Difference between revisions of "Main Page/Teaching Resources/Glossary"

From Library Freedom Wiki Page
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 2: Line 2:
 
Most definitions taken from Wikipedia.  
 
Most definitions taken from Wikipedia.  
  
==== Ad exchange ====
+
==== ad exchange ====
 
An ad exchange is a technology platform that facilitates the buying and selling of media advertising inventory from multiple ad networks. Prices for the inventory are determined through real-time bidding. The approach is technology-driven as opposed to the historical approach of negotiating price on media inventory. This represents a field beyond ad networks as defined by the Interactive Advertising Bureau, and by advertising trade publications.
 
An ad exchange is a technology platform that facilitates the buying and selling of media advertising inventory from multiple ad networks. Prices for the inventory are determined through real-time bidding. The approach is technology-driven as opposed to the historical approach of negotiating price on media inventory. This represents a field beyond ad networks as defined by the Interactive Advertising Bureau, and by advertising trade publications.
  
==== Ad network ====
+
==== ad network ====
 
An online advertising network or ad network is a company that connects advertisers to websites that want to host advertisements. The key function of an ad network is an aggregation of ad supply from publishers and matching it with advertiser's demand.
 
An online advertising network or ad network is a company that connects advertisers to websites that want to host advertisements. The key function of an ad network is an aggregation of ad supply from publishers and matching it with advertiser's demand.
  
==== Algorithm ====
+
==== algorithm ====
 
In mathematics and computer science, an algorithm is a finite sequence of well-defined, computer-implementable instructions, typically to solve a class of problems or to perform a computation. Algorithms are always unambiguous and are used as specifications for performing calculations, data processing, automated reasoning, and other tasks
 
In mathematics and computer science, an algorithm is a finite sequence of well-defined, computer-implementable instructions, typically to solve a class of problems or to perform a computation. Algorithms are always unambiguous and are used as specifications for performing calculations, data processing, automated reasoning, and other tasks
  
==== Artificial intelligence ====  
+
==== artificial intelligence ====  
 
Artificial intelligence is intelligence demonstrated by machines, unlike the natural intelligence displayed by humans and animals, which involves consciousness and emotionality. The distinction between the former and the latter categories is often revealed by the acronym chosen.
 
Artificial intelligence is intelligence demonstrated by machines, unlike the natural intelligence displayed by humans and animals, which involves consciousness and emotionality. The distinction between the former and the latter categories is often revealed by the acronym chosen.
  
==== Authentication ====  
+
==== authentication ====  
 
 
 
The process by which an entity (such as a person or computer system) determines whether another entity is who it claims to be.
 
The process by which an entity (such as a person or computer system) determines whether another entity is who it claims to be.
  
==== Behavioral advertising ====
+
==== behavioral advertising ====
 
 
 
Behavioral targeting comprises a range of technologies and techniques used by online website brands, publishers and advertisers aimed at increasing the effectiveness of marketing and advertising using user web-browsing behavior information.
 
Behavioral targeting comprises a range of technologies and techniques used by online website brands, publishers and advertisers aimed at increasing the effectiveness of marketing and advertising using user web-browsing behavior information.
  
==== Big data ====
+
==== big data ====
 
 
 
Big data is a field that treats ways to analyze, systematically extract information from, or otherwise deal with data sets that are too large or complex to be dealt with by traditional data-processing application software. Data with many fields offer greater statistical power, while data with higher complexity may lead to a higher false discovery rate.
 
Big data is a field that treats ways to analyze, systematically extract information from, or otherwise deal with data sets that are too large or complex to be dealt with by traditional data-processing application software. Data with many fields offer greater statistical power, while data with higher complexity may lead to a higher false discovery rate.
  
biometrics
+
==== biometrics ====
 
+
Biometrics are body measurements and calculations related to human characteristics. Biometrics authentication is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance.
Data concerning the intrinsic physical or behavioral characteristics of an individual. Examples include DNA, fingerprints, retina and iris patterns, voice, face, handwriting, keystroke technique and gait. The General Data Protection Regulation, in Article 9, lists biometric data for the purpose of uniquely identifying a natural person as a special category of data for which processing is not allowed other than in specific circumstances.
 
 
 
CCTV
 
  
 +
==== CCTV ====
 
Originally an acronym for "closed circuit television," CCTV has come to be shorthand for any video surveillance system. Originally, such systems relied on coaxial cable and was truly only accessible on premise. Today, most surveillance systems are hosted via TCP/IP networks and can be accessed remotely, and the footage much more easily shared, eliciting new and different privacy concerns.
 
Originally an acronym for "closed circuit television," CCTV has come to be shorthand for any video surveillance system. Originally, such systems relied on coaxial cable and was truly only accessible on premise. Today, most surveillance systems are hosted via TCP/IP networks and can be accessed remotely, and the footage much more easily shared, eliciting new and different privacy concerns.
  
 
+
==== chat bot ====
chat bot  
 
 
 
 
Computerized intelligence that simulates human interactions and may be used to handle basic customer requests and interactions.
 
Computerized intelligence that simulates human interactions and may be used to handle basic customer requests and interactions.
  
 +
==== cloud computing ====
 +
Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet.
  
cloud computing
+
==== confidentiality ====
 
+
Data is "confidential" if it is protected against unauthorized or unlawful processing.
The provision of information technology services over the Internet. These services may be provided by a company for its internal users in a "private cloud" or by third-party suppliers. The services can include software, infrastructure (i.e., servers), hosting and platforms (i.e., operating systems). Cloud computing has numerous applications, from personal webmail to corporate data storage, and can be subdivided into different types of service models.
 
 
 
confidentiality  
 
 
 
Data is "confidential" if it is protected against unauthorised or unlawful processing. The General Data Protection Regulation requires that an organization be able to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services as part of its requirements for appropriate security. In addition, the GDPR requires that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
 
 
 
 
 
consent
 
  
 +
==== consent ====
 
This privacy requirement is one of the fair information practices. Individuals must be able to prevent the collection of their personal data, unless the disclosure is required by law. If an individual has choice about the use or disclosure of his or her information, consent is the individual's way of giving permission for the use or disclosure. Consent may be affirmative; i.e., opt-in; or implied; i.e., the individual didn’t opt out.
 
