Privacy and compliance terms

Data de-identification is the process of removing or obscuring personal identifiers from data sets.

A whistleblower is a person who reveals activities or information within a corporate, public, or government establishment that are considered illicit, corrupt, or improper.

Web mining is the process of extracting patterns, information, and knowledge from web sources, using various data mining techniques and algorithms.

Verification is the process of determining if a product or system meets specific requirements.

A tracking pixel is a small, often invisible pixel used to gather information about user activities (e.g., how they browse and what they click on).

Tracking cookies are small text files that track users’ online activity and preferences and keep records of their data, like the sites they visit, the links they open, and the searches they perform.

A suspicious activity report is a report of suspected fraudulent or illegal activities.

A super cookie is a cookie meant to be stored on a user’s computer indefinitely.

Social profiling is collecting and analyzing information from a person's social media activities to form a detailed profile about them.

Sharenting is a practice when parents share details about their children on social media and blogs.

A shadow profile is a set of data collected about someone without their explicit consent, usually from various online sources.

Sensitive information is important data that no one should be able to access without permission.

Self-sovereign identity refers to a digital identity model where individuals have sole ownership, control, and management over their personal data, without the need for intermediaries or centralized authorities.

The right to restrict processing is a rule or legal concept under regulations like “GDPR.” The right to restrict processing means that individuals can ask a company or organization to limit or stop using their personal data.

The right to rectification is a concept in privacy law.

The right to object allows individuals to refuse the processing of their personal data, particularly for purposes like direct marketing or research.

The right to erasure allows individuals to request a company or online business to delete their personal data.

The right to data portability is outlined in the General Data Protection Regulation (GDPR) of the European Union.

The right to be informed, under the General Data Protection Regulation (GDPR), means that people have the right to get clear, transparent, and easy-to-understand details about how organizations use and process their personal data.

The right of access, under the General Data Protection Regulation (GDPR), means that people can ask organizations if their personal data is being processed.

Pseudonymization replaces identifiable information within a data record with one or more pseudonyms.

A pseudonym is a fictitious name someone uses instead of their real name.

A privacy policy explains what information a website or an organization takes from users and what it does with it.

Personally identifiable information is any information that can be used to identify an individual, like their name, address, phone number, email address, social security number, date of birth, driver's license number, financial information, medical information, and other similar data.

Passive surveillance is a kind of surveillance that is based on constant information gathering rather than purposefully targeted surveillance.

Netiquette is a set of online etiquette rules for interacting politely with others.

KYC verification is a process adopted by financial institutions and other businesses to authenticate their clients.

Information management refers to the process of collecting, organizing, storing, retrieving, analyzing, and using information to support business operations, decision-making, and strategic planning.

Government surveillance is the process of collecting information by a country’s government for intelligence, threat monitoring and recognition, prevention and investigation of criminal activity, political information, or social control.

Geotagging is the practice of adding geolocation metadata to various forms of media, such as images, videos, websites, SMS messages, or RSS feeds.

Freedom of information refers to the person’s right to access and receive information from public bodies and government agencies.

First-party data is information collected directly from the source.

FIPS compliance refers to adherence to the Federal Information Processing Standards (FIPS), a publicly announced standard developed by the National Institute of Standards and Technology (NIST) in the USA.

End-user license agreement (EULA) refers to a legal contract between the software developer or vendor and the person using the software.

Electronic customer relationship management is the combination of strategies, technologies, and processes used by companies to manage and improve their relationships with customers online. e-CRM is meant to optimize customer interactions through webpages, emails, social media, and other digital channels.

Egosurfing, also called ego searching and vanity searching, is the act of searching for your own name or online presence on the internet to monitor personal reputation or track mentions.

E-government is a term that describes the practice of using computers, communication devices, and the internet to offer public services to citizens and tourists.

DRM-free refers to a method of digital content distribution where digital rights management (DRM) technology is not used.

A digital identity is information required to identify a particular individual, organization, or device for access to computer networks.

A digital fingerprint is a unique digital identifier containing information about the user’s browser and the device they use to access a site in question.

Digital exhaust is the sum total of the data generated as a byproduct of a specific person’s digital interactions and activities.

Digital dystopia is the notion that advancements in digital technology will cause (or are causing) major changes and disruptions in various fields: political, economic, and mostly social.

Differential privacy is a mathematical framework for protecting individual information in statistical analysis and data sharing.

Decentralized identity is a digital identity model where individuals have control over their own identity data and don't need to rely on a centralized authority to manage it.

Data subject refers to an individual who consents to a data controller collecting, processing, and storing their data.

Data sovereignty, also known as information sovereignty, refers to the concept that digital data is subject to the laws and governance structures within the nation where it is collected or stored.

Data shadow is an accumulation of digital footprints that you leave by interacting with online platforms, services, and content.

A data protection policy is a document that outlines an organization's guidelines and procedures for protecting the privacy and security of personal information collected, used, and processed during its operations.

Data perturbation is the intentional modification of sensitive information in a dataset to protect the privacy of individuals without compromising the analytical value of the data.

Data collection is the process of gathering information from various sources in order to answer relevant questions, draw conclusions, and make informed decisions.

Data administration refers to managing an organization's data to ensure reliability, usefulness, and consistency.

The Cybersecurity Maturity Model Certification is an assessment framework developed by the US Department of Defense (DoD) for defense industrial base (DIB) contractors.

Cyberlaw, or the Internet law, refers to the legal issues related to the use of the internet and information technology.

Cross-browser fingerprinting is a technique used to identify and track internet users across different web browsers they might use.

Contextual advertising refers to a form of targeted advertising in websites and mobile browsers.

Anonymous call rejection is a service that allows a telephone user to block calls from numbers with hidden ID.