How does GhostVault stop spam calls?

Americans received 52.5 billion robocalls in 2025, according to the YouMail Robocall Index. Spam callers source phone numbers primarily from data broker sites that aggregate and sell personal information. GhostVault removes your phone number, home address, and personal details from 500+ data broker and people-search sites — cutting off the supply chain that feeds spam callers. Most users report a significant reduction in spam calls within 30–60 days of removal.

Can GhostVault prevent identity theft?

Yes. The FTC received 1.1 million identity theft reports in 2024, with total consumer fraud losses hitting $12.5 billion — a 25% increase over the prior year (FTC Consumer Sentinel Network Data Book 2024). Identity thieves routinely use data broker sites to obtain personal details — full name, address, phone number, relatives, and employment history — before committing fraud. GhostVault removes this data from 500+ broker sites and monitors for reappearance, materially reducing the personal information available to bad actors.

How long does it take to remove my information?

GhostVault's scan delivers results instantly — no waiting period. Automated CCPA deletion requests are sent to data brokers immediately upon subscription. Under the California Consumer Privacy Act, brokers are legally required to process deletion requests within 45 days. In practice, most major brokers (Spokeo, Whitepages, BeenVerified) remove listings within 7–14 days. GhostVault monitors your listings continuously and re-submits removal requests whenever your data reappears.

Which data broker sites does GhostVault remove me from?

GhostVault targets 500+ data broker and people-search sites — more than double the coverage of most competitors. This includes all major brokers: Spokeo, Whitepages, BeenVerified, TruePeopleSearch, Intelius, Radaris, PeopleFinders, MyLife, FastPeopleSearch, Nuwber, PeopleLooker, and hundreds of smaller aggregators and resellers. The global data broker market was valued at approximately $277–$303 billion in 2024, according to multiple industry research firms including Grand View Research and ResearchAndMarkets, making comprehensive removal coverage essential.

Is the scan really free?

Yes. GhostVault's exposure scan is completely free — no credit card, no account required. The scan checks your name against 500+ data broker databases and returns a detailed report showing exactly which sites have your phone number, home address, relatives, and other personal information. Paid removal starts at $3.99/month, making GhostVault the most affordable full-coverage data removal service available in 2026.

How much does GhostVault cost?

GhostVault costs $3.99/month on a monthly plan, or $39/year ($3.25/month) on the annual plan. This makes it the lowest-priced comprehensive data removal service in the market — cheaper than Incogni ($6.49/month annual), OneRep ($8.33/month annual), DeleteMe ($10.75/month annual), and PrivacyDuck ($8.25/month annual). All plans include unlimited removal requests, continuous monitoring, and breach alerts.

What rights does the Montana Consumer Data Privacy Act (MCDPA) give residents?

The MCDPA gives Montana residents the right to access their personal data, correct inaccuracies, delete personal data, obtain a portable copy, and opt out of targeted advertising, the sale of personal data, and profiling for significant decisions. It took effect October 1, 2024 and applies with one of the lowest consumer thresholds of any state privacy law.

Montana Data Privacy Law (MCDPA): What Montana Residents Need to Know

Montana's Montana Consumer Data Privacy Act (MCDPA) took effect on October 1, 2024. The law is worth paying attention to for one specific reason: it treats personal data of teenagers ages 13 to 16 as sensitive data, a higher bar than most comparable state laws. Here is what Montana residents need to know about their privacy rights.

What Is the Montana Consumer Data Privacy Act?

Governor Greg Gianforte signed the Montana Consumer Data Privacy Act into law on May 22, 2023. The law became effective October 1, 2024, giving businesses approximately 16 months to achieve compliance. Montana was among the first states to pass comprehensive privacy legislation in the second wave of state laws that took effect in 2024.

The MCDPA applies to businesses that conduct business in Montana or produce products or services targeted to Montana residents, and during the prior calendar year either: controlled or processed personal data of at least 50,000 Montana consumers, excluding data processed solely for completing a payment transaction; or controlled or processed personal data of at least 25,000 Montana consumers and derived more than 25% of gross revenue from the sale of personal data.