This privacy requirement is one of the fair information practices. Individuals must be able to prevent the collection of their personal data, unless the disclosure is required by law. If an individual has choice about the use or disclosure of his or her information, consent is the individual's way of giving permission for the use or disclosure. Consent may be affirmative; i.e., opt-in; or implied; i.e., the individual didn’t opt out.
(1) Affirmative/Explicit Consent: A requirement that an individual "signifies" his or her agreement with a data controller by some active communication between the parties.
 
  
(2) Implicit Consent: Implied consent arises where consent may reasonably be inferred from the action or inaction of the individual.
+
(1) affirmative/explicit consent: A requirement that an individual "signifies" his or her agreement with a data controller by some active communication between the parties.
  
consent decree
+
(2) implicit consent: Implied consent arises where consent may reasonably be inferred from the action or inaction of the individual.
  
A judgment entered by consent of the parties. Typically, the defendant agrees to stop alleged illegal activity and pay a fine, without admitting guilt or wrongdoing. This legal document is approved by a judge and formalizes an agreement reached between a U.S. federal or state agency and an adverse party.
+
==== consent decree ====
 +
A judgment entered by consent of the parties. Typically, the defendant agrees to stop alleged illegal activity and pay a fine, without admitting guilt or wrongdoing. This legal document is approved by a judge and formalizes an agreement reached between a U.S. federal or state agency and an adverse party. This is often applicable to tech companies.  
  
 +
==== content delivery network (CDN) ====
  
content delivery network  
+
A content delivery network, or content distribution network, is a geographically distributed network of proxy servers and their data centers. The goal is to provide high availability and performance by distributing the service spatially relative to end users.
  
The servers that contain most or all of the visible elements of a web page and that are contacted to provide those elements. In the realm of advertising, a general ad server is contacted after a webpage is requested, that ad server looks up any known information on the user requesting to access the webpage.
+
==== cookie ==== 
  
 +
A small text file stored on a client machine that may later be retrieved by a web server from the machine. Cookies allow web servers to keep track of the end user’s browser activities, and connect individual web requests into a session. Cookies can also be used to prevent users from having to be authorized for every password protected page they access during a session by recording that they have successfully supplied their username and password already. Cookies may be referred to as "first-party" (if they are placed by the website that is visited) or "third-party" (if they are placed by a party other than the visited website). Additionally, they may be referred to as "session cookies" if they are deleted when a session ends, or "persistent cookies" if they remain longer.
  
cookie
+
==== dark patterns ====
 +
A dark pattern is "a user interface that has been carefully crafted to trick users into doing things, such as buying insurance with their purchase or signing up for recurring bills." The neologism, dark pattern, was coined by Harry Brignull on July 28, 2010 with the registration of darkpatterns.org, a "pattern library with the specific goal of naming and shaming deceptive user interfaces." Another more broad definition of a dark pattern is an instance where "user value is supplanted in favor of shareholder value."
  
A small text file stored on a client machine that may later be retrieved by a web server from the machine. Cookies allow web servers to keep track of the end user’s browser activities, and connect individual web requests into a session. Cookies can also be used to prevent users from having to be authorized for every password protected page they access during a session by recording that they have successfully supplied their username and password already. Cookies may be referred to as "first-party" (if they are placed by the website that is visited) or "third-party" (if they are placed by a party other than the visited website). Additionally, they may be referred to as "session cookies" if they are deleted when a session ends, or "persistent cookies" if they remain longer. Notably, the General Data Protection Regulation lists this latter category, so-called "cookie identifiers," as an example of personal information. The use of cookies is regulated both by the GDPR and the ePrivacy Directive (see Cookie Directive).
+
==== data aggregation ====
 
 
 
 
dark patterns
 
 
 
Recurring solutions that are used to manipulate individuals into giving up personal information.
 
 
 
 
 
data aggregation  
 
  
 
Taking Individual data sets and combining them to statistically analyze data trends while protecting individual privacy by using groups of individuals with similar characteristics rather than isolating one individual at a time. To effectively aggregate data so that it cannot be re-identified (or at least make it difficult to do so) the data set should: (1) have a large population of individuals, (2) Categorized to create broad sets of individuals, and; (3) not include data that would be unique to a single individual in a data set.
 
Taking Individual data sets and combining them to statistically analyze data trends while protecting individual privacy by using groups of individuals with similar characteristics rather than isolating one individual at a time. To effectively aggregate data so that it cannot be re-identified (or at least make it difficult to do so) the data set should: (1) have a large population of individuals, (2) Categorized to create broad sets of individuals, and; (3) not include data that would be unique to a single individual in a data set.
  
 
+
==== data breach ====
data breach  
 
  
 
The unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by a data collector. Breaches do not include good faith acquisitions of personal information by an employee or agent of the data collector for a legitimate purpose of the data collector—provided the personal information is not used for a purpose unrelated to the data collector's business or subject to further unauthorized disclosure.
 
The unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by a data collector. Breaches do not include good faith acquisitions of personal information by an employee or agent of the data collector for a legitimate purpose of the data collector—provided the personal information is not used for a purpose unrelated to the data collector's business or subject to further unauthorized disclosure.
  
 
+
==== data brokers ====
data brokers
 
 
 
 
Entities that collect, aggregate and sell individuals’ personal data, derivatives and inferences from disparate public or private sources.
 
Entities that collect, aggregate and sell individuals’ personal data, derivatives and inferences from disparate public or private sources.
  
  
data centers
+
==== data centers ====
 
 
 
 
 
Facilities that store, manage and disseminate data and house a network’s most critical systems. Data centers can serve either as a centralized facility for a single organization’s data management functions or as a third-party provider for organization’s data management needs.
 
Facilities that store, manage and disseminate data and house a network’s most critical systems. Data centers can serve either as a centralized facility for a single organization’s data management functions or as a third-party provider for organization’s data management needs.
  
  
data minimization principle  
+
==== data minimization principle ====
 
 
 
The idea that one should only collect and retain that personal data which is necessary.
 
