We’ve tried to explain in simple language some of the terms/words that you may come across while discussing or reading about individual privacy. We’ve also provided links to what we feel are some authoritative Sites in case you want even more explainers about each term.
End-to-End Encryption (E2EE)
End-to-end encryption is a security method where your messages, files, or calls are scrambled (encrypted) on your device before being sent, and can only be unscrambled (decrypted) by the intended recipient’s device. This means that even the company providing the service—like WhatsApp, Signal, or Apple—cannot read your communications. Think of it like sending a letter in a locked box where only you and your friend have keys; even the postal service can’t open it.
Without end-to-end encryption, companies can read your messages to scan for advertising keywords, comply with government requests, or potentially expose your private conversations if their servers are hacked. With E2EE, your privacy is protected even if the company’s servers are compromised, because all they store is encrypted gibberish that’s useless without your device’s key. Apps like Signal, WhatsApp, and iMessage use E2EE, while regular email and SMS text messages typically don’t.
Learn more: Electronic Frontier Foundation – End-to-End Encryption
Personally Identifiable Information (PII)
Personally Identifiable Information, or PII, is any data that can identify you specifically as an individual. This includes obvious things like your name, Social Security number, email address, phone number, and home address, but also less obvious information like your IP address, device identifiers, driver’s license number, biometric data (fingerprints, face scans), or even your photo. When multiple pieces of non-identifying data are combined—like your age, zip code, and gender—they can also become PII because together they might uniquely identify you.
Understanding what counts as PII matters because laws protecting your privacy often specifically cover PII, and data breaches exposing PII create the highest risk for identity theft and fraud. Companies are supposed to handle PII with extra care, though what legally qualifies as PII varies by jurisdiction. When websites or apps ask for information, knowing whether it’s PII helps you decide if sharing it is worth the risk.
Learn more: Consumer Financial Protection Bureau – What is personal information?
Virtual Private Network (VPN)
A VPN creates an encrypted tunnel between your device and the internet, routing all your online traffic through a server operated by the VPN company before it reaches websites or services you’re accessing. This hides your real IP address (which reveals your approximate location) from the websites you visit, and prevents your Internet Service Provider from seeing which specific sites you’re accessing. Think of it like your mail being forwarded through a third-party address—recipients see that address instead of your home address.
VPNs are useful for protecting your privacy on public Wi-Fi, accessing content that’s blocked in your region, or preventing your ISP from tracking and selling your browsing history. However, VPNs don’t make you anonymous—you’re shifting trust from your ISP to the VPN company, which can see all your traffic. Free VPNs often make money by logging and selling your data, defeating the privacy purpose entirely. A VPN also won’t protect you from malware, phishing attacks, or being tracked by accounts you’re logged into.
Learn more: Wirecutter – What Is a VPN, and Why Would I Need One?
Two-Factor Authentication (2FA)
Two-factor authentication adds a second layer of security beyond your password by requiring something else to prove it’s really you trying to log in. This second factor is usually something you have (like your phone receiving a code via text or app) or something you are (like your fingerprint or face). Even if someone steals or guesses your password, they can’t access your account without also having that second factor, which is much harder to obtain.
The most common 2FA methods include codes sent via SMS text, codes generated by authenticator apps (like Google Authenticator or Authy), physical security keys you plug into your computer, or biometric verification like fingerprints. While SMS codes are better than nothing, they’re the weakest form of 2FA because they can be intercepted through SIM-swapping attacks. Authenticator apps and security keys provide stronger protection and should be used for your most important accounts like email, banking, and social media.
Learn more: Consumer Reports – Two-Factor Authentication: Who Has It and How to Set It Up
General Data Protection Regulation (GDPR)
GDPR is a comprehensive privacy law that took effect in the European Union in 2018, giving individuals strong rights over their personal data and requiring companies to protect that data carefully. Under GDPR, you have the right to know what data companies collect about you, access that data, correct errors, delete your information in many circumstances, and object to certain uses of your data. Companies must obtain clear consent before collecting data, explain what they’ll use it for, and face significant fines for violations—up to 4% of global revenue or €20 million, whichever is higher.
