Online Privacy Glossary

Learn key online privacy terms with Incogni.



Clean up your digital footprint




California Consumer Privacy Act (CCPA)

The CCPA (California Consumer Privacy Act) is a California law aimed at guaranteeing residents’ privacy rights and consumer protections. The CCPA regulates the collection, processing, and sale or trade of personal information. The Act applies to companies that handle California residents’ private data.

Read more

California Privacy Rights Act (CPRA)

The California Privacy Rights Act (CPRA) is an amendment and addendum to the California Consumer Privacy Act (CCPA). It refines and extends the provisions laid down in the CCPA. The CCPA and CPRA, taken together, constitute a single California privacy law: the CPRA does not replace the CCPA.

Read more

Colorado Privacy Act (CPA)

The Colorado Privacy Act (CPA) is a comprehensive data privacy state law providing Colorado residents with the right to opt out of targeted advertising, the sale of their personal data, and certain types of profiling. The CPA will go into effect on July 1, 2023, making Colorado the third state, after California and Virginia, to have a comprehensive data privacy legislation in place.

Read more

Connecticut Data Privacy Act (CTDPA)

The Connecticut Data Privacy Act (CTDPA) is a national data privacy law in the United States providing Connecticut residents with various rights over their personal data – such as the option to opt-out of targeted advertising, the sale of personal data, and automated profiling. The CTDPA also provides certain obligations for data controllers and processors, such as requiring privacy notices.

Read more


Cookies are small pieces of data created by a web server and stored within a web browser. They store and save browsing information which can later be retrieved. Once the user comes back to the website, cookies inform the web server that you have returned.

Read more

Cyber extortion

Cyber extortion is an online crime in which a cybercriminal threatens victims with harm, embarrassment, or financial loss unless they comply with demands, such as paying a ransom or providing sensitive information. The most common examples of cyber extortion are ransomware and DDoS attacks.

Read more


Cyberbullying is a form of bullying that occurs through electronic devices such as cell phones and computers. It can occur through social media sites, online games, text messages, forums, and other online means of communication.

Read more


Cybersecurity is the practice of protecting computers, networks, and sensitive data from unauthorized or criminal access and malicious attacks carried out by cybercriminals. It involves taking various steps and using a range of tools to detect and prevent cyberattacks, as well as responding to and recovering from security incidents.

Read more


Cyberstalking is a form of online harassment which involves harassing a victim through the internet or other forms of electronic communications. Although it doesn’t involve physical contact, cyberstalking can cause substantial emotional distress and even involve serious criminal actions.

Read more


Data Broker

A data broker, also known as a data aggregator, is a company that collects, sorts, analyzes, and sells or shares individuals’ personal information in order to generate revenues. They create detailed profiles of these individuals, encompassing their demographics, behavior patterns, interests, and preferences.

Read more

Data controller

A data controller is a person or legal entity that determines how and why personal data is processed. In other words, anyone or anything that decides on the purposes behind and means of data processing is called a data controller in line with Chapter 1. Article 4.7 of the General Data Protection Regulation (GDPR).

Read more

Data Privacy

Data privacy refers to the protection and confidentiality of personal information. It involves the collection, storage, use, and dissemination of personal information in a manner that is secure, private, ethical, and in compliance with applicable laws and regulations.

Read more

Data Processor

According to Chapter 1, Art. 4.8 of the GDPR, a data processor is “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.” In some cases, the data processor can also be a data controller.

Read more

Digital Fingerprinting

Browser or digital fingerprinting is a tracking and identification method that collects various data points from a user’s web browser to improve user experience and prevent fraud. However, it is also associated with targeted online advertising, where fingerprints play a role similar to cookies.

Read more

Digital Footprint

Your digital footprint is a record of everything you do online, like the websites you visit and what you post on social media. It’s important to be careful because this information can be seen by companies, advertisers, and even the government.

Read more

Do Not Track (DNT)

Do Not Track (DNT) is a browser setting used to signal a user’s preference not to be tracked by website cookies or have their personal information shared. It’s a voluntary system that has been adapted by all browsers, though many websites still don’t honor a Do Not Track preference.

Read more

Doxxing (Doxing)

Doxxing refers to the deliberate public disclosure of a person’s sensitive personal information without their permission. The intention behind doxxing someone need not be malicious, but it most often is. In effect, doxxing involves connecting a person’s online persona to their true identity.

Read more


Email Masking

Email masking, also known as email obfuscation or email anonymization, is a technique used to protect the privacy and security of an email address. Email masking prevents email addresses from being scraped by the email harvesters and spambots that collect them for malicious purposes like spamming or phishing.

Read more

Essential cookies

Essential cookies, also known as strictly necessary cookies, are the cookies without which a website cannot function properly. As the name suggests, these cookies are necessary for the website to provide whatever service it’s designed to provide or to facilitate data transmission over networks.

Read more

Explicit consent

Explicit consent, sometimes referred to as express consent, is a type of consent that is freely given. It’s usually stipulated in laws regarding how organizations obtain an agreement to a contract from an individual, or data subject, or the collection and handling of their personal information.

Read more


Faraday bag

A Faraday bag, similar to a Faraday cage or Faraday shield, is a specialized bag or flexible container designed to block electromagnetic fields, including those used in wireless communication technologies. English scientist Michael Faraday invented the Faraday cage (on which the Faraday bag is based) in 1836.

Read more


General Data Protection Regulation (GDPR)

GDPR stands for General Data Protection Regulation. It’s a comprehensive data protection regulation introduced by the European Union in 2016 and enforced in 2018. It gives individuals greater control over their personal data and unifies data protection laws across the EU member states.