Montana has a population of approximately 1.1 million, so a 50,000-consumer threshold covers roughly 4.5% of the state's residents. There is no standalone revenue floor, meaning businesses of any size that meet the data volume thresholds must comply — unlike Utah's law, which requires $25 million annual revenue.

Your Rights Under the MCDPA

Montana residents have five enforceable data privacy rights under the MCDPA:

Your 5 Rights Under the MCDPA

Right to Access: Confirm whether a controller is processing your personal data and obtain a copy of that data in a portable, readily usable format. The controller must also provide information about the categories of personal data processed and the purposes of processing.
Right to Correct: Request that a controller correct inaccuracies in your personal data, taking into account the nature of the data and the processing purpose.
Right to Delete: Request deletion of personal data provided by or obtained about you. Controllers must delete the personal data and instruct their processors to do the same, subject to standard exceptions.
Right to Data Portability: Obtain your personal data in a portable format so you can transmit it to another controller without hindrance.
Right to Opt Out: Opt out of the processing of your personal data for purposes of targeted advertising, sale of personal data, or profiling used in furtherance of decisions with significant legal or practical effects. The opt-out right also extends to universal opt-out mechanisms such as browser-based signals.

Controllers covered by the MCDPA must respond to authenticated consumer rights requests within 45 days, extendable by an additional 45 days with proper advance notice. Consumers may submit requests free of charge; businesses may charge a reasonable fee for manifestly unfounded or excessive requests. Retaliation for exercising privacy rights is explicitly prohibited.

Montana's Expanded Protections for Teenagers

One of the most concrete differences in Montana's MCDPA is its treatment of data related to consumers between ages 13 and 16. Under the MCDPA, personal data of individuals known to be in this age range is classified as sensitive data, requiring opt-in consent before processing for targeted advertising and data sales.

Most state privacy laws draw the sensitive-data line at age 13 — the threshold established by the federal Children's Online Privacy Protection Act (COPPA). Montana goes further, treating 14-, 15-, and 16-year-olds' data as sensitive. Businesses cannot sell the personal data of 13-to-16-year-old Montana residents or use it for targeted advertising without first obtaining their affirmative consent.

How the MCDPA Compares to CCPA

Feature	CCPA (California)	MCDPA (Montana)
Consumer threshold	100,000 consumers OR $25M revenue	50,000 consumers OR 25,000 + 25% data revenue (no revenue floor)
Teen data protections	Under-16 opt-in for data sales	Ages 13-16 treated as sensitive data
Universal opt-out signal	Required (GPC)	Required
Private right of action	Limited (data breaches)	None — AG enforcement only
Cure period	None after Jan 2023	60 days to cure
Max penalty	$7,500 intentional violations	$7,500 per violation
Response deadline	45 days (extendable 45)	45 days (extendable 45)

What Data Brokers Must Do Under the MCDPA

Data controllers covered by Montana's MCDPA must fulfill these compliance obligations:

Publish a clear, accessible privacy notice describing the categories of personal data processed, the purposes of processing, consumer rights and how to exercise them, the categories of data shared with third parties, and whether personal data is sold or used for targeted advertising.
Honor universal opt-out signals including browser-based signals like the Global Privacy Control. When a consumer uses a browser or device with a recognized opt-out signal, covered Montana businesses must treat it as a valid opt-out of data sales and targeted advertising.
Obtain opt-in consent before processing sensitive data, including data concerning racial or ethnic origin, religious beliefs, mental or physical health, sexual orientation, citizenship status, biometric data, precise geolocation, and — uniquely — personal data of individuals known to be between 13 and 16 years of age.
Conduct data protection assessments for high-risk processing activities, including targeted advertising, sale of personal data, and profiling for significant decisions. These assessments must be made available to the Montana AG upon request.
Process deletion requests within 45 days and instruct processors to delete the same personal data. Standard exceptions apply for legal compliance, ongoing transactions, and security purposes.
Provide an appeals mechanism for denied consumer requests. If an appeal is denied, the controller must provide information about how the consumer can submit a complaint to the Montana Attorney General.