The idea that one should only collect and retain that personal data which is necessary.
  
 
+
==== de-identification ====
data protection
 
 
 
The rules and safeguards applying under various laws and regulations to personal data about individuals that organizations collect, store, use and disclose. “Data protection” is the professional term used in the EU, whereas in the U.S. the concept is generally referred to as “information privacy.” Importantly, data protection is different from data security, since it extends beyond securing information to devising and implementing policies for its fair use.
 
 
 
de-identification
 
 
 
 
An action that one takes to remove identifying characteristics from data.
 
An action that one takes to remove identifying characteristics from data.
  
 
+
==== deep learning ====
deep learning
 
 
 
 
A subset of artificial intelligence and machine learning. It learns by performing a tasks repeatedly and adding layers of data to improve the outcome.
 
A subset of artificial intelligence and machine learning. It learns by performing a tasks repeatedly and adding layers of data to improve the outcome.
  
 +
==== digital rights management (DRM) ====
 +
Digital rights management tools or technological protection measures are a set of access control technologies for restricting the use of proprietary hardware and copyrighted works. DRM technologies try to control the use, modification, and distribution of copyrighted works, as well as systems within devices that enforce these policies.
  
digital rights management (DRM)
+
==== Do Not Track ====
 
+
Do Not Track was a proposed HTTP header field, designed to allow internet users to opt-out of tracking by websites—which includes the collection of data regarding a user's activity across multiple distinct contexts, and the retention, use, or sharing of data derived from that activity outside the context in which it occurred.
The management of access to and use of digital content and devices after sale. DRM is often associated with the set of access control (denial) technologies. These technologies are utilized under the premise of defending copyrights and intellectual property but are considered controversial because they may often restrict users from utilizing digital content or devices in a manner allowable by law.
 
 
 
do not track
 
 
 
A catch-all term for various technologies and browser settings designed to allow data subjects to indicate their objection to tracking by websites. Years of effort, by the W3C and other organizations, to create an official Do Not Track standard for HTTP headers has of yet led to naught.
 
 
 
 
 
encryption
 
 
 
 
 
The process of obscuring information, often through the use of a cryptographic scheme in order to make the information unreadable without special knowledge; i.e., the use of code keys. Encryption is mentioned in the General Data Protection Regulation as a potential way to mitigate risk, and certain breach notification requirements may be mitigated by the use of encryption as it reduces the risks to the rights and freedoms of data subjects should data be improperly disclosed.
 
 
 
 
 
encryption key
 
 
 
A cryptographic algorithm applied to unencrypted text to disguise its value or used to decrypt encrypted text.
 
 
 
 
 
end user license agreement (EULA)
 
 
 
A contract between the owner of the software application and the user. The user agrees to pay for the use of the software and promises to comply with certain restrictions on that use.
 
 
 
family educational rights and privacy act (FERPA)
 
  
FERPA establishes requirements regarding the privacy protection of student educational records. It applies to all academic institutions that receive funds under applicable U.S. Department of Education programs.  FERPA gives parents certain rights with respect to their children’s education records.  These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. Students to whom the rights have transferred are referred to as “eligible students.
+
==== encryption ====
 +
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information.
  
 +
==== encryption key ====
 +
A key in cryptography is a piece of information, usually a string of numbers or letters that are stored in a file, which, when processed through a cryptographic algorithm, can encode or decode cryptographic data.
  
federal communiations commission (FCC)
+
==== Family Educational Rights and Privacy Act (FERPA) ====
 +
The Family Educational Rights and Privacy Act of 1974 is a United States federal law that governs the access to educational information and records by public entities such as potential employers, publicly funded educational institutions, and foreign governments.
  
The United States agency that regulates interstate communications through radio, wire, telecommunications, satellite and cable. The Federal Communications Commission has authority that overlaps with the Federal Trade Commission in some areas of privacy law including enforcement and further regulation under the Telephone Consumer Protection Act.
+
==== Federal Communications Commission (FCC) ====
 +
An independent agency of the United States government that regulates communications by radio, television, wire, satellite, and cable across the United States. The FCC maintains jurisdiction over the areas of broadband access, fair competition, radio frequency use, media responsibility, public safety, and homeland security.
  
 +
==== Federal Trade Commission (FTC) ====
 +
The Federal Trade Commission is an independent agency of the United States government whose principal mission is the enforcement of civil U.S. antitrust law and the promotion of consumer protection. The Commission is headed by five Commissioners, each serving a seven-year term.
  
federal trade commission (FTC)
+
==== Free software ====
 +
Free software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, not price: all users are legally free to do what they want with their copies of a free software regardless of how much is paid to obtain the program.
  
The United States' primary consumer protection agency, the FTC collects complaints about companies, business practices and identity theft under the FTC Act and other laws that they enforce or administer. Importantly, the FTC brings actions under Section 5 of the FTC Act, which prohibits unfair and deceptive trade practices.
+
==== Freedom of Information Act (FOIA) ====
 +
The Freedom of Information Act, 5 U.S.C. § 552, is a federal freedom of information law that requires the full or partial disclosure of previously unreleased information and documents controlled by the United States government upon request.
  
 +
==== General Data Protection Regulation (GDPR) (EU) ====
 +
The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.
  
freedom of information act (FOIA)
+
==== geofencing ====
 
+
A geofence is a virtual perimeter for a real-world geographic area. A geo-fence could be dynamically generated—as in a radius around a point location, or a geo-fence can be a predefined set of boundaries. The use of a geofence is called geofencing, and one example of usage involves a location-aware device of a location-based service user entering or exiting a geo-fence.Wikipedia
A U.S. federal law that ensures citizen access to federal government agency records. FOIA only applies to federal executive branch documents. It does not apply to legislative or judicial records. FOIA requests will be fulfilled unless they are subject to nine specific exemptions. Most states have some state level equivalent of FOIA. The federal and most state FOIA statutes include a specific exemption for personal information so that sensitive data (such as Social Security numbers) are not disclosed.
 
 
 
 
 
general data protection regulation (GDPR) (EU)
 
 
 
The General Data Protection Regulation (GDPR) replaced the Data Protection Directive in 2018. The aim of the GDPR is to provide one set of data protection rules for all EU member states and the European Economic Area (EEA). The document comprises 173 recitals and 99 articles.
 
