Skip to main contentSkip to navigationSkip to navigation
keyboard with smoke coming out of it
Poof! All gone. ‘In a world where almost any action leaves some kind of digital footprint, there is no clear path back to the realm of the unknown.’ Photograph: Stephen Lenthall/The Guardian. Set design by Hattie Newman
Poof! All gone. ‘In a world where almost any action leaves some kind of digital footprint, there is no clear path back to the realm of the unknown.’ Photograph: Stephen Lenthall/The Guardian. Set design by Hattie Newman

'I felt exposed online': how to disappear from the internet

This article is more than 5 years old

Worried about what’s out there about you? You’re not alone. But is it even possible to become a digital ghost?

Early one morning last year, before the birds were up, Tio Bucard, his wife and children skittered down the path from their home in a tiny French village towards a black SUV, its engine running. As Bucard drove to the local airport, he checked his rear-view mirror every few moments to see that he was still being followed by Frank Ahearn, a 54-year-old American with a peppery beard and wraparound sunglasses. Bucard (not his real name) had met Ahearn for the first time only the day before, in the lobby of a Monaco hotel close to Bucard’s office. Now he had entrusted his family’s safety to this former drug addict from the Bronx. Bucard pulled into the airport’s long-term car park. Then he and the family transferred into Ahearn’s hired SUV. As they pulled on to the motorway, Ahearn joked whether, while the family was in hiding, he could look after Bucard’s £5,000 watch, a Bentley Flying B No 3.

The watch was a reminder of more plentiful times. Bucard, who raised capital for a private equity firm, had recently found himself on the wrong end of a bad deal. Problems gathered and the firm began to default on payments. One of the slighted investors had, as Bucard puts it, “a shady past” and angry phone calls soon blackened into threats of physical violence. Fearing for his and his family’s safety, Bucard typed the phrase “how to disappear” into Google. Halfway down the first page of results, he saw Ahearn’s name. A former New York skip tracer – a private investigator who finds people who have “skipped” town – turned professional “disappearer”, Ahearn offers a range of freelance services, everything from helping to restore your privacy on the internet to driving your family across Europe and into a new life.

“My idea was to go away for three to four months,” Bucard tells me. “Just until I could raise the funds to pay back my investors.” Not wanting to cause alarm, Bucard told his children they were taking an extended vacation. The day before they fled, Ahearn rented an Airbnb in a far-flung city in his name. When the family arrived at the safe house, Ahearn bought new mobile phones and laptops, then schooled the family on the rules of their new life: do use untraceable text-messaging services; don’t use public email servers; do pay in cash; don’t use Facebook. After a few days, Ahearn left the Bucards in their temporary accommodation and returned to his home in Madrid, where he lives with his girlfriend. In his wallet, he carried Bucard’s credit card.

When he landed in Spain, Ahearn tried to imagine what a man of Bucard’s wealth might indulge in while on holiday. Then he began a riot of spending: fine clothes, meals out, a king’s ransom of trinkets. “I had a blast with his plastic,” he says. “And that, my friend, is how to leave a trail of super-cool disinformation.”


Money, violence, indiscretion: the motivation for any person who wants to disappear, either physically or digitally, usually wends back to one of these. Whatever the reason and whatever the scale of the ambition – from starting a new life in a foreign country to scrubbing one’s name and address from the phonebook – it has never been harder to vanish. In a world where almost any action outside your garden shed leaves some kind of digital footprint, there is no clear path back to the realm of the unknown.

In recent months, the scale of the erosion of our anonymity has become dauntingly clear. In humming, ice-cooled server farms, the monoliths of Silicon Valley gather fat troves of personal information. This much we have known for years – as early as 2010, an investigation found that Facebook apps were routinely collecting information for internet-tracking companies without our consent – even from private accounts. But the recent Cambridge Analytica scandal brought new clarity. Those who downloaded their personal data files found that Facebook and its associated apps had been tracking phone calls, reading messages and plundering phonebooks.

This gleeful, grasping attitude to our data is in the social network’s DNA. This year it was revealed that in 2004, while Facebook was still a university campus website on which male students could rate the attractiveness of female students, its founder, Mark Zuckerberg, sent an instant message to a friend in which he boasted that he had collected more than 4,000 emails, pictures and addresses of people who had signed up to the service.

“What?” Zuckerberg’s friend exclaimed. “How’d you manage that one?”

“People just submitted it,” Zuckerberg wrote. “I don’t know why. They ‘trust me’.”

“Dumb fucks,” he added, after a pause.

