Cybersecurity: It’s an issue consumers, business owners, and marketers need to be on high-alert about — more so than ever before. It doesn’t help that the lexicon of internet privacy terms continues to grow as new hacks are created in the ongoing war between web users and the organizations that want their data.
We know it can be hard to keep up with all the acronyms and technical lingo involved in that tug of war — so here’s a guide to some of the most important privacy terms you need to know in order to stay on top of the most recent advances in online security and data collection:
Browser Plug-ins
A piece of software designed for content that a typical browser cannot manage. Insecure browser plug-ins can be used by hackers to access private information.
Brute-force Attack
A technique used by hackers to generate thousands of password guesses with the help of automated software programs — all in an effort to unlock a user’s account.
California's Online Privacy Protection Act (CalOPPA)
A law passed in 2016 by the California state legislature requiring commercial sites and mobile apps to post a privacy policy if they wish to collect personal information from users, along with other regulations. This policy must identify the categories of data being collected, and third parties with which this data is to be shared.
California Consumer Privacy Act (CCPA)
Building on the CalOPPA, the CCPA was passed in 2018 and introduced a number of new privacy regulations regarding consumer data collection. With its passage, companies must now inform California consumers that their data is being collected at or before the point of collection. The CCPA also allows users to deny companies the right to sell their information to third parties and gives them the option to delete it altogether.
Cookies
One of the most important privacy terms, cookies are data packets generated by the websites a user visits within a browser or mobile app. Cookies track data like passwords, log-in information, and other personal information that could be considered sensitive.
Cross-device Tracking
The methods in which data is collected for a single user across multiple devices, i.e., tracking the spending behavior of a single consumer on both their desktop and mobile devices.
Do Not Track (DNT) Setting
A feature offered by many browsers that sends an automated header to websites to request data not be collected for a user. Individual websites can decide if they want to respect this request.
Eavesdropping
A hacking method that utilizes “sniffing” software to collect data sent over a network. Often used in public connections, eavesdropping attempts can steal log-in credentials and sensitive information like credit card numbers.
Encryption
This common privacy term describes the process of encoding information that can only then be decoded with a specific key. This is often done automatically by personal and private networks using modern routers.
Evercookies
A type of program that automatically replicates cookies that were intentionally deleted by users, effectively embedding chosen cookies to a device indefinitely.
Fingerprinting
Sometimes referred to as device fingerprinting or machine fingerprinting, this concept refers to the sum total of all software and hardware settings collected from a desktop or mobile device. Information like fonts used and clock settings create a unique user profile to be paired with cookies and other tracking functions.
Firewall
One of the oldest and most well-known privacy terms, firewalls are network security programs that analyze all incoming and outgoing traffic in a given network and stop any data from passing through that doesn’t match a predetermined security policy set by the network administrator.
First-Party Cookies
Cookies embedded by the publisher of a website to track information useful to the user experience on that site.
Flash Cookies
Also known as a local shared object, flash cookies function similarly to normal cookies except they are harder to block using browser plug-ins or software. Flash cookies take their name from the Adobe Flash Player software that stores this data.
GDPR (General Data Protection Regulation)
A set of laws passed in the EU in 2016 designed to give consumers more control over data-sharing. A noticeable effect of the passing of the GDPR was the introduction of cookie opt-in messages when visiting compliant websites.
Google Advertising ID
Software on Android mobile devices that provides ad networks with the ability to track users in lieu of traditional browser-based tracking.
HTTP Cookie
The most basic form of cookie and a catchall term for cookies that track relatively benign information that helps automate site accessibility for users. HTTP cookie functions include automatically storing passwords and logging unsaved activity when a session has ended.
Identifiers for Advertisers (IDFA)
Software used to provide advertisers with user data on Apple devices. With the iOS 14 update in 2021, Apple gave users the option to stop sharing their IDFA with advertisers, potentially limiting its effectiveness and future usage by marketers.
IP address
The Internet Protocol address or IP address of a device is a privacy term that describes the unique numerical identifier that is sent to the network host. Users attempting to avoid detection may mask their IP address.
JavaScript
A programming language used in many web applications including those that track and store cookies.
Malware
A privacy term signifying any software designed for malicious purposes such as phishing software, viruses, and spyware.
Man-in-the-Middle Attack
A type of hack that intercepts data traveling from the user to their wireless router. The hacker is the “man-in-the-middle” in these cases.
Permissions
A common privacy term indicating the set of features that a user allows an app to access on a device, such as photos or contacts.
Persistent Cookies
Cookies designed to remain on a device for an extended period of time, sometimes years. These cookies are resistant to deletion and are utilized to track the sum total of a user’s activity within a predetermined scope.
Personal information
Information that is distinct from sensitive information in that it does not necessarily include data that could be used to immediately harm a user, examples include name, phone number, and email address.
Pharming
The act of stealing information from a user, sometimes through a fake website or application, without their knowledge.
Phishing
A method of hacking in which a user is convinced to hand over sensitive information to a hacker disguised as a reputable contact, such as a bank or a coworker.
Privacy Policies
The summary of all policies and privacy terms relating to an organization’s collection of user data, typically a website or app will ask a user to opt-in to their privacy policy before the software or other service can be used.
Private Browsing
A setting on many major browsers that allows a user to access the internet without collecting tracking data regarding their activity. However, many private browsing settings are not always 100 percent effective and cannot remove all traces of a user when in effect.
The Right to Be Forgotten
A somewhat controversial privacy term that says an individual has the right to request that information they have accumulated — either through tracking or communications channels like social media — be deleted and “forgotten.” Opponents of the right to be forgotten suggest that this amounts to a kind of censorship.
Secure Surfing/SSL
SSL or Secure Sockets Layer certificates indicate a website or service that encrypts private data like log-in credentials. Users should be wary of sending sensitive information to any website that does not have an SSL certificate.
Sensitive information
Private information that could be used maliciously in the wrong hands, includes credit card information, social security numbers, and proprietary company data.
Session Cookies
One of the most temporary types of cookies, session cookies temporarily track data gathered from a single online session and are deleted after the browser is closed. Session cookies are most often used to track data like items placed in an online checkout cart.
Default Network Name (SSID)
A Service Set Identifier or SSID is the name given to an individual network. Most home routers ship with a premade SSID and can be customized further once in the hands of the end-user.
Third-Party Cookies
Cookies embedded in a website that transfer data about a user to an organization outside the scope of the original website publisher, contributing to marketing tools like personalized ads. Third-party cookies have been one of the primary tools used by advertisers to collect user data but now risk irrelevance as tech giants like Apple and Google design software that restricts their usage.
Virtual Private Network (VPN)
A type of network tool that users can install to protect their privacy and personal data. VPNs establish a personal network within a larger public network and mask the activity therein, essentially creating a “virtual” space solely for its user.
Web Cache
The area in which online information like documents, webpages, and multimedia is stored temporarily on a device to reduce server lag. This information can then be accessed from the cache instead of requiring another contact with the network.
WPA2 (Wi-Fi Protected Access version 2)
The method of encryption used by the majority of wireless networks. WPA2 replaced the original WPA in the 2000s and is currently in the process of being overtaken by the newer WPA3.
Zombie Cookies
An HTTP cookie that can regenerate itself after deletion. Zombie cookies install backups of their data into a user’s web cache, typically without their permission.
Staying Up to Date on the Latest Privacy Terms
Whether it’s retargeting consumers that have reached your website or simply working to better understand public sentiment regarding the collection of online data, marketers should always work to stay in the know when it comes to online privacy terms.
Check out AdRoll’s glossary pages for more information on marketing terms you should know.
Last updated on June 5th, 2024.