Skip to main content

Automated data broker removal tool — close your accounts, erase your data.

Project description

Symaira EraseMe

Automated data broker removal tool — close your accounts, erase your data.

Beta — Core features are stable and tested. Some advanced features (web-form CAPTCHA solving, DPA auto-filing) require manual setup or are event-flagged only.

CI License Python

Symaira EraseMe terminal demo — init-profile, broker listing, plan creation, and campaign status

Symaira EraseMe helps you exercise your GDPR/CCPA right to erasure against data brokers. It provides:

  • A curated registry of 1,200+ data brokers with opt-out processes documented
  • CLI tools to plan, send, track, and triage removal requests
  • Skills for LLM-powered agents (Claude Code, OpenClaw, etc.)
  • Lifecycle management with deadline tracking, reminders, escalation, and re-scans
  • Automated registry maintenance via weekly scans of public state broker registries

Features

  • Curated broker registry with YAML-based definitions for 1,277 data brokers across the EU (121), UK (20), and US (1,138), including opt-out URLs, required account identifiers, contact methods (web forms, email), and verification keywords.
  • Event-sourced architecture with an append-only SQLite event store, state projections, and full audit trail for every removal request.
  • CLI automation with 30+ commands to plan removal campaigns, send opt-out requests in batches, track progress, monitor deadlines, and triage broker replies from the terminal.
  • Web-form automation via Playwright for brokers that only accept opt-outs through web forms, including form-filling, CAPTCHA detection, and screenshot capture.
  • Inbox triage via IMAP polling to fetch broker replies, classify them with an LLM (Claude), and generate jurisdiction-aware rebuttals for rejections.
  • Deadline tracking with automatic jurisdiction-aware deadline monitoring (GDPR: 30 days, CCPA: 45 days). The tick engine checks daily for overdue requests and triggers reminders with exponential backoff.
  • Escalation workflows that flag requests for DPA complaints after brokers miss the legal response window.
  • LLM agent skills as ready-made skill files for Claude Code, OpenClaw, and other LLM-powered coding agents. These skills let AI assistants work with the tool on your behalf.
  • Jurisdiction-aware workflows with support for GDPR (Europe), CCPA (California), CPRA, LGPD, and PIPEDA erasure rights, including jurisdiction-specific templates, timelines, and legal references.
  • Scheduler integration that generates cron, launchd, or systemd configurations to run the tick engine, inbox polling, and quarterly re-scans automatically.
  • Automated registry maintenance with a weekly GitHub Action that pulls fresh entries from official US state broker registries and opens a PR with the diff, plus a Monday link-check workflow that flags dead broker websites.
  • Dashboard and reports for campaign analytics, jurisdiction breakdowns, and GDPR-compliant record-keeping exports.

Install

End users (from PyPI):

pip install symeraseme

Optional extras:

pip install symeraseme[web]      # Playwright-based browser automation
pip install symeraseme[triage]   # LLM triage via Anthropic Claude

Developers (from source):

# Clone the repository
git clone https://github.com/danieljustus/Symaira%20EraseMe.git
cd Symaira EraseMe

# Install dependencies with uv
uv sync
uv pip install -e ".[dev,web,triage]"

# Configure your environment
cp .env.example .env
# Edit .env and add your ANTHROPIC_API_KEY

See .env.example for all supported environment variables.

Usage

Getting started

# Initialize your profile with personal details
symeraseme init-profile

# List all registered brokers, optionally filtered by jurisdiction or law
symeraseme brokers list --law GDPR

# Show details for a specific broker
symeraseme brokers show --name spokeo

Demo

$ symeraseme init-profile
✓ Profile saved to ~/.config/symeraseme/profile.json

$ symeraseme brokers list --law GDPR
┏━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┓
┃ Name         ┃ Website                     ┃ Jurisdiction  ┃
┡━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━┩
│ Spokeo       │ https://www.spokeo.com      │ CCPA          │
│ Intelius     │ https://www.intelius.com    │ CCPA          │
│ Acxiom (EU)  │ https://www.acxiom.com      │ GDPR          │
│ Schufa       │ https://www.schufa.de       │ GDPR          │
└──────────────┴─────────────────────────────┴───────────────┘