Even if you don’t live in Europe, GDPR often protects you because many global companies apply GDPR standards worldwide rather than maintaining different systems for different regions. The law also introduced concepts like “privacy by design” (building privacy protections into products from the start) and data breach notifications (companies must tell you within 72 hours if your data is compromised). GDPR has inspired similar privacy laws around the world, including California’s CCPA, making it a landmark in privacy protection.
Learn more: GDPR.eu – Complete guide to GDPR compliance
Cookies
Cookies are small text files that websites store on your device to remember information about you between visits. First-party cookies come directly from the website you’re visiting and enable useful features like keeping you logged in, remembering items in your shopping cart, or saving your language preferences. These are generally necessary for websites to function properly and aren’t particularly invasive.
Third-party cookies come from companies other than the website you’re visiting—usually advertisers and tracking companies—and follow you across different websites to build profiles of your interests and browsing habits. These tracking cookies enable the targeted advertising where you look at shoes on one site and then see shoe ads everywhere else online. Most privacy concerns about cookies involve these third-party tracking cookies, which is why browsers increasingly block them by default and privacy laws require cookie consent notices on websites.
Learn more: AllAboutCookies.org – What Are Cookies?
Metadata
Metadata is data about data—information that describes or provides context for other information, rather than the actual content itself. For example, a phone call’s metadata includes who you called, when, how long you talked, and from where, but not what you actually said during the conversation. An email’s metadata shows sender, recipient, subject line, time sent, and IP addresses, but not the message body. A photo’s metadata (called EXIF data) can include the date, time, location coordinates, camera model, and settings used to take the picture.
Metadata might seem less sensitive than content, but it can actually reveal more about your life than you’d expect. Knowing who you communicate with, how often, and when can map your social network, daily routines, and relationships without ever reading your actual messages. Intelligence agencies have famously said “we kill people based on metadata,” highlighting how revealing these patterns can be. Many privacy tools that encrypt content still leave metadata exposed because it’s technically necessary for routing communications, making metadata protection one of the hardest privacy challenges.
Learn more: EFF – Why Metadata Matters
Data Broker
Data brokers are companies that collect, aggregate, and sell personal information about consumers without directly interacting with those individuals. They gather data from public records (property ownership, court documents, voter registrations), commercial sources (purchase histories, loyalty programs, magazine subscriptions), online activities (browsing history, social media), and other data brokers, combining it into detailed profiles sold to advertisers, employers, insurers, and others. Most people have never heard of companies like Acxiom, Experian, or CoreLogic, yet these firms hold extensive dossiers on hundreds of millions of people.
You typically can’t control what data brokers collect because they acquire information from third parties rather than directly from you, though some privacy laws now give you rights to access and delete data they hold. Data brokers create categories like “potential inheritor,” “diabetes interest,” or “financial instability,” used to target marketing or make decisions about credit, insurance, or employment. The industry operates largely in the shadows with minimal regulation, making data brokers one of the most concerning privacy threats that most people don’t even know exists.
Learn more: Consumer Reports – Everything You Need to Know About Data Brokers
Phishing
Phishing is a scam where attackers impersonate legitimate companies, organizations, or people to trick you into revealing sensitive information like passwords, credit card numbers, or Social Security numbers, or to click malicious links that install malware. These attacks usually come via email but also occur through text messages (smishing), phone calls (vishing), or social media messages. A phishing email might look like it’s from your bank warning about suspicious activity and asking you to “verify your account” by clicking a link that leads to a fake website designed to steal your credentials.