 
 
 
 
geofencing
 
 
 
Geofencing is the creation of virtual perimeters linked to the geographic position of a mobile device. In the BYOD context, geofencing may be used to restrict access to applications or sensitive information inside of or outside of specific locations. For example, a company may be able to restrict access to potentially risky applications on a personal device when the device is connected to the company’s network or, conversely, restrict access to company resources when the device is outside of the company’s network.
 
 
 
 
 
health insurance portability and accountability act (HIPAA)
 
  
 +
==== Health Insurance Portability and Accountability Act (HIPAA) ====
 
A U.S. law passed to create national standards for electronic healthcare transactions, among other purposes. HIPAA required the U.S. Department of Health and Human Services to promulgate regulations to protect the privacy and security of personal health information. The basic rule is that patients have to opt in before their information can be shared with other organizations—although there are important exceptions such as for treatment, payment and healthcare operations.
 
A U.S. law passed to create national standards for electronic healthcare transactions, among other purposes. HIPAA required the U.S. Department of Health and Human Services to promulgate regulations to protect the privacy and security of personal health information. The basic rule is that patients have to opt in before their information can be shared with other organizations—although there are important exceptions such as for treatment, payment and healthcare operations.
  
 
+
==== identifiers ====
identifiers
 
 
 
 
Codes or strings used to represent an individual, device or browser.
 
Codes or strings used to represent an individual, device or browser.
  
 
+
==== information security (infosec) ====
information security (infosec)
 
 
 
 
The protection of information for the purposes of preventing loss, unauthorized access and/or misuse. It is also the process of assessing threats and risks to information and the procedures and controls to preserve confidentiality, integrity and availability of information.
 
The protection of information for the purposes of preventing loss, unauthorized access and/or misuse. It is also the process of assessing threats and risks to information and the procedures and controls to preserve confidentiality, integrity and availability of information.
  
 +
==== integrity ====
 +
Integrity refers to the consistency, accuracy and trustworthiness of the data.
  
integrity
+
==== internet of things ====
 
 
Integrity refers to the consistency, accuracy and trustworthiness of the data
 
 
 
 
 
internet of things
 
 
 
 
A term used to describe the many devices that are connected to the internet. Any device that is built with a network interface can be assigned an IP address to allow for automation and remote access.
 
A term used to describe the many devices that are connected to the internet. Any device that is built with a network interface can be assigned an IP address to allow for automation and remote access.
  
 
+
==== internet protocol address (IP address) ====
internet protocol address (IP address)
 
 
 
 
A unique string of numbers that identifies a computer on the Internet or other TCP/IP network. The IP address is expressed in four groups of up to three numbers, separated by periods. For example: 123.123.23.2. An address may be "dynamic," meaning that it is assigned temporarily whenever a device logs on to a network or an Internet service provider and consequently may be different each time a device connects. Alternatively, an address may be "static," meaning that it is assigned to a particular device and does not change, but remains assigned to one computer or device.
 
A unique string of numbers that identifies a computer on the Internet or other TCP/IP network. The IP address is expressed in four groups of up to three numbers, separated by periods. For example: 123.123.23.2. An address may be "dynamic," meaning that it is assigned temporarily whenever a device logs on to a network or an Internet service provider and consequently may be different each time a device connects. Alternatively, an address may be "static," meaning that it is assigned to a particular device and does not change, but remains assigned to one computer or device.
  
 
+
==== internet service provider (ISP) ====
internet service provider (ISP)
 
 
 
 
A company that provides Internet access to homes and businesses through modem dial-up, DSL, cable modem broadband, dedicated T1/T3 lines or wireless connections.
 
A company that provides Internet access to homes and businesses through modem dial-up, DSL, cable modem broadband, dedicated T1/T3 lines or wireless connections.
  
 
+
==== location data ====
location data
 
 
 
 
Data indicating the geographical position of a device, including data relating to the latitude, longitude, or altitude of the device, the direction of travel of the user, or the time the location information was recorded.
 
Data indicating the geographical position of a device, including data relating to the latitude, longitude, or altitude of the device, the direction of travel of the user, or the time the location information was recorded.
  
 +
==== machine learning ====
 +
A subfield of, or building block for, artificial intelligence, machine learning is a problem-solving technique that trains a computer to identify new patterns. It implements various algorithms in a problem-solving process that includes data cleansing, feature selection, training, testing, and validation. Companies and government agencies increasingly deploy machine learning algorithms for tasks such as fraud detection, speech recognition, image classification and other pattern-recognition applications.
  
machine learning
+
==== metadata ====
 
 
A subfield of, or building block for, artificial intelligence (see Artificial Intelligence), machine learning is a problem-solving technique that trains a computer to identify new patterns. It implements various algorithms in a problem-solving process that includes data cleansing, feature selection, training, testing, and validation. Companies and government agencies increasingly deploy machine learning algorithms for tasks such as fraud detection, speech recognition, image classification and other pattern-recognition applications.
 
 
 
 
 
metadata
 
 
 
 
Data that describes other data. “Meta” is a prefix meaning “an underlying description” in information technology usage.
 
Data that describes other data. “Meta” is a prefix meaning “an underlying description” in information technology usage.
  
 +
==== multi-factor authentication ====
 +
An authentication process that requires more than one verification method (see Authentication), such as a password and biometric identifier, or log-in credentials and a code sent to an email address or phone number supplied by a data subject. Also known as two-factor authentication.
  
multi-factor authentication
+
==== national security letter (NSL) ====
 +
A category of subpoena, often with an attached gag order. The USA PATRIOT Act expanded the use of national security letters. Separate and sometimes differing statutory provisions now govern access, without a court order, to communication providers, financial institutions, consumer credit agencies and travel agencies.
  
An authentication process that requires more than one verification method (see Authentication), such as a password and biometric identifier, or log-in credentials and a code sent to an email address or phone number supplied by a data subject.
+
==== natural language processing (NLP) ====
 +
Natural language processing is a subfield of linguistics, computer science, and artificial intelligence concerned with the interactions between computers and human language, in particular how to program computers to process and analyze large amounts of natural language data. The result is a computer capable of "understanding" the contents of documents, including the contextual nuances of the language within them.
  