$ symeraseme plan create --campaign initial --law GDPR --max 5
✓ Plan created: 5 brokers selected
  Campaign: initial

$ symeraseme status
Campaign: initial
┏━━━━━━━━━━━━━┳━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━┓
┃ Broker      ┃ Status      ┃ Deadline             ┃
┡━━━━━━━━━━━━━╇━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━┩
│ Acxiom (EU) │ planned     │ —                    │
│ Schufa      │ planned     │ —                    │
│ Experian EU │ planned     │ —                    │
│ Equifax EU  │ planned     │ —                    │
│ Creditreform│ planned     │ —                    │
└─────────────┴─────────────┴──────────────────────┘

Planning and execution

# Create a removal plan for GDPR brokers (limit to 10)
symeraseme plan create --campaign initial --jurisdiction GDPR --max 10

# Review the plan before sending
symeraseme plan show --campaign initial

# Execute the plan in batches (respects rate limits, requires consent)
symeraseme execute --campaign initial --batch-size 5 --delay 30 --yes

# Check overall campaign progress
symeraseme status

# View deadline calendar and upcoming tick actions
symeraseme calendar --weeks 4

Inbox triage (requires [triage] extra)

# Poll your IMAP inbox for broker replies
symeraseme poll-inbox --username your@email.com

# Classify a broker reply via LLM
symeraseme classify-reply <request_id>

# Generate a jurisdiction-aware rebuttal for a rejection
symeraseme generate-rebuttal <request_id>

Web-form automation (requires [web] extra)

# Run a broker's web-form opt-out via Playwright
symeraseme run-web-form <broker_id>

# List manual fallback tasks for forms that couldn't be automated
symeraseme manual-tasks list

# Mark a manual task as completed
symeraseme manual-tasks complete <task_id>

Lifecycle and maintenance

# Run the tick engine (checks deadlines, reminders, escalations)
symeraseme tick --dry-run
symeraseme tick

# Generate scheduler configs (cron / launchd / systemd)
symeraseme generate-scheduler --output ./schedules

# Install schedules
symeraseme schedule install ./schedules

# Generate a dashboard report
symeraseme generate-dashboard

# Export campaign data for GDPR record-keeping
symeraseme export --format json --output campaign.json

Other commands

# Validate registry YAML files against the schema
symeraseme validate

# Show event history for a request
symeraseme events show <request_id>

# List all removal requests
symeraseme requests list --status pending

# Grant consent for destructive operations
symeraseme grant execute --ttl 3600

Run symeraseme --help for a full list of commands and options.

Architecture

Symaira EraseMe uses an event-sourced architecture built on SQLite:

┌─────────────┐     ┌──────────────┐     ┌─────────────┐
│   CLI /     │────▶│   Event      │────▶│  Request    │
│   Skills    │     │   Store      │     │  State      │
└─────────────┘     │  (SQLite)    │     │ (Projection)│
                    └──────────────┘     └─────────────┘
                           │
                    ┌──────┴──────┐
                    ▼             ▼
            ┌──────────┐   ┌──────────┐
            │  Tick    │   │  Reports │
            │  Engine  │   │ / Export │
            └──────────┘   └──────────┘
  • Event Store: Append-only log of all actions (planned, sent, ack, reminder, deadline reached, etc.)
  • State Projection: Rebuilds the current state of every request from events
  • Tick Engine: Daily scan for deadlines, reminders, and escalations
  • Triage: LLM-based classification of broker replies with jurisdiction-aware rebuttal generation

Registry maintenance

The broker registry is kept fresh by two scheduled GitHub Actions:

  • registry-scanner (Sundays, 00:00 UTC) — fetches the latest data-broker registries published by US states (e.g. California, Vermont, Oregon, Texas), normalizes the records into YAML entries, and opens a pull request for any additions or changes.
  • registry-link-check (Mondays, 06:00 UTC) — issues a HEAD request to every broker's website field and reports unreachable URLs so dead entries can be retired or corrected.

