A Glossary of Privacy Terminology

Share this article

When it comes to digital privacy, knowledge is power

Data privacy can be a confusing space, compounded by a large amount of tech-speak. To protect yourself, you need to know the basics. Here’s a straightforward, easy-to-understand glossary of privacy terminology without the jargon to help you make the right privacy choices for yourself.

2FA (Two-Factor Identification)

2FA is a second security layer to log into an account, usually in addition to entering a password. The most common 2FA is a numerical code sent via text message to your phone. Enter the code when asked, and you’re in. Other types of 2FA include security keys and authentication apps.

Ad Blocker

An ad blocker is a browser extension or plug- in that you can download to stop digital ads from appearing on a website and your online activities from being tracked.


An add-on is a software application you can download from a third-party that provides extra features.


Beacons are tiny objects (often too small to be seen by the human eye) that are inserted into a web page or email. Beacons can register when a page is visited or an email is opened. This is how email tracking software works and is also one way that advertisers use to count ad displays.

Behavioral Targeting

Behavioral advertising puts consumers into segments based on their past activities. This is made possible by the creation of individual profiles, which is made possible because of the large amounts of personal data now available to marketers and advertisers (and pretty much anyone else who wants it).

Big Data

Big data is large amounts of data. It also refers to the analysis and use or application of that data.

Browser Fingerprint

A browser fingerprint is an identifier/tracking technique that is based on your browser settings and use. Browser fingerprinting is a very accurate way to identify an individual user.

Cross-Device Tracking

Cross-device tracking involves following a user from one device to another, like from a laptop to a smartphone. The simplest way is when a user is logged into a site on more than one device. But there are also more complex ways of cross-device tracking. Some use algorithms to predict whether a user on two different devices is actually the same person.


Data is your digital information. Personal data is digital information about an individual.

Data Breach

When sensitive and/or confidential information is released, this is a data breach.

Data Broker

A data broker is a company that gathers, analyzes, and sells data. This is, for the most part, an unregulated industry in the United States.

Data Mining

Data mining involves the analysis and sorting of large amounts of data to make it useful. Some of those uses include advertising, fraud detection, and business intelligence.

Do Not Track (DNT)

DNT is an option that browsers offer requesting that websites do not track online use/ behavior. But it’s up to a site whether or not to honor the DNT request. Hint: Many do not.

Data Anonymization

Data anonymization involves removing recognizable information from personal data so that it cannot be traced back to the user. However, this is not a foolproof method.

Data Portability

Data portability is the ability to move personal data from one site to another.

Data Transparency

Data transparency is the practice of letting individuals know how their personal data is collected, stored, protected, and used.


Encryption is a way of delivering private information, like an email. It works by mixing up the data so it’s unreadable while it’s on its way to the intended destination. And then re- ordering it once delivered.

General Data Protection Regulation (GDPR)

GDPR is a set of privacy rules from the European Union that went into effect in May 2018. GDPR governs how personal data of EU-member country citizens is collected and used. The basic principles are clear communication to consumers around how, why, and where data is collected and stored, consent to collect and use their personal data, and also have access to that data and the ability move it to another company (portability), and the erasure of data if requested. Companies that don’t follow GDPR can be hit with fines of €20 million or 4% of annual worldwide turnover, whichever is the larger amount.

Incognito Mode

Incognito mode is a browser setting that lets you browse privately by deleting history, site data, cookies, and data.

IP (Internet Protocol) Address

Your IP address is the digital equivalent of a physical address. It is also how your digital information is delivered to a device via an ISP (internet service provider).

Location Tracking

Location tracking is a way of finding out where a person or object is located. It works by using GPS, GIS (Geographic Information Systems), wireless networks, and RFID (Radio Frequency ID). A smartphone with location services turned on can be tracked. This, for example, means your Uber driver can find you, but it also means a retailer can follow you through a store. Some of those uses include advertising, fraud detection, and business intelligence.

HyperText Transfer Protocol Secure (HTTPS)

HTTPS is a secure method for sending information around the web.


Short for malicious software, malware covers a range of techniques including worms, viruses, and trojans. The only purpose of this software is to cause damage to and/or gain control of a computer, network, or server.


Data about data, metadata describes the attributes of data — e.g. not the content of a message, but when it was sent, from what device, from where, etc.

MFA (Multi-Factor Authentication)

MFA is like 2FA but involves using two or more types of security to access a site. For example, using a password, a code, and a security question to log in.

Password Manager

A password manager is a service you can use to create and manage passwords. You only need a single master password to log in to the manager itself.

Privacy by Design

Privacy by Design is the philosophy developed by privacy expert Dr. Ann Cavoukian in the 1990s. The basic idea is that privacy, lifelong data encryption and security, and user privacy must be the foundations for any company using personal data.

Targeted/Personalized Advertising

Targeted or personalized advertising uses personal data to identify consumers who
are likely to engage with a brand. The data is gathered from online and offline activity, purchases, and demographic details, like age, gender, address, and education. Then advertising is shown that is relevant to a person’s interests and wants. The goal is to get you to buy something or do something.


Trackers are data from visited websites that are stored in a browser. The most common are cookies, but there are also web beacons that use tiny pixel images and some newer methods.

Third-Party Trackers

A third-party tracker comes from somewhere other than the actual website you visit. This is often cookies that are stored in a browser. Those trackers can send information back to the third party. Advertisers and analytics companies are both examples of third parties.

Virtual Credit Cards (VCC)

A VCC number looks like a conventional credit card number, but it expires after a single use. VCCs were created to make online shopping safe. But because the VCC expires, refunds and chargebacks are a challenge because there’s no number to accept the money.

VPN (Virtual Private Network)

A VPN is a service that masks a computer’s location by sending communications around a network, which makes it difficult to tell where that computer is located and identify it.

Zero Knowledge

Also known as No Knowledge, Zero Knowledge is when a service doesn’t have access to users’ data. This means that data can’t be released or copied.

The more you know

The more you know, the more power you have. To make your own privacy choices, knowing the basics of digital privacy terminology is essential. Only then can you be an informed digital citizen and really take control of your digital present and future.

Using a service that recognizes privacy as a right is a good step toward safeguarding your digital privacy — and your personal choice.

FigLeaf does the heavy lifting for you but you always stay in control.

Find "A Glossary of Privacy Terminology" PDF version here.

Author: FigLeaf Team