● Category
Privacy & Data Protection
32 entries
- privacy№ 818
Personally Identifiable Information (PII)
Any data that can identify a specific individual on its own or when combined with other information, such as names, identifiers, or biometric records.
- privacy№ 278
Data Loss Prevention (DLP)
A set of technologies and policies that detect and block unauthorized exfiltration of sensitive data across endpoints, networks, email, and cloud services.
- privacy№ 276
Data Classification
The process of labeling data by sensitivity and value so that the right protection, handling, and retention controls can be applied consistently.
- privacy№ 280
Data Minimization
A privacy principle requiring organizations to collect, process, and retain only the personal data that is strictly necessary for a defined, lawful purpose.
- privacy№ 274
Data Anonymization
Irreversibly transforming personal data so that no individual can be identified, directly or indirectly, even when combined with other available information.
- privacy№ 875
Pseudonymization
A technique that replaces direct identifiers in personal data with reversible aliases, so that the data can no longer be attributed to an individual without additional, separately kept information.
- privacy№ 576
k-Anonymity
A privacy model proposed by Latanya Sweeney that requires every record in a dataset to be indistinguishable from at least k-1 others based on its quasi-identifiers.
- privacy№ 603
l-Diversity
An extension of k-anonymity introduced by Machanavajjhala et al. that requires each equivalence class to contain at least l well-represented values for every sensitive attribute.
- privacy№ 1126
t-Closeness
A privacy model by Li, Li, and Venkatasubramanian that strengthens l-diversity by limiting how far the distribution of a sensitive attribute in any class differs from its global distribution.
- privacy№ 317
Differential Privacy
A mathematical framework that quantifies privacy loss when releasing statistics or training models, by adding calibrated noise so any single individual's contribution is provably bounded.
- privacy№ 286
Data Subject Access Request (DSAR)
A formal request from an individual to a controller asking which of their personal data is being processed and obtaining a copy of it, as guaranteed by GDPR Article 15 and similar laws.
- privacy№ 932
Right to Be Forgotten
The right of an individual to obtain the erasure of personal data concerning them when there is no overriding legal reason to keep processing it, under GDPR Article 17.
- privacy№ 856
Privacy by Design
An engineering and governance approach that embeds privacy considerations into systems, processes, and defaults from the earliest design stages rather than bolting them on later.
- privacy№ 857
Privacy Impact Assessment (PIA)
A structured process to identify, evaluate, and mitigate privacy risks of a system, project, or data-processing activity before it goes live.
- privacy№ 284
Data Retention
The policies and controls that define how long different categories of data are kept and when they are securely deleted, archived, or anonymized.
- privacy№ 283
Data Residency
The requirement that data is physically stored and, in some interpretations, processed within a specific country or region, often driven by contracts, customer demands, or sector regulation.
- privacy№ 285
Data Sovereignty
The principle that data is subject to the laws and governance structures of the country in which it is collected, stored, or processed, regardless of where the provider is headquartered.
- privacy№ 1164
Tokenization (Privacy)
Replacing sensitive data values with non-sensitive tokens that have no exploitable meaning outside a controlled token vault, reducing the scope of personal or regulated data.
- privacy№ 279
Data Masking
Replacing sensitive data with realistic but fictitious values so that downstream users, applications, or environments can use the data without exposing the originals.
- privacy№ 210
Consent Management
The processes and tooling used to collect, record, refresh, and honor user permissions for processing personal data and setting cookies, in line with privacy law.
- privacy№ 654
Mass Surveillance
The bulk, indiscriminate monitoring of a population's communications, locations, and online activity by governments or large private actors.
- privacy№ 127
Browser Fingerprinting
A stateless tracking technique that identifies a user by combining browser, device, and configuration attributes into a near-unique signature.
- privacy№ 142
Canvas Fingerprinting
A browser-fingerprinting technique that exploits subtle GPU and font rendering differences when drawing on an HTML canvas to identify a device.
- privacy№ 339
DNS Leak
A privacy failure in which DNS queries bypass a VPN or Tor tunnel and are sent to the user's ISP or default resolver in cleartext.
- privacy№ 1231
WebRTC IP Leak
A browser-side leak in which WebRTC's STUN/ICE machinery exposes a user's real local and public IP addresses, even when a VPN or proxy is active.
- privacy№ 1214
VPN Leak
A failure of a VPN tunnel that lets identifying traffic — IP, DNS, IPv6, or WebRTC — escape outside the encrypted channel.
- privacy№ 1143
Third-Party Cookie
A cookie set by a domain different from the one in the browser's address bar, historically used to track users across websites.
- privacy№ 1115
Supercookie
A persistent tracking identifier stored outside normal cookie storage, designed to survive cookie clearing and private-browsing mode.
- privacy№ 241
Cross-Site Tracking
The practice of linking a user's activity across multiple unrelated websites to build a long-lived behavioural profile.
- privacy№ 1166
Tracking Pixel
A tiny, often 1x1 transparent image or beacon embedded in a web page or email to silently record opens, visits, and other user events.
- privacy№ 931
Right of Rectification
The GDPR right of a data subject to obtain from the controller, without undue delay, the correction of inaccurate or incomplete personal data concerning them.
- privacy№ 930
Right of Data Portability
The GDPR right of a data subject to receive their personal data in a structured, commonly used, machine-readable format and transmit it to another controller.