Facebook is not the only harvester of personal information. If Google is the engine that drives the internet, personal information is the oil that makes it purr. Via its Maps app, it knows where you’ve been, how you got there (foot, car, bus, train), how long you stayed and whether or not it was your first visit. The company stores your search history across every device on which you’re logged in, while algorithms reportedly scour your emails for signs that you might be pregnant, engaged or unwell. Google Lens, announced earlier this month, is a visual search engine that provides information about the things you’re looking at through your phone’s camera. Google likely knows your age, gender, hobbies, career, interests, relationship status, every YouTube video you’ve watched, every image you’ve searched for, whether or not you’re depressed and, possibly, even why you’re depressed before you do – and it’s far from the only omniscient god in the digital pantheon. What began as a hopeful, democratic mission to make the internet free for all in the 1990s has, when fed through the late capitalist mincer, resulted in a digital economy that runs on microtransactions of identity. This information, if held by a government, would inspire widespread civil liberty marches.

For most of us, the quality and convenience of what we receive in exchange for our secrets is enough that we willingly surrender. But now an increasing number of people are more closely counting the cost – to the point of trying to reclaim our right to be unknown. It’s become a challenge: the woman fleeing an abusive relationship, the elderly victim of identity theft, the stalked celebrity, the school leaver who’s sabotaged their job search with old, embarrassing YouTube videos, already knows just how difficult that can be.


When Ahearn finished rehab, aged 17, he had quit pills but was left newly directionless. He took a stopgap job in a New York shoe store. Then, when it closed down, he responded to an advertisement for a private investigator. The job was glamour-less, but Ahearn found it intoxicating nonetheless. He was hired to pose as a stockroom worker for high-end New York stores and catch co-workers stealing the merchandise. He caught 15 employees stealing from one department store, and later busted a 30-man criminal ring at an electronics and furniture warehouse. “Manipulation,” he says. “It’s the first thing I was ever really good at.”

Quick Guide

How to keep a low online profile

Show

1 Google yourself

Carry out a self-styled “before” audit to see what’s out there. Search for yourself with all name variations, email addresses and residential addresses. You could be shocked by what you find.

2 Delete online accounts

 All active accounts must be deleted – not deactivated – if you want to use the internet untraceably. Facebook, Amazon, eBay, Netflix, Tinder: they all have to go. It can be difficult to remember every site you have signed up for, so look in your email inbox for newsletters. Unsubscribe and ask to be removed from their data list; the new GDPR update on 25 May 2018 means that sites are legally obliged to do this on request.

3 Contact data brokers

It’s highly likely that personal data such as home address, email and even your date of birth is being publicly shared online by so-called data broker websites, such as 192.com. Ask for this information to be removed directly from the site, and they should comply.

4 Ask to be forgotten

If you’ve posted on web forums, you can ask the webmasters to remove your posting. If they prove unresponsive, and data brokers or social media companies fail to remove your information on request, then exercise the “right to be forgotten” by a direct request to Google (search for legal removal request).

5 Create a smoke screen

Unfortunately, once removed does not mean for ever removed on the internet. You should actively audit yourself every six months and some of the steps may have to be repeated. And if you can’t quite make all the necessary sacrifices, consider setting up a false email address with inaccurate data, amending personal details such as age, sex, name and location.

Simon Parkin

 Source: Tony McChrystal, Reputation Defender


Was this helpful?

After a while, the private detective agency allowed Ahearn to work in the office. There he sat next to a skip tracer. “Skip-tracing is the art of finding people,” he explains. “There are two types of skip tracer: passive ones, who use databases and directories to find people; and aggressive ones, who carry out social engineering to find their prey.” Ahearn would listen as his colleague extracted information about someone by calling utility companies and posing as the target in order to gain access to their phone records and bank details until, finally, he zoned in on a likely hideout address. Ahearn convinced his boss to give him a go. “I was like wildfire,” he recalls. “A natural.”

‘You can’t delete information. It’s a case of manipulating what is already out there.’ Photograph: Stephen Lenthall/The Guardian. Set design by Hattie Newman

In 1984, Ahearn left the detective agency and set up as a freelance skip tracer. For a while, business boomed. He would occasionally take short breaks (“Sometimes being so good at something so devious plays on the head”), but then crisis dawned when the laws in America changed, making many of the skip tracers’ techniques illegal. “Life became more difficult,” he recalls. Ahearn moved to Europe, where the laws were less stringent, and then, in the late 1990s, the pendulum swung back. The omnipresence of the mobile phone made it far easier to track individuals, and the creeping ubiquity of social media ushered in a new golden era for the investigator. “I can find you through your mother’s Facebook, a blog you wrote three years ago, an old LinkedIn account,” Ahearn says.

In 2001, he placed an advertisement on a website that provided advice about offshore living. When the website’s owner pointed out that Ahearn’s work finding people might concern its users, who, in many cases, prized anonymity, Ahearn suggested that he write a blogpost on how to disappear instead. “It was a really cheesy article, but it just blew up,” Ahearn recalls. “People from all over the world started contacting me.” Once he had weeded out those individuals looking for an aider and abetter (“If you’re facing law enforcement, I cannot help you; I also stay away from sexual issues”), Ahearn took on his first client: a woman who wanted to escape from her violent partner. “She didn’t want a new identity, just to move away and be sure that the husband couldn’t find her,” he says.