 +
==== open source vs closed source ====
 +
Easily viewed, shared and modified software is considered open-source. Closed-source software must by fixed and updated by the vendor. Open source and free software are often used interchangeably.
  
national institute of standards and technology (NIST)
+
==== opt-in ====
 
 
 
 
NIST is an agency within the Department of Commerce.  NIST has the lead responsibility for the development and issuance of security standards and guidelines for the federal government, contractors, and the United States critical information infrastructure.
 
 
 
The NIST has published a series of publications in support of its risk management framework (RMF).  The RMF is a multi-tiered and structured methodology for creating a unified information security framework for the federal government in order to meet the vast array of requirements set forth in FISMA.
 
 
 
 
 
national security letter (NSL)
 
 
 
A category of subpoena. The USA PATRIOT Act expanded the use of national security letters. Separate and sometimes differing statutory provisions now govern access, without a court order, to communication providers, financial institutions, consumer credit agencies and travel agencies.
 
 
 
 
 
natural language processing (NLP)
 
 
 
Utilizes machine reading comprehension through algorithms to identify and extract natural language that the computer can understand.
 
 
 
open source vs closed source
 
 
 
Easily viewed, shared and modified software is considered open-source. Closed-source software must by fixed and updated by the vendor.
 
 
 
opt-in  
 
 
 
 
One of two central concepts of choice. It means an individual makes an active affirmative indication of choice; i.e., checking a box signaling a desire to share his or her information with third parties.
 
One of two central concepts of choice. It means an individual makes an active affirmative indication of choice; i.e., checking a box signaling a desire to share his or her information with third parties.
  
opt - out  
+
==== opt-out ====
 
 
 
One of two central concepts of choice. It means an individual’s lack of action implies that a choice has been made; i.e., unless an individual checks or unchecks a box, their information will be shared with third parties.
 
One of two central concepts of choice. It means an individual’s lack of action implies that a choice has been made; i.e., unless an individual checks or unchecks a box, their information will be shared with third parties.
  
personally identifiable information (PII)
+
==== personally identifiable information (PII) ====
 
+
Any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records; and any other information that is linkable to an individual, such as medical, educational, financial, and employment information.
Any information about an individual, including any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records; and any other information that is linkable to an individual, such as medical, educational, financial, and employment information.
 
 
 
phishing
 
 
 
 
 
E-mails or other communications that are designed to trick a user into believing that he or she should provide a password, account number or other information. The user then typically provides that information to a website controlled by the attacker. “Spear phishing” is a phishing attack that is tailored to the individual user, such as when an e-mail appears to be from the user’s boss, instructing the user to provide information.
 
 
 
 
 
privacy
 
 
 
 
 
A nebulous philosophical, legal, social and technological concept which means different things to different observers. In an influential 1890 Harvard Law Review article, Samuel Warren and Louis Brandeis, who later became a Supreme Court Justice, famously defined privacy as “a right to be let alone.” Common areas of privacy that are of particular interest with regard to data protection and privacy laws include information privacy, bodily privacy, territorial privacy, and communications privacy.
 
 
 
 
 
privacy by design
 
 
 
  
Generally regarded as a synonym for Data Protection by Design (see Data Protection by Design). However, Privacy by Design as a specific term was first outlined in a framework in the mid-1990s by then-Information and Privacy Commissioner of Ontario, Canada, Ann Cavoukian, with seven foundational principles.
+
==== phishing ====
 +
Emails or other communications that are designed to trick a user into believing that he or she should provide a password, account number or other information. The user then typically provides that information to a website controlled by the attacker. “Spear phishing” is a phishing attack that is tailored to the individual user, such as when an e-mail appears to be from the user’s boss, instructing the user to provide information.
  
privacy policy
+
==== privacy ====
 +
Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. When something is private to a person, it usually means that something is inherently special or sensitive to them.
  
 +
==== privacy by design ====
 +
Privacy by design is an idea in systems engineering and information technology. In privacy by design, the engineers build the system so that it keeps information private starting at the beginning instead of building the system and then adding privacy protection later. In privacy by design, the designers treat privacy protection as just as important as other parts of the design.
  
 +
==== privacy policy ====
 
An internal statement that governs an organization or entity’s handling of personal information. It is directed at those members of the organization who might handle or make decisions regarding the personal information, instructing them on the collection, use, storage and destruction of the data, as well as any specific rights the data subjects may have. May also be referred to as a data protection policy.
 
An internal statement that governs an organization or entity’s handling of personal information. It is directed at those members of the organization who might handle or make decisions regarding the personal information, instructing them on the collection, use, storage and destruction of the data, as well as any specific rights the data subjects may have. May also be referred to as a data protection policy.
  
pseudonymization  
+
==== pseudonymization ====
 
 
 
The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
 
The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
  
public key infrastructure (PKI)
+
==== public key infrastructure (PKI) ====
 
 
 
A system of digital certificates, authorities and other registration entities that verifies the authenticity of each party involved in an electronic transaction through the use of cryptography.
 
A system of digital certificates, authorities and other registration entities that verifies the authenticity of each party involved in an electronic transaction through the use of cryptography.
  
re-identification  
+
==== re-identification ====
 
+
The action of reattaching identifying characteristics to pseudonymized or de-identified data.
The action of reattaching identifying characteristics to pseudonymized or de-identified data (see De-identification and Pseudonymization). Often invoked as a “risk of re-identification” or “re-identification risk,” which refers to nullifying the de-identification actions previously applied to data (see De-identification).
 
 
 
 
 
right to be forgotten
 
 
 
  
 +
==== right to be forgotten ====
 
An individual’s right to have their personal data deleted by a business or other organization possessing or controlling that data.
 
An individual’s right to have their personal data deleted by a business or other organization possessing or controlling that data.
  
social engineering
+
==== social engineering ====
 
 
 
A general term for how attackers can try to persuade a user to provide information or create some other sort of security vulnerability.
 