Read more


Health Insurance Portability and Accountability Act (HIPAA)

HIPAA, or the Health Insurance Portability and Accountability Act, is a US federal law that regulates how patient health information is stored, transferred, used, and disclosed. It also aims to improve healthcare efficiency and reduce healthcare fraud and abuse.

Read more

Hypertext Transfer Protocol Secure (HTTPS)

HTTPS (Hypertext Transfer Protocol Secure) is a variant of HTTP that uses encryption to protect data – making it unreadable to anyone who lacks the decryption key. But what is HTTP in the first place? In layman terms, HTTP is a set of rules (a protocol) that allows web browsers (or other user agents) to exchange information with web servers.

Read more


Identity Theft

Identity theft is a form of cybercrime in which an unauthorized party illicitly acquires, manipulates, or exploits an individual’s personal information for fraudulent purposes. Identity theft is a grave violation of privacy and security, often leading to far-reaching consequences for the victim.

Read more

Internet Service Provider (ISP)

An ISP, or Internet Service Provider, is a company that provides internet access to its customers. ISPs typically require customers to sign a contract and pay a monthly fee for their services. Some ISPs also offer additional services such as email, web hosting, and virtual private networks (VPNs).

Read more

IP Address

An IP address, short for Internet Protocol address, serves as a digital address for devices connected to a network. Like the home address, which helps identify where mail should be delivered, an IP address enables devices to communicate and exchange data over the internet.

Read more




Legitimate interest

Legitimate interest is one of the 6 legal bases that allow the processing of personal data under the General Data Protection Regulation (GDPR). It can also apply to the individual whose data is being processed, referred to as the data subject, as a basis for opting out of data processing.

Read more

Location tracking

Location tracking refers to the collection and analysis of data that reveals the whereabouts of a device or person. This is a prevalent practice that can be achieved through GPS, Wi-Fi, cell tower triangulation, and other methods as well as combinations of methods.

Read more




The New York Stop Hacks and Improve Electronic Data Security Act (NY SHIELD Act) is New York State’s primary data protection legislation. The SHIELD Act amends the state’s 2005 Information Security Breach and Notification Act and was signed into law by Governor Andrew Cuomo on July 25, 2019.

Read more


Online Harassment

Online harassment is any kind of abusive behavior that takes place on the internet. It can include cyberbullying, doxxing, swatting, cyberstalking, hate speech, trolling, catfishing, and revenge porn. Online harassment can occur anywhere online, from social media to online gaming and messaging apps.

Read more

Opt Out

To “opt out” is a process of decision-making during which an individual decides not to participate in a particular activity or service or chooses to stop receiving unsolicited service information. The concept of opting out is typically connected with marketing practices, but it can also be applied to advertising, social norms, political systems, opt-out cookies, and more.

Read more

OSINT (Open-source intelligence)

Open-source intelligence (OSINT) is the practice of gathering intelligence from publicly available sources such as social media, news articles, government reports, and online databases. OSINT is used to provide insights that can inform decision-making, strategic planning, and security operations.

Read more


Personally Identifiable Information (PII)

Personally Identifiable Information is any information that can be used to identify someone. This can include direct information such as name and Social Security number or indirect information such as race and gender. Any information that can be traced back to an individual is considered PII.

Read more


Pseudonymization is the data management technique of replacing personal identifiers in data records with pseudonyms or placeholders. It’s often used to protect personal information when sharing data. Data that has been de-identified using pseudonymization can be re-identified again, if necessary.

Read more

Public records

Public records, kept by government agencies, are an invaluable source of information for the public. These records encompass a wide range of data, from individual and business information to court cases and government contracts.

Read more



Right to access

The right to access, also known as the right of access, is the right of individuals to request and receive a copy of any personal data held about them by a given company or organization. They are also entitled to supplementary information to help them understand how and why their data is being used.

Read more

Right to be forgotten

The right to be forgotten, also known as the right to erasure, is the right of an individual to have information that is or was publicly available delisted from search engines and delinked from compliant websites. The right to be forgotten originates in the European Union (EU) but has since been implemented elsewhere.

Read more



Third-party cookies

Third-party cookies are cookies created by a different domain than the one you see in your URL bar. Set in third-party code, these cookies are typically used for tracking and online-advertising purposes. Overall, third-party cookies can enhance the browsing experience, but they often do this in exchange for personal data.

Read more


US Data Privacy Laws

There are no federal data privacy laws in the US. The proposed American Data Privacy Protection Act (ADPPA) is as close as US residents have been to such a law. The first federal consumer privacy bill to pass committee markup, ADPPA was approved 53-2 by the Committee on Energy and Commerce on July 20, 2022.

Read more

Utah Consumer Privacy Act (UCPA)

The UCPA (Utah Consumer Privacy Act) is a state law designed to protect consumer data. It was signed into law on March 24, 2023, and will come into effect on December 31, 2023. At the time of its signing, the Utah Consumer Privacy Act was the fourth such state privacy legislation in the US.

Read more


Virginia Consumer Data Protection Act (VCDPA)

The Virginia Consumer Data Protection Act (VCDPA) is a data protection law that came into effect in the Commonwealth of Virginia on January 1, 2023. By passing this legislation, Virginia became the second state (after California) with a comprehensive data protection law in place.

Read more


VPN stands for virtual private network. As the name suggests, it’s a technology that creates a virtual, private network within a more extensive network, the internet. Often compared to a tunnel, it secures internet browsing and enhances the confidentiality of users’ data and online activity.

Read more



Scroll to Top