In the past 15 years, the techniques Ahearn uses to ghost a client have grown in scope and sophistication. But unlike reputation management companies, which typically try to drive harmful or revealing information down search engine results, he favours the use of misinformation – and not just via misdirecting credit card transactions in a foreign city. “You can’t delete information,” he says. “It’s not going away. It’s a case of manipulating what is already out there.”

Ahearn explains that he might start by taking over your Facebook account, and “creating information” about Sydney, Australia. “I’ll befriend people in Sydney, then create new, fake Facebook accounts who become your friends in Australia.” He then starts up public conversations between these accounts. “You create a fake digital friend and get them to post an update about how they had dinner with you and another fake Facebook friend last night. It’s about offering coherent titbits of information. Deleting stuff is just useless. It’s already [been] there. Perhaps the person looking for you copied the information. So it becomes a game of total misdirection: you have to keep the predator busy.”


If Ahearn is the special forces of the vanishment industry, brought in for the most extreme jobs, a sparse, open-plan office on the outskirts of Liverpool is home to the foot soldiers of this burgeoning industry. Here, at Reputation Defender, a team of 30 or so young men and women scour the internet for personal information – phone numbers, dates of birth, addresses, electoral records – that their clients want removed from the internet.

Managing director Tony McChrystal began working in online privacy and reputation management before there was a name for the industry. In 2008, when he joined the company, then known as Reputation 24/7, as one of its first employees, it had just five clients. “We were living hand to mouth, you know, never sure whether we were going to be able to open the doors the following month,” he says. Today, the company is one of the largest in its field; McChrystal claims that the UK office receives 70 inquiries a day, mostly from individuals who want to become unknown on the internet. To date, the company has served more than a million clients worldwide, and last month it was bought by the Washington-based Stagwell Group for an undisclosed sum.

In the early years, McChrystal’s clients were typically celebrities, footballers and CEOs: people who wanted specific pieces of professionally damaging information about them – an affair, a failed business deal – pushed down the search engine rankings. In recent years, however, he says that the company mainly works with the kind of “regular” people who might pay for their credit file report every month, and who want a similar reputation or privacy report. For around £600 a year, the company will give you a list of what personal or sensitive information is publicly available. “A lot of the time, they’re scared of identity theft, fraud or even – if their current address is out there – scared of their own personal safety,” McChrystal says. It is surprisingly easy for a criminal to use social media to plan a burglary. “One of our clients’ daughter was on holiday in France recently at the family villa, and she posted geo-tagged pictures on Instagram of the villa alongside pictures of her and her friends wearing expensive jewellery and watches,” McChrystal explains. Within 24 hours of posting, there was a home invasion at the villa and half a million dollars’ worth of jewellery was stolen. “After that, we had to go in and talk about how to manage their privacy settings on their Instagram and Facebook.”

Tom Powell, who has worked at the company for eight years, says it’s often not any one single piece of information that can endanger an individual, but a concatenation of snippets. “Let’s say I went on holiday tomorrow,” he says. “A burglar gets wind of my trip via a Facebook post in which I mention how many days I’m away for. They then go to 192.com to find my home address. They then take that information to Google Maps, to [use streetview and] check whether I have an alarm. They have days to drive by the house and see if the alarm is flashing, and to carry out a burglary. All this information can be used in concert for malicious intent.”

Like Ahearn, McChrystal and his team screen the motivations of potential clients. “We probably get two paedophiles call up every day,” he admits. This kind of individual, McChrystal says, will typically claim they are the victim of mistaken identity: someone who shares their name has been accused of something awful. “That kind of thing actually doesn’t happen very often, so we tell them we will have to carry out a police check, and that’s when the conversation breaks down.” Team members refer to a “Who we serve” document, drawn up by the company’s lawyers, which forbids working with criminals who have been convicted of “anything above a misdemeanour”, as well as fraudsters and those who have been accused of sexual misconduct. “It’s not even up for debate. If you were found guilty of physical abuse, that’s relevant information to me. It shouldn’t be forgotten, you know?”

Google agrees. In 2014, the European court of justice ruled that “irrelevant” and outdated data should be erased on request. In the past four years, the company has received more than 600,000 requests (many of which were submitted by the team at Reputation Defender on behalf of its clients) to delist nearly 2.4m results from the search engine. In many cases, Google has successfully argued that the information is in the public interest and that the petitioner does not have the right to be forgotten.

In the past two years, however, McChrystal, who deleted his own Facebook account some time ago, has seen a marked increase in approaches from individuals who are not in danger or want a piece of damaging information covered up, but who simply want to reclaim their anonymity.