Modern phishing attacks are increasingly sophisticated, using personal information gathered from data breaches or social media to make messages more convincing and targeted—called “spear phishing” when aimed at specific individuals. Warning signs include urgent language pressuring immediate action, requests for sensitive information (legitimate companies won’t ask for passwords via email), suspicious sender addresses that almost match real ones, poor grammar or spelling, and links that don’t match the claimed destination when you hover over them. When in doubt, don’t click links in unexpected messages—instead, go directly to the company’s website or call their official number to verify.
Learn more: Federal Trade Commission – How To Recognize and Avoid Phishing Scams
Encryption
Encryption is the process of scrambling information into unreadable code that can only be decoded (decrypted) by someone with the correct key or password. Strong encryption uses mathematical algorithms so complex that even powerful computers would need thousands of years to break the code through brute force guessing. When you encrypt a file, message, or connection, you’re protecting it so that anyone who intercepts or accesses it without authorization sees only meaningless gibberish.
Different types of encryption protect different things: HTTPS encrypts your connection to websites (look for the padlock in your browser), full-disk encryption protects all data on your device if it’s lost or stolen, and end-to-end encryption protects messages in transit. Encryption is fundamental to online security—without it, online banking, shopping, and private communications would be impossible. Some governments try to restrict or weaken encryption by requiring “backdoors,” but security experts agree that any backdoor meant for good guys can also be exploited by bad guys, making encryption an all-or-nothing proposition.
Learn more: Khan Academy – Journey into Cryptography (Video Series)
Biometric Data
Biometric data refers to unique physical or behavioral characteristics used to identify individuals, including fingerprints, facial features, iris/retina patterns, voice patterns, DNA, gait (how you walk), and even typing rhythm. Unlike passwords that you can change, biometric data is permanent—you can’t get new fingerprints if they’re compromised. This makes biometric data both extremely convenient (your face or finger is always with you) and potentially risky (once stolen or misused, it’s compromised forever).
Biometric authentication on phones and computers offers strong security because stealing someone’s fingerprint or faking their face is much harder than guessing a password. However, biometric data collected by governments, employers, or private companies raises privacy concerns because it enables tracking, surveillance, and identification without consent. Facial recognition systems can identify you in crowds or photos, while biometric databases can be hacked or misused. Laws protecting biometric data vary widely—some jurisdictions treat it as highly sensitive requiring explicit consent, while others have minimal protections.
Learn more: EFF – Face Recognition
IP Address
An IP (Internet Protocol) address is a unique numerical label assigned to every device connected to the internet, functioning like a mailing address that allows data to find its way to and from your device. Your IP address reveals your approximate geographic location (usually city level) and identifies your Internet Service Provider. Websites you visit can see your IP address, and it’s logged in server records along with what pages you accessed and when.
While your IP address doesn’t directly reveal your name or exact home address, it can be linked to your identity through your ISP (who knows which customer was assigned each IP address at any time), making it a form of personally identifiable information in many contexts. Law enforcement can subpoena ISPs to identify whose IP address was used for illegal activities, while advertisers use IP addresses to track your browsing across websites and target location-based ads. VPNs, Tor, and proxy servers can hide your real IP address by routing your traffic through their servers, making your activity appear to come from their IP address instead of yours.
Learn more: Cloudflare – What is my IP address?
Data Breach
A data breach occurs when unauthorized individuals gain access to sensitive or private information stored by a company, government, or organization. Breaches happen through various means: hackers exploiting security vulnerabilities, employees stealing data, misconfigured databases left publicly accessible, phishing attacks that compromise credentials, or physical theft of devices containing data. The exposed information might include passwords, credit card numbers, Social Security numbers, medical records, private messages, or other personal data depending on what the breached organization stored.
Major breaches affect millions or even billions of people—Yahoo (3 billion accounts), Equifax (147 million), Facebook (533 million)—yet companies often take months to discover breaches and may delay public disclosure while investigating. When you’re affected by a breach, your risk depends on what data was exposed: passwords require changing immediately, credit card numbers may need replacement, Social Security numbers create long-term identity theft risk, and health data could lead to insurance discrimination. Breaches are increasingly common as more data moves online and hackers become more sophisticated, making it essential to use unique passwords for every account so one breach doesn’t compromise everything.
