Key Takeaways
- California’s DROP program allows residents to submit a single request to delete their data from registered data brokers.
- The platform is state-run and free to use.
- More than 500 registered brokers are notified when a deletion request is submitted.
- The law applies only to brokers registered in California.
What Happened
California’s DROP program, which stands for Delete Request and Opt-out Platform, went into effect on January 1, 2026. The program allows California residents to submit a data deletion request through a centralized online tool available at privacy.ca.gov. Users provide basic identifying information, such as their name, email address, and physical address, to initiate the request.
Once submitted, the request triggers a process that notifies more than 500 data brokers registered with the state and directs them to delete the requester’s personal information from their database. The program operates under the authority of the California Delete Act of 2023, which established the framework for such requests.
Although subscription-based services offering similar personal data deletion assistance already exist, those services are privately operated and often require payment. The DROP program provides a government-backed alternative at no cost.
Privacy and Governance Concerns
The DROP program streamlines the data deletion process. In many states, individuals must contact each data broker separately to request deletion. By contrast, California’s system provides a single state-run portal that allows residents to request data deletion from all brokers at once. However, the program applies only to data brokers registered in California. It does not automatically extend to brokers operating in other states or internationally.
Why It Matters / Policy Considerations
California’s DROP program represents a remarkable shift toward centralized consumer privacy enforcement at the state level. The program reduces procedural barriers and strengthens individual control over personal information.
The initiative also raises broader policy questions. Should similar centralized systems be adopted in other states? Is a national regulation needed to address cross-state data brokerage practices? And what monitoring mechanisms can be implemented to ensure that deletion requests are fully honored by brokers?
As states continue to introduce consumer privacy policies and frameworks, California’s approach may serve as a model for future data governance initiatives.