Emma Jones approached the team last year after one of her closest friends was the victim of identity theft. When Jones Googled herself, she found her name and address posted to various directory sites. “I wasn’t comfortable with my data being on the internet and there being nothing I could do about it,” she says. “I’ve got a young family. I felt exposed.” McChrystal’s team put together a dossier showing all the information on her and her family that was available online, alongside a proposal for how it might be removed or, in the case of social media sites, made private. Jones, who works in marketing, represents a new kind of client: one without a specific privacy problem who has become sufficiently unnerved by recent data breaches that she is willing to spend hundreds of pounds hiring professionals to restore her anonymity.

Like many people, she once used Facebook as a way of keeping a record of family life. “I’d upload photos of my children every day. I didn’t care whether or not my friends found them interesting. Now I rarely post pictures of my children – maybe the backs of their heads, but that’s it. It should be their choice, not mine. If my daughter comes to me when she is older and asks me why I put all those photos of her on the internet, I have no comeback.”

In recent weeks, a grassroots movement has formed around the slogan Delete Facebook (Zuckerberg claims it has been a failure). For Meg Jayanth, a writer for video games, the Cambridge Analytica scandal pushed her willingly into Facebook oblivion. “I’d been considering deleting Facebook for at least a year, but my data anxieties were outweighed by convenience,” she told me. “Facebook was the way I stayed in touch with friends and family, and I was reluctant to leave it behind. The Cambridge Analytica news tipped the balance for me, not because it was unexpected, but because it forced me to stop rationalising away my use of the service, and act. I was sick of feeling apprehensive for using a service I didn’t even want to use any more.”

‘People see the digital realm as being this separate thing. But it’s all the same thing.’ Photograph: Stephen Lenthall/The Guardian. Set design by Hattie Newman

The process of deleting one’s Facebook account is deliberately arcane. The social network encourages you to “deactivate” your account, rather than “delete” it, to leave an open door if you later regret the decision. Permanent deletion requires a request be made to the company. If you log in within 14 days of the process being under way (easy to do accidentally if you have the app on your phone or linked accounts that require you to log in via Facebook), the company will automatically cancel your original request.

For Jayanth, who holds an Indian passport, the recent news that the US state department is asking visa applicants to declare their social media accounts on their forms was a further incentive. “The idea that customs officials might look through your social media, and could potentially make decisions based on whether or not you support the current government is dangerous. That could have a chilling effect on public debate.”


Tio Bucard’s experience last year was enough to force a more thorough evaluation of his family’s privacy and safety. They never returned to their house in the French village.

“This is something that happens to many of my clients,” Ahearn says. “Disappearing is a trigger that wakes a person up and makes one think carefully about what is next.”

Ahearn founded a few offshore companies for Bucard, helping him buy a new house, cars and other essentials. He set the family up with a communications protocol, so they could keep in touch with family and business associates. Bucard and his wife decided to take the children out of the French education system and home school them. They took out private medical insurance to remove their names from the health system. To maintain a life of anonymity is an ongoing act of obsession, a symptom of which is often paranoia. Bucard has kept Ahearn on retainer; whenever a new client comes his way, Ahearn runs checks on the person, to make sure they are who they say they are, and not connected in some way to his previous life.

Complete invisibility is an impossible goal for anyone outside a witness protection programme (“The creme de la creme,” as Ahearn puts it. “If you have that, you have everything”), even for those who have never signed up for a social media or Google account. In Britain, unless you opt out when registering to vote, your data is collected and made available to anyone who wants to buy a copy.

“People see the digital realm as being this separate thing, something close to unreal,” Ahearn says. “But it’s all the same thing. Would you put a picture of your child on a billboard next to a highway alongside your family name? Of course not. But people do it online all the time. And it’s not a problem. Until it is.”

Some names have been changed

Commenting on this piece? If you would like your comment to be considered for inclusion on Weekend magazine’s letters page in print, please email weekend@theguardian.com, including your name and address (not for publication).

More on this story

More on this story

  • Twitter was supposed to spread democracy, not Trump’s ravings

  • Google stops notifying publishers of ‘right to be forgotten’ removals from search results

  • How to handle a troll … and neuter a sea lion

  • 'Right to be forgotten' on Google only applies in EU, court rules

  • Dutch surgeon wins landmark 'right to be forgotten' case

  • Online sexism targeted in world-first 'bystander' project

  • 'Right to be forgotten' by Google should apply only in EU, says court opinion

  • Harassed online for 13 years, the victim who feels free at last

  • Man withdraws 'right to be forgotten' case against Google

  • Detoxifying social media would be easier than you might think

Comments (…)

Sign in or create your Guardian account to join the discussion

Most viewed

Most viewed