You can also run the sync manually:

uv run python scripts/registry_sync.py

Development

Setup

uv sync --all-extras
uv pip install -e ".[dev,web,triage]"
pre-commit install

The pre-commit hooks include:

  • Detect private keys — checks for hardcoded private keys

CI additionally runs TruffleHog for comprehensive secrets scanning on every pull request.

Run tests

uv run pytest --verbose --tb=short

Lint and type-check

uv run ruff check src/symeraseme/
uv run ruff format --check src/symeraseme/
uv run mypy src/symeraseme/

All three checks run in CI on every push and pull request to the main branch.

Project structure

src/symeraseme/
  cli/           — Typer CLI application
  core/          — Event store, projections, tick engine, templating, scheduler
  registry/      — Broker loader, schema validation
  services/      — CLI command handlers
  adapters/      — Web (Playwright), Triage (Claude), Email (SMTP/IMAP)
registry/
  brokers/       — YAML broker definitions (eu/, uk/, us/)
  laws/          — Jinja2 legal templates (GDPR, CCPA, rebuttals)
  schemas/       — JSON Schema for broker validation
skills/          — LLM agent skill files (Claude Code, OpenClaw)
examples/        — Integration examples for Claude Code, OpenClaw, cron

Security

  • Identity profile encryption: Profiles are encrypted with AES-256-GCM and authenticated with the header as AAD. Files written since v0.1.2 use header version: 2; earlier files used version: 1. A legacy no-AAD fallback exists for version: 0 files only — any tampered ciphertext on version 1+ fails closed with InvalidTag.
  • Database encryption: When SYMERASEME_ENCRYPT_DB=1 is set, the SQLite database is encrypted at rest using AES-256-GCM with a key derived from your identity master key. On open, the database is decrypted to a temporary file in your user data directory (~/.local/share/symeraseme/). The temp file has restrictive permissions (0o600) and is re-encrypted and removed on normal exit, SIGTERM, or context close. However, a SIGKILL (e.g., kill -9, OOM killer, or system crash) may leave the decrypted temp file behind. If this is a concern for your threat model, consider running Symaira EraseMe on a single-user system or using full-disk encryption.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

symeraseme-0.1.4.tar.gz (396.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

symeraseme-0.1.4-py3-none-any.whl (133.2 kB view details)

Uploaded Python 3

File details

Details for the file symeraseme-0.1.4.tar.gz.

File metadata

  • Download URL: symeraseme-0.1.4.tar.gz
  • Upload date:
  • Size: 396.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for symeraseme-0.1.4.tar.gz
Algorithm Hash digest
SHA256 24fffc34689c3c9d992672025d42ccd0592eff99692d8934857cf46b4e8ddd36
MD5 2c6bcb9eaf8978bd218fc4abd8bced92
BLAKE2b-256 847abeec2f0ed39ce5f0e1e7469404012be6a98878d63313c28b7180e4e7ab88

See more details on using hashes here.

Provenance

The following attestation bundles were made for symeraseme-0.1.4.tar.gz:

Publisher: publish.yml on danieljustus/symaira-eraseme

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file symeraseme-0.1.4-py3-none-any.whl.

File metadata

  • Download URL: symeraseme-0.1.4-py3-none-any.whl
  • Upload date:
  • Size: 133.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for symeraseme-0.1.4-py3-none-any.whl
Algorithm Hash digest
SHA256 95bad5badbad6c029fdc240d37ba98f46e8550063d969c724638631d673588e9
MD5 4b257f25cb57fb679c9878300a0a7436
BLAKE2b-256 e0cb4d28c233e52a9007e49bb561fddc113568a3c67c668c48688b16dc287a96

See more details on using hashes here.

Provenance

The following attestation bundles were made for symeraseme-0.1.4-py3-none-any.whl:

Publisher: publish.yml on danieljustus/symaira-eraseme

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page