Learn more: Have I Been Pwned – Check if your data has been breached
California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act is a state privacy law that took effect in 2020, giving California residents rights over their personal data similar to Europe’s GDPR, though somewhat weaker. Under CCPA, you have the right to know what personal information companies collect about you, request deletion of your data, opt out of having your information sold to third parties, and not be discriminated against (like charged higher prices) for exercising these rights. The law applies to larger businesses that operate in California, even if they’re based elsewhere.
CCPA was strengthened in 2023 by the California Privacy Rights Act (CPRA), which added protections for sensitive data like Social Security numbers and precise location, created a dedicated enforcement agency, and extended rights around automated decision-making. While CCPA only directly protects California residents, many companies extend similar rights to all US users rather than maintaining separate systems. The law has influenced other states to pass their own privacy legislation, creating a patchwork of US privacy laws that many hope will eventually lead to comprehensive federal privacy legislation.
Learn more: California Attorney General – CCPA Overview
Password Manager
A password manager is software that securely stores all your passwords in an encrypted vault, requiring you to remember only one master password to access everything. Good password managers also generate strong, random passwords for each account, automatically fill in login credentials on websites and apps, and alert you about weak, reused, or compromised passwords. They solve the fundamental problem that humans can’t remember dozens of unique, complex passwords but reusing passwords creates catastrophic security vulnerabilities.
Popular password managers include 1Password, Bitwarden, LastPass, and Dashlane, with most offering browser extensions and mobile apps that sync across all your devices. While storing all passwords in one place might seem risky, the vault is protected by strong encryption and your master password, making it far more secure than reusing weak passwords or writing them down. Most security experts consider password managers essential for digital security. Some are free with basic features, while paid versions add advanced features like password sharing with family or security monitoring for breaches.
Learn more: Wirecutter – The Best Password Managers
Tracking Pixel
A tracking pixel (also called web beacon or pixel tag) is a tiny, invisible image—usually just 1×1 pixel in size—embedded in emails or websites that reports back to the sender when and where you opened the email or viewed the page. When your email client or browser loads the pixel to display it, it makes a request to the sender’s server, revealing your IP address, device type, when you opened it, and often whether you clicked any links. Marketing emails use tracking pixels extensively to measure email open rates and engagement.
You can’t see tracking pixels because they’re transparent or the same color as the background, but they’re tracking you nonetheless. Email clients like Apple Mail now offer privacy features that pre-load images (including tracking pixels) on their servers before delivering emails to you, preventing senders from knowing if or when you actually opened the message. Browser extensions can block tracking pixels on websites, while disabling automatic image loading in email prevents tracking pixels from working, though this means you also won’t see legitimate images until you manually choose to load them.
Learn more: Consumer Reports – How to Stop Email Tracking
Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) is a security method that requires two or more different types of verification before granting access to an account, making unauthorized access much harder even if one factor is compromised. The factors fall into three categories: something you know (password or PIN), something you have (phone, security key, or authentication app), and something you are (fingerprint, face scan, or other biometric). Using factors from different categories provides stronger security—if someone steals your password, they still can’t access your account without also having your phone or fingerprint.
MFA is essentially a broader term for 2FA (two-factor authentication), encompassing systems that might require three or more factors for very sensitive access. Common implementations include entering a password then a code from an authenticator app, or using a fingerprint followed by a PIN. While MFA adds a step to logging in, this minor inconvenience dramatically improves security—Microsoft reports that MFA blocks 99.9% of automated account attacks. Critical accounts like email, banking, and social media should always use MFA, with authenticator apps or security keys preferred over SMS codes when possible.
