remove Listing" on each recovered listing link. This will prompt to the removal form. (If multiple listings are present, removals for each link must be completed). *Info provided by Intelius |
| DexKnows | http://www.dexknows.com/ | No opt out available | No opt out available |
| LookupAnyone | https://www.lookupanyone.com/ | https://www.lookupanyone.com/privacy-faq.php#faq4 | Follow instructions in opt out link (Copy of identification required / fax only). |
| PhoneBook | http://www.phonebook.com/ | No opt out available | No opt out available. |
| PublicRecords | https://www.publicrecords.com/ | https://www.publicrecords.com/privacy | Follow instructions in opt out link (Identification required / fax or postal mail only). |
| Switchboard / Whitepages /411 | http://www.switchboard.com/ | No opt out available | No opt out available |
Social Media
| Data Sites | Website | Opt Out link | Notes |
|---|---|---|---|
| https://www.facebook.com | https://www.facebook.com/help/delete_account | Must be logged in, select "settings", click on link "Download a copy of your Facebook data". Then proceed to removal link. | |
| https://twitter.com | https://support.twitter.com/articles/15358# | Must be logged in, go to account settings and click deactivate my account, next click okay fine and enter your password. | |
| https://www.instagram.com | https://www.instagram.com/accounts/login/?next=%2Faccounts%2Fremove%2Frequest%2Fpermanent%2F | Click removal link and log in to account. Select "Why are you deleting your account" option. Click "Permanently delete my account". |
PAGE 4 OF 4
UNCLASSIFIED//FOR OFFICIAL USE ONLY
NATIONAL SECURITY ARCHIVE
National Security Archive, Suite 701, Gelman Library, The George Washington University, 2130 H Street, NW, Washington, D.C., 20037, Phone: 202/994-7000, Fax: 202/994-7005, nsarchiv@gwu.edu
Keywords
Sources & References
- [1]New Jersey Regional Operations and Intelligence Center, "Reduce Online Exposure by 'Opting Out'," February 23, 2017. Unclassified/For Official Use Only.
- [2]http://www.accurint.com/
- [3]https://optout.lexisnexis.com/oo.jsp
- [4]http://legalsolutions.thomsonreuters.com/law-products/
- [5]http://static.legalsolutions.thomsonreuters.com/static/pdf/info_request_form.pdf
- [6]https://www.mylife.com/
- [7]https://thatsthem.com/
- [8]https://thatsthem.com/optout
- [9]http://www.melissadata.com/
- [10]http://www.familytre
- [11]http://radaris.com/
- [12]http://radaris.com/page/how-to-remove