Step-by-Step: How to Submit an MCDPA Deletion Request

1. Enable Global Privacy Control in your browser. Montana businesses must honor universal opt-out signals. Enable GPC in Firefox (Settings > Privacy and Security > Tell websites not to sell or share my data) or use Brave, which enables GPC by default. Your browser will automatically assert opt-out rights on covered sites.
2. Find the data broker's privacy notice. Check the site footer for "Privacy Policy," "Montana Privacy Rights," or "Your Privacy Rights." The MCDPA requires this to be clearly accessible. If you cannot locate it, search "[company name] Montana privacy request" or "[company name] opt out."
3. Submit your deletion request. Use the company's designated request mechanism — web form, email, or phone. State that you are a Montana resident exercising your rights under the Montana Consumer Data Privacy Act. Request deletion of all personal data the company holds about you and opt out of data sales and targeted advertising.
4. Respond to any identity verification request. The company may ask you to verify your identity before processing. Provide the requested information promptly. Companies cannot require you to create a new account solely to submit a privacy rights request.
5. Track the 45-day response window. Keep a record of your submission date and any confirmation number or email. If the company extends the response period, they must notify you within the initial 45-day window and provide a reason for the extension.
6. Appeal or escalate if necessary. If your request is denied, submit a formal appeal through the controller's appeals process. If the appeal is denied, file a complaint with the Montana Attorney General at dojmt.gov. The Montana AG has authority to seek civil penalties up to $7,500 per violation.

The Bigger Picture: State Laws Keep Multiplying

Montana's MCDPA is one of more than 20 state privacy laws now on the books, alongside Virginia, Colorado, Connecticut, Utah, Oregon, Texas, New Jersey, Delaware, and others. As of 2026, the count keeps climbing.

The practical consequence for data brokers is a patchwork of state rules, each with different thresholds, rights, and penalties. Most large brokers have responded by simply honoring deletion requests from all US residents, not just people in states with specific laws. Verifying state residency on every incoming opt-out request creates more legal exposure than just complying across the board.

For Montana residents, that means state law gives you real leverage — but the practical benefits go further than Montana's specific protections. An authorized agent service like GhostVault invokes CCPA and applicable state laws simultaneously, so Montana residents can use California's broader deletion scope while also asserting Montana's stronger teenager protections and universal opt-out requirements. Learn more about California's CCPA or start automated data removal with GhostVault.

Montana MCDPA at a Glance

Key Dates

Signed: May 22, 2023
Effective: October 1, 2024

Applicability

50,000+ Montana consumers, OR
25,000+ consumers + 25%+ data sale revenue
No standalone revenue floor

Your Rights

Access, Correct, Delete, Portability, Opt-Out
Universal opt-out signal compliance

Enforcement

Montana AG only
Up to $7,500 per violation
60-day cure period

Remove Your Data From 500+ Brokers for $3.99/Month

GhostVault automates deletion requests as your authorized agent — regardless of which state you live in. We cover 500+ data broker sites simultaneously, monitor for re-listed profiles, and keep working month after month so your data stays off these sites.

Frequently Asked Questions

What rights does the Montana Consumer Data Privacy Act give residents?

The MCDPA gives Montana residents the right to access personal data, correct inaccuracies, delete personal data, obtain a portable copy, and opt out of targeted advertising, data sales, and significant profiling. It took effect October 1, 2024 and applies with a threshold calibrated to Montana's population.

How does Montana's MCDPA compare to California's CCPA?

Montana's MCDPA applies to businesses processing data of 50,000 or more Montana consumers with no revenue floor. It includes broader sensitive data protections for teens ages 13-16, requires universal opt-out signal compliance, and mandates data protection assessments. Penalties reach $7,500 per violation; the Montana AG enforces the law.

Can Montana residents use the MCDPA to remove themselves from data brokers?

Yes. Montana residents can submit deletion requests to covered data brokers. Businesses must respond within 45 days, extendable by 45 more. Services like GhostVault automate this process across 500+ data brokers simultaneously.

Does Montana's MCDPA include any special protections for children?

Yes. Montana's MCDPA treats personal data of consumers known to be between 13 and 16 years of age as sensitive data, requiring opt-in consent before processing for targeted advertising and data sales. This is broader than most state laws, which typically draw the line at age 13.