Learn more: CISA – More Than a Password
Anonymization
Anonymization is the process of removing or altering personal identifiers from data so that individuals cannot be identified from it, allowing data to be used for research, statistics, or other purposes without privacy risks. This might involve removing names, addresses, and obvious identifiers, aggregating data so individual records can’t be distinguished, adding noise or randomization to obscure specific values, or using techniques like differential privacy that mathematically guarantee individual privacy within datasets.
However, truly anonymizing data is extremely difficult—studies have shown that supposedly anonymized data can often be re-identified by combining it with other publicly available information. For example, researchers have re-identified individuals in “anonymous” medical records using just zip code, birthdate, and gender by cross-referencing with voter registration records. This is why privacy laws often distinguish between anonymization (irreversible, no longer personal data) and pseudonymization (identifiers replaced with pseudonyms but still potentially reversible, still considered personal data). Companies claiming data is anonymized should be viewed skeptically unless they provide technical details about their methods and consider re-identification risks.
Learn more: Future of Privacy Forum – Understanding Anonymization
Data Controller vs. Data Processor
Under privacy laws like GDPR, a data controller is the organization that decides what personal data to collect, why to collect it, and how it will be used, while a data processor is a third party that processes data on behalf of the controller according to their instructions. For example, if a retailer collects your email address to send marketing and uses Mailchimp to actually send the emails, the retailer is the controller (they decided to collect emails for marketing) and Mailchimp is the processor (they just send emails as instructed).
This distinction matters because controllers and processors have different legal responsibilities—controllers must ensure lawful data processing and respect individual rights, while processors must follow controllers’ instructions and maintain security. When something goes wrong, the controller is typically primarily responsible, though processors also face obligations and potential liability. If you want to exercise privacy rights like data deletion, you usually contact the controller rather than processors. Understanding this helps you know which company is actually responsible for privacy practices when multiple organizations handle your data.
Learn more: GDPR.eu – Definitions – Controllers and Processors
Legitimate Interest
Legitimate interest is a legal basis under GDPR and similar privacy laws that allows companies to process your personal data without explicit consent when they have a valid business reason and their interests aren’t overridden by your privacy rights. Companies must conduct a “legitimate interest assessment” balancing their needs against potential harm to individuals, considering whether processing is necessary, expected by users, and can be done in less invasive ways. Examples might include fraud prevention, network security, or direct marketing to existing customers.
This is one of the more controversial aspects of GDPR because companies often claim legitimate interest to avoid asking for consent, while privacy advocates argue it’s overused as a loophole. Companies cannot use legitimate interest for the most privacy-invasive processing or when individuals would reasonably expect to have a choice. Even when legitimate interest applies, you have the right to object to the processing, and the company must stop unless they can demonstrate compelling reasons that override your interests. When you see “legitimate interest” in privacy policies or cookie notices, scrutinize whether their claimed interest is truly legitimate or if they’re exploiting the exception to avoid getting permission.
Learn more: ICO – What is the legitimate interests basis?
Consent (Legal Definition)
In privacy law, consent means freely given, specific, informed, and unambiguous agreement to processing of your personal data, requiring more than just clicking past a notice or continuing to use a service. Valid consent must be freely given (not forced as a condition of service unless necessary), specific (clear about what you’re agreeing to), informed (you understand what data is collected and why), and unambiguous (a clear affirmative action like checking a box, not pre-ticked boxes or inactivity). Consent must be as easy to withdraw as it was to give.
Most privacy violations involve companies treating any interaction as consent—simply visiting a website, failing to opt out, or accepting vague terms of service that bury data sharing in legal language. Real consent under laws like GDPR requires companies to ask permission separately for different purposes (you might consent to necessary account functions but not marketing), use clear plain language, and make it genuinely optional without penalizing refusal. When you see manipulative consent interfaces with confusing options or consequences for declining, that’s not real consent—it’s coercion dressed up to look like choice. Understanding what valid consent requires helps you recognize when companies are respecting your rights versus exploiting legal gray areas.