A general term for how attackers can try to persuade a user to provide information or create some other sort of security vulnerability.
  
subpoena
+
==== subpoena ====
 
 
 
A written court order issued in an administrative, civil or criminal action that requires the person named in the subpoena to appear in court in order to testify under oath on a particular matter which is the subject of an investigation, proceeding or lawsuit. A subpoena may also require the production of a paper, document or other object relevant to an investigation, proceeding or lawsuit that discloses personal information.
 
A written court order issued in an administrative, civil or criminal action that requires the person named in the subpoena to appear in court in order to testify under oath on a particular matter which is the subject of an investigation, proceeding or lawsuit. A subpoena may also require the production of a paper, document or other object relevant to an investigation, proceeding or lawsuit that discloses personal information.
  
terms of service
+
==== terms of service ====
 
 
 
The set of rules which govern the use of a service and must be agreed to, either implicitly through the use of that service or explicitly, in order to make use of that service.
 
The set of rules which govern the use of a service and must be agreed to, either implicitly through the use of that service or explicitly, in order to make use of that service.
  
two-factor authentication
+
==== transport layer security (TLS) ====
 
 
transport layer security (TLS)
 
 
 
 
A protocol that ensures privacy between client-server applications and Internet users of the applications. When a server and client communicate, TLS secures the connection to ensure that no third party can eavesdrop on or corrupt the message. TLS is a successor to SSL.
 
A protocol that ensures privacy between client-server applications and Internet users of the applications. When a server and client communicate, TLS secures the connection to ensure that no third party can eavesdrop on or corrupt the message. TLS is a successor to SSL.
  
virtual private network (VPN)
+
==== virtual private network (VPN) ====
  
 
A network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users an access to a central organizational network. VPNs typically require remote users of the network to be authenticated and often secure data with encryption technologies to prevent disclosure of private information to unauthorized parties.
 
A network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users an access to a central organizational network. VPNs typically require remote users of the network to be authenticated and often secure data with encryption technologies to prevent disclosure of private information to unauthorized parties.
  
warrant  
+
==== warrant ====
 +
A warrant is generally an order that serves as a specific type of authorization, that is, a writ issued by a competent officer, usually a judge or magistrate, that permits an otherwise illegal act that would violate individual rights and affords the person executing the writ protection from damages if the act is performed.
  
web beacon
+
A warrant is usually issued by a court and is directed to a sheriff, a constable, or a police officer. Warrants normally issued by a court include search warrants, arrest warrants, and execution warrants.
  
Also known as a web bug, pixel tag or clear GIF, a web beacon is a clear graphic image (typically one pixel in size) that is delivered through a web browser or HTML e-mail. The web beacon operates as a tag that records an end user’s visit to a particular web page or viewing of a particular e-mail. It is also often used in conjunction with a web cookie and provided as part of a third-party tracking service. Web beacons provide an ability to produce specific profiles of user behavior in combination with web server logs. Common usage scenarios for web beacons include online ad impression counting, file download monitoring, and ad campaign performance management. Web beacons also can report to the sender about which e-mails are read by recipients. Privacy considerations for web beacons are similar to those for cookies. Some sort of notice is important because the clear pixel of a web beacon is quite literally invisible to the end user.
+
==== web beacon ====
 +
Also known as a web bug, pixel tag or clear GIF, a web beacon is a technique used on web pages and email to unobtrusively (usually invisibly) allow checking that a user has accessed some content.[1] Web beacons are typically used by third parties to monitor the activity of users at a website for the purpose of web analytics or page tagging. They can also be used for email tracking. When implemented using JavaScript, they may be called JavaScript tags.

Latest revision as of 19:44, 14 May 2021

Contents

Privacy glossary[edit]

Most definitions taken from Wikipedia.

ad exchange[edit]

An ad exchange is a technology platform that facilitates the buying and selling of media advertising inventory from multiple ad networks. Prices for the inventory are determined through real-time bidding. The approach is technology-driven as opposed to the historical approach of negotiating price on media inventory. This represents a field beyond ad networks as defined by the Interactive Advertising Bureau, and by advertising trade publications.

ad network[edit]

An online advertising network or ad network is a company that connects advertisers to websites that want to host advertisements. The key function of an ad network is an aggregation of ad supply from publishers and matching it with advertiser's demand.

algorithm[edit]

In mathematics and computer science, an algorithm is a finite sequence of well-defined, computer-implementable instructions, typically to solve a class of problems or to perform a computation. Algorithms are always unambiguous and are used as specifications for performing calculations, data processing, automated reasoning, and other tasks

artificial intelligence[edit]

Artificial intelligence is intelligence demonstrated by machines, unlike the natural intelligence displayed by humans and animals, which involves consciousness and emotionality. The distinction between the former and the latter categories is often revealed by the acronym chosen.

authentication[edit]

The process by which an entity (such as a person or computer system) determines whether another entity is who it claims to be.

behavioral advertising[edit]

Behavioral targeting comprises a range of technologies and techniques used by online website brands, publishers and advertisers aimed at increasing the effectiveness of marketing and advertising using user web-browsing behavior information.

big data[edit]

Big data is a field that treats ways to analyze, systematically extract information from, or otherwise deal with data sets that are too large or complex to be dealt with by traditional data-processing application software. Data with many fields offer greater statistical power, while data with higher complexity may lead to a higher false discovery rate.

biometrics[edit]

Biometrics are body measurements and calculations related to human characteristics. Biometrics authentication is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance.

CCTV[edit]

Originally an acronym for "closed circuit television," CCTV has come to be shorthand for any video surveillance system. Originally, such systems relied on coaxial cable and was truly only accessible on premise. Today, most surveillance systems are hosted via TCP/IP networks and can be accessed remotely, and the footage much more easily shared, eliciting new and different privacy concerns.

chat bot[edit]

Computerized intelligence that simulates human interactions and may be used to handle basic customer requests and interactions.

cloud computing[edit]

Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet.

confidentiality[edit]

Data is "confidential" if it is protected against unauthorized or unlawful processing.

consent[edit]

This privacy requirement is one of the fair information practices. Individuals must be able to prevent the collection of their personal data, unless the disclosure is required by law. If an individual has choice about the use or disclosure of his or her information, consent is the individual's way of giving permission for the use or disclosure. Consent may be affirmative; i.e., opt-in; or implied; i.e., the individual didn’t opt out.