Learn more: GDPR.eu – How to Get Valid Consent
Incognito Mode / Private Browsing
Incognito mode (Chrome), Private Browsing (Safari/Firefox), or InPrivate (Edge) is a browser feature that doesn’t save your browsing history, cookies, or form data on your local device after you close the window. This means someone else using your computer won’t see which websites you visited during that session. However, this is much more limited than most people think—it only provides privacy from other users of the same device, not from the websites you visit, your employer, your internet provider, or anyone monitoring your network.
Websites can still track you during an incognito session through your IP address and browser fingerprinting, your employer or school can see your activity if you’re on their network, your internet provider knows which sites you visit, and law enforcement can still obtain records from websites or ISPs. Incognito mode is useful for shopping for gifts on a shared device, logging into multiple accounts simultaneously, or preventing websites from seeing cookies from other sessions—but it’s not a privacy or anonymity tool for hiding your activity from anyone except other people using your computer.
Learn more: Google – Browse in private with Incognito mode
Browser Fingerprinting
Browser fingerprinting is a tracking technique that identifies your device by collecting information about your browser, operating system, installed fonts, screen resolution, timezone, language settings, plugins, and dozens of other characteristics that, when combined, create a unique “fingerprint” that distinguishes you from other users. Unlike cookies that you can delete, fingerprints are created from your device’s configuration, making them persistent across browsing sessions and extremely difficult to avoid without substantially changing how you browse.
Even if you block cookies, use incognito mode, or change IP addresses, websites can recognize you through your fingerprint because the combination of characteristics is statistically unique—similar to how your actual fingerprints identify you. Advanced fingerprinting can even detect canvas rendering differences (how your specific hardware draws graphics) or audio processing variations. Privacy-focused browsers like Brave or Firefox with strict settings offer fingerprinting protection by either blocking fingerprinting scripts or making your fingerprint appear more generic and common. This is one of the more challenging privacy threats because it’s invisible and most users have no idea it’s happening.
Learn more: EFF – Cover Your Tracks (Test your browser fingerprint)
Zero-Knowledge Encryption
Zero-knowledge encryption (also called zero-knowledge architecture) means that a service provider has absolutely no ability to access your data because encryption and decryption happen entirely on your device using keys that only you control—the provider never has access to unencrypted data or your encryption keys. Services with true zero-knowledge design couldn’t read your files, messages, or passwords even if compelled by courts, hacked by criminals, or if rogue employees tried to snoop, because they simply don’t have the technical capability to decrypt anything.
This is different from regular encryption where companies encrypt your data but hold the keys themselves, meaning they can access it whenever they want or are required to. True zero-knowledge services include password managers like Bitwarden, encrypted storage like Tresorit, and email services like ProtonMail. The tradeoff is that if you forget your master password, your data is permanently unrecoverable—there’s no password reset option because the company cannot decrypt your data to give it back to you. When evaluating services claiming “zero-knowledge,” look for technical documentation explaining their encryption implementation, ideally with independent security audits confirming their claims.
Learn more: ProtonMail – What is zero-access encryption?
Doxxing
Doxxing (from “dropping documents” or “docs”) is the act of publicly revealing someone’s private personal information—real name, home address, phone number, workplace, family members, financial information, or other sensitive details—without their consent, usually with malicious intent to harass, intimidate, or enable others to target them. This information is often compiled from public records, social media, data breaches, and online detective work, then published to expose someone’s offline identity or make them vulnerable to real-world harm.
Doxxing targets include journalists, activists, online moderators, gamers, or anyone who has angered others online, with victims facing harassment, threats, swatting (false emergency reports sending police to their home), job loss, or actual violence. The information shared is often technically “public” but obscure—like matching social media photos to real estate records to find someone’s address—making doxxing legal in many jurisdictions despite being harmful. Protecting against doxxing requires minimizing personal information online, using different usernames across platforms, avoiding photos that reveal your location, keeping address and phone private, and being aware that angry people will spend surprising amounts of time piecing together clues about your identity.
Learn more: Crash Override – Preventing Doxing
Social Engineering
Social engineering is manipulating people into revealing confidential information or taking actions that compromise security, exploiting human psychology rather than technical vulnerabilities. Attackers use tactics like impersonation (pretending to be IT support, a bank representative, or someone in authority), urgency (claiming immediate action is required), fear (threatening consequences), or trust (building rapport before making requests). A social engineer might call pretending to be from your company’s IT department saying they need your password to fix an urgent problem, or email pretending to be your boss requesting an immediate wire transfer.
This is often more effective than hacking because people are generally helpful and trusting, especially when caught off-guard or presented with seemingly legitimate requests from authority figures. Social engineering attacks include phishing emails, phone calls requesting sensitive information, physical tactics like tailgating into secure buildings, or even searching through trash for discarded documents (dumpster diving). Protection requires healthy skepticism—verify identities through separate channels before providing information or access, recognize urgency and fear as manipulation tactics, understand that legitimate organizations won’t request passwords or sensitive information through unsolicited messages, and create security cultures where questioning authority is encouraged when security is at stake.
Learn more: CISA – Social Engineering
Right to Be Forgotten / Right to Erasure
The right to be forgotten, formally called the right to erasure under GDPR, allows individuals to request that organizations delete their personal data under certain circumstances—when the data is no longer necessary for its original purpose, consent is withdrawn, the person objects to processing, or the data was unlawfully collected. This right aims to give people control over their digital footprint and prevent past information from haunting them indefinitely, though it’s not absolute and includes numerous exceptions.
Companies can refuse erasure requests when they need the data for legal obligations, defending legal claims, exercising freedom of expression, or other legitimate purposes defined in law. The right is most famously applied to search engines—European courts have required Google to remove links to outdated or irrelevant information about individuals from search results, though the actual source content remains online. In practice, exercising this right requires submitting formal requests to every organization holding your data, which can be time-consuming, and companies often resist by claiming exemptions. The right doesn’t exist in most US jurisdictions except California and a few other states, and even where it exists, enforcement is inconsistent and depends on individuals knowing about and actively exercising their rights.
Learn more: GDPR.eu – Right to Erasure
Data Minimization
Data minimization is the privacy principle that organizations should only collect and retain personal data that is adequate, relevant, and strictly necessary for specific purposes—no more than needed. Instead of collecting everything possible “just in case” it might be useful later, data minimization requires deliberate restraint: collecting only required fields, keeping data only as long as necessary, and limiting access to those who need it. A shopping site practicing data minimization might only collect shipping addresses for orders rather than storing browsing history indefinitely.
This principle is embedded in privacy laws like GDPR as a core requirement, but many companies default to maximum data collection because data has value and they want to keep options open for future uses. For individuals, practicing data minimization means being selective about what information you share—providing only required fields on forms, declining optional data sharing, and regularly deleting old accounts and data you no longer need. The less data that exists about you, the less can be breached, sold, misused, or subpoenaed. Data minimization recognizes that the best way to protect data is not collecting it in the first place—data that doesn’t exist can’t compromise your privacy.
Learn more: ICO – Data minimisation
Tor (The Onion Router)
Tor is free software that enables anonymous communication by routing internet traffic through a network of volunteer-operated servers (called nodes or relays) around the world, encrypting data in multiple layers so no single point in the network knows both where the traffic came from and where it’s going. Your connection bounces through at least three random nodes before reaching its destination, with each node only knowing the previous and next hop, making it extremely difficult for anyone to trace activity back to you.