(1) affirmative/explicit consent: A requirement that an individual "signifies" his or her agreement with a data controller by some active communication between the parties.

(2) implicit consent: Implied consent arises where consent may reasonably be inferred from the action or inaction of the individual.

consent decree[edit]

A judgment entered by consent of the parties. Typically, the defendant agrees to stop alleged illegal activity and pay a fine, without admitting guilt or wrongdoing. This legal document is approved by a judge and formalizes an agreement reached between a U.S. federal or state agency and an adverse party. This is often applicable to tech companies.

content delivery network (CDN)[edit]

A content delivery network, or content distribution network, is a geographically distributed network of proxy servers and their data centers. The goal is to provide high availability and performance by distributing the service spatially relative to end users.

cookie[edit]

A small text file stored on a client machine that may later be retrieved by a web server from the machine. Cookies allow web servers to keep track of the end user’s browser activities, and connect individual web requests into a session. Cookies can also be used to prevent users from having to be authorized for every password protected page they access during a session by recording that they have successfully supplied their username and password already. Cookies may be referred to as "first-party" (if they are placed by the website that is visited) or "third-party" (if they are placed by a party other than the visited website). Additionally, they may be referred to as "session cookies" if they are deleted when a session ends, or "persistent cookies" if they remain longer.

dark patterns[edit]

A dark pattern is "a user interface that has been carefully crafted to trick users into doing things, such as buying insurance with their purchase or signing up for recurring bills." The neologism, dark pattern, was coined by Harry Brignull on July 28, 2010 with the registration of darkpatterns.org, a "pattern library with the specific goal of naming and shaming deceptive user interfaces." Another more broad definition of a dark pattern is an instance where "user value is supplanted in favor of shareholder value."

data aggregation[edit]

Taking Individual data sets and combining them to statistically analyze data trends while protecting individual privacy by using groups of individuals with similar characteristics rather than isolating one individual at a time. To effectively aggregate data so that it cannot be re-identified (or at least make it difficult to do so) the data set should: (1) have a large population of individuals, (2) Categorized to create broad sets of individuals, and; (3) not include data that would be unique to a single individual in a data set.

data breach[edit]

The unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by a data collector. Breaches do not include good faith acquisitions of personal information by an employee or agent of the data collector for a legitimate purpose of the data collector—provided the personal information is not used for a purpose unrelated to the data collector's business or subject to further unauthorized disclosure.

data brokers[edit]

Entities that collect, aggregate and sell individuals’ personal data, derivatives and inferences from disparate public or private sources.


data centers[edit]

Facilities that store, manage and disseminate data and house a network’s most critical systems. Data centers can serve either as a centralized facility for a single organization’s data management functions or as a third-party provider for organization’s data management needs.


data minimization principle[edit]

The idea that one should only collect and retain that personal data which is necessary.

de-identification[edit]

An action that one takes to remove identifying characteristics from data.

deep learning[edit]

A subset of artificial intelligence and machine learning. It learns by performing a tasks repeatedly and adding layers of data to improve the outcome.

digital rights management (DRM)[edit]

Digital rights management tools or technological protection measures are a set of access control technologies for restricting the use of proprietary hardware and copyrighted works. DRM technologies try to control the use, modification, and distribution of copyrighted works, as well as systems within devices that enforce these policies.

Do Not Track[edit]

Do Not Track was a proposed HTTP header field, designed to allow internet users to opt-out of tracking by websites—which includes the collection of data regarding a user's activity across multiple distinct contexts, and the retention, use, or sharing of data derived from that activity outside the context in which it occurred.

encryption[edit]

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information.

encryption key[edit]

A key in cryptography is a piece of information, usually a string of numbers or letters that are stored in a file, which, when processed through a cryptographic algorithm, can encode or decode cryptographic data.

Family Educational Rights and Privacy Act (FERPA)[edit]

The Family Educational Rights and Privacy Act of 1974 is a United States federal law that governs the access to educational information and records by public entities such as potential employers, publicly funded educational institutions, and foreign governments.

Federal Communications Commission (FCC)[edit]

An independent agency of the United States government that regulates communications by radio, television, wire, satellite, and cable across the United States. The FCC maintains jurisdiction over the areas of broadband access, fair competition, radio frequency use, media responsibility, public safety, and homeland security.

Federal Trade Commission (FTC)[edit]

The Federal Trade Commission is an independent agency of the United States government whose principal mission is the enforcement of civil U.S. antitrust law and the promotion of consumer protection. The Commission is headed by five Commissioners, each serving a seven-year term.

Free software[edit]

Free software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, not price: all users are legally free to do what they want with their copies of a free software regardless of how much is paid to obtain the program.

Freedom of Information Act (FOIA)[edit]

The Freedom of Information Act, 5 U.S.C. § 552, is a federal freedom of information law that requires the full or partial disclosure of previously unreleased information and documents controlled by the United States government upon request.

General Data Protection Regulation (GDPR) (EU)[edit]

The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.

geofencing[edit]

A geofence is a virtual perimeter for a real-world geographic area. A geo-fence could be dynamically generated—as in a radius around a point location, or a geo-fence can be a predefined set of boundaries. The use of a geofence is called geofencing, and one example of usage involves a location-aware device of a location-based service user entering or exiting a geo-fence.Wikipedia

Health Insurance Portability and Accountability Act (HIPAA)[edit]

A U.S. law passed to create national standards for electronic healthcare transactions, among other purposes. HIPAA required the U.S. Department of Health and Human Services to promulgate regulations to protect the privacy and security of personal health information. The basic rule is that patients have to opt in before their information can be shared with other organizations—although there are important exceptions such as for treatment, payment and healthcare operations.

identifiers[edit]

Codes or strings used to represent an individual, device or browser.

information security (infosec)[edit]

The protection of information for the purposes of preventing loss, unauthorized access and/or misuse. It is also the process of assessing threats and risks to information and the procedures and controls to preserve confidentiality, integrity and availability of information.

integrity[edit]

Integrity refers to the consistency, accuracy and trustworthiness of the data.

internet of things[edit]

A term used to describe the many devices that are connected to the internet. Any device that is built with a network interface can be assigned an IP address to allow for automation and remote access.

internet protocol address (IP address)[edit]

A unique string of numbers that identifies a computer on the Internet or other TCP/IP network. The IP address is expressed in four groups of up to three numbers, separated by periods. For example: 123.123.23.2. An address may be "dynamic," meaning that it is assigned temporarily whenever a device logs on to a network or an Internet service provider and consequently may be different each time a device connects. Alternatively, an address may be "static," meaning that it is assigned to a particular device and does not change, but remains assigned to one computer or device.

internet service provider (ISP)[edit]

A company that provides Internet access to homes and businesses through modem dial-up, DSL, cable modem broadband, dedicated T1/T3 lines or wireless connections.

location data[edit]

Data indicating the geographical position of a device, including data relating to the latitude, longitude, or altitude of the device, the direction of travel of the user, or the time the location information was recorded.

machine learning[edit]

A subfield of, or building block for, artificial intelligence, machine learning is a problem-solving technique that trains a computer to identify new patterns. It implements various algorithms in a problem-solving process that includes data cleansing, feature selection, training, testing, and validation. Companies and government agencies increasingly deploy machine learning algorithms for tasks such as fraud detection, speech recognition, image classification and other pattern-recognition applications.

metadata[edit]

Data that describes other data. “Meta” is a prefix meaning “an underlying description” in information technology usage.

multi-factor authentication[edit]

An authentication process that requires more than one verification method (see Authentication), such as a password and biometric identifier, or log-in credentials and a code sent to an email address or phone number supplied by a data subject. Also known as two-factor authentication.

national security letter (NSL)[edit]

A category of subpoena, often with an attached gag order. The USA PATRIOT Act expanded the use of national security letters. Separate and sometimes differing statutory provisions now govern access, without a court order, to communication providers, financial institutions, consumer credit agencies and travel agencies.

natural language processing (NLP)[edit]

Natural language processing is a subfield of linguistics, computer science, and artificial intelligence concerned with the interactions between computers and human language, in particular how to program computers to process and analyze large amounts of natural language data. The result is a computer capable of "understanding" the contents of documents, including the contextual nuances of the language within them.

open source vs closed source[edit]

Easily viewed, shared and modified software is considered open-source. Closed-source software must by fixed and updated by the vendor. Open source and free software are often used interchangeably.

opt-in[edit]

One of two central concepts of choice. It means an individual makes an active affirmative indication of choice; i.e., checking a box signaling a desire to share his or her information with third parties.

opt-out[edit]

One of two central concepts of choice. It means an individual’s lack of action implies that a choice has been made; i.e., unless an individual checks or unchecks a box, their information will be shared with third parties.

personally identifiable information (PII)[edit]

Any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records; and any other information that is linkable to an individual, such as medical, educational, financial, and employment information.

phishing[edit]

Emails or other communications that are designed to trick a user into believing that he or she should provide a password, account number or other information. The user then typically provides that information to a website controlled by the attacker. “Spear phishing” is a phishing attack that is tailored to the individual user, such as when an e-mail appears to be from the user’s boss, instructing the user to provide information.

privacy[edit]

Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. When something is private to a person, it usually means that something is inherently special or sensitive to them.

privacy by design[edit]

Privacy by design is an idea in systems engineering and information technology. In privacy by design, the engineers build the system so that it keeps information private starting at the beginning instead of building the system and then adding privacy protection later. In privacy by design, the designers treat privacy protection as just as important as other parts of the design.

privacy policy[edit]

An internal statement that governs an organization or entity’s handling of personal information. It is directed at those members of the organization who might handle or make decisions regarding the personal information, instructing them on the collection, use, storage and destruction of the data, as well as any specific rights the data subjects may have. May also be referred to as a data protection policy.

pseudonymization[edit]

The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

public key infrastructure (PKI)[edit]

A system of digital certificates, authorities and other registration entities that verifies the authenticity of each party involved in an electronic transaction through the use of cryptography.

re-identification[edit]

The action of reattaching identifying characteristics to pseudonymized or de-identified data.

right to be forgotten[edit]

An individual’s right to have their personal data deleted by a business or other organization possessing or controlling that data.

social engineering[edit]

A general term for how attackers can try to persuade a user to provide information or create some other sort of security vulnerability.

subpoena[edit]

A written court order issued in an administrative, civil or criminal action that requires the person named in the subpoena to appear in court in order to testify under oath on a particular matter which is the subject of an investigation, proceeding or lawsuit. A subpoena may also require the production of a paper, document or other object relevant to an investigation, proceeding or lawsuit that discloses personal information.

terms of service[edit]

The set of rules which govern the use of a service and must be agreed to, either implicitly through the use of that service or explicitly, in order to make use of that service.

transport layer security (TLS)[edit]

A protocol that ensures privacy between client-server applications and Internet users of the applications. When a server and client communicate, TLS secures the connection to ensure that no third party can eavesdrop on or corrupt the message. TLS is a successor to SSL.

virtual private network (VPN)[edit]

A network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users an access to a central organizational network. VPNs typically require remote users of the network to be authenticated and often secure data with encryption technologies to prevent disclosure of private information to unauthorized parties.

warrant[edit]

A warrant is generally an order that serves as a specific type of authorization, that is, a writ issued by a competent officer, usually a judge or magistrate, that permits an otherwise illegal act that would violate individual rights and affords the person executing the writ protection from damages if the act is performed.

A warrant is usually issued by a court and is directed to a sheriff, a constable, or a police officer. Warrants normally issued by a court include search warrants, arrest warrants, and execution warrants.

web beacon[edit]

Also known as a web bug, pixel tag or clear GIF, a web beacon is a technique used on web pages and email to unobtrusively (usually invisibly) allow checking that a user has accessed some content.[1] Web beacons are typically used by third parties to monitor the activity of users at a website for the purpose of web analytics or page tagging. They can also be used for email tracking. When implemented using JavaScript, they may be called JavaScript tags.