Tor is essential for journalists protecting sources, activists in repressive countries, whistleblowers, and anyone needing strong anonymity, though it’s significantly slower than regular browsing and some websites block Tor traffic. The Tor Browser (based on Firefox) provides a pre-configured, hardened browser with necessary protections enabled, while the broader Tor network also hosts “onion services”—websites only accessible through Tor that provide mutual anonymity for both server and visitor. Using Tor isn’t illegal and doesn’t automatically make you suspicious, despite misconceptions that “only criminals use Tor”—many legitimate users need anonymity for safety. However, Tor doesn’t make you invincible; user mistakes like logging into personal accounts or downloading files can compromise anonymity.
Learn more: Tor Project – Learn More About Tor
HTTPS (Hypertext Transfer Protocol Secure)
HTTPS is the secure version of HTTP, the protocol that transfers data between your browser and websites you visit, adding encryption so that communication cannot be intercepted and read by anyone between you and the website. When you see a padlock icon in your browser’s address bar and the URL starts with “https://”, your connection is encrypted, protecting passwords, credit card numbers, messages, and browsing activity from being seen by others on your network, your internet provider, or attackers intercepting traffic.
Without HTTPS, anyone on the same Wi-Fi network could see everything you’re doing online—a major risk on public Wi-Fi at coffee shops or airports. HTTPS only encrypts the connection between you and the website; it doesn’t make the website trustworthy (scam sites can use HTTPS too), doesn’t hide which websites you visit from your internet provider (they can see domains even if not specific pages), and doesn’t protect you once data reaches the website’s servers. Most modern websites use HTTPS by default, and browsers now warn you when visiting insecure HTTP sites. Browser extensions like HTTPS Everywhere automatically upgrade connections to HTTPS when available, while visiting important sites like banking or email over insecure HTTP would be extremely risky.
Learn more: EFF – HTTPS Everywhere
Malware
Malware (malicious software) is any program designed to damage, disrupt, or gain unauthorized access to computer systems, encompassing viruses, trojans, ransomware, spyware, adware, keyloggers, and other harmful software. Malware can steal passwords and financial information, encrypt your files and demand ransom for decryption, use your device for cryptocurrency mining or sending spam, spy on your activities and communications, or turn your computer into part of a botnet controlled by criminals.
Malware spreads through infected email attachments, malicious downloads disguised as legitimate software, compromised websites that exploit browser vulnerabilities, infected USB drives, or software from untrusted sources. Protection requires multiple layers: keeping operating systems and software updated with security patches, using reputable antivirus/antimalware software, being cautious about what you download and from where, not opening suspicious email attachments or clicking unknown links, and maintaining backups so ransomware can’t hold your data hostage. Mobile devices aren’t immune—apps from unofficial sources, fake apps impersonating legitimate ones, and even occasionally malicious apps that slip past official app store reviews can infect phones. If your device acts strangely (slow, unexpected pop-ups, unfamiliar programs), it might be infected and requires immediate action.
Learn more: US-CERT – Understanding Anti-Virus Software
Ransomware
Ransomware is a specific type of malware that encrypts your files, making them inaccessible, then demands payment (usually cryptocurrency) to provide the decryption key to recover your data. Attacks have evolved from targeting individuals to focusing on businesses, hospitals, government agencies, and critical infrastructure where pressure to pay is higher because encrypted data represents operational paralysis. Modern ransomware groups often combine encryption with data theft, threatening to publish stolen sensitive information if ransom isn’t paid—a “double extortion” tactic.
Paying ransom doesn’t guarantee file recovery—criminals may not provide working decryption keys, may demand additional payments, or the decryption process may fail—and funding criminals encourages more attacks. Prevention through regular backups stored offline or in cloud services that retain version history is the best defense, alongside security practices like not clicking suspicious links, keeping software updated, and limiting user account privileges. If infected, disconnect from networks immediately to prevent spread, don’t pay without carefully considering alternatives, report to law enforcement, and consult security professionals. Ransomware represents one of the most serious cybersecurity threats currently, causing billions in damages annually and sometimes literally endangering lives when healthcare systems are locked down.
Learn more: FBI – Ransomware
Man-in-the-Middle Attack (MITM)
A man-in-the-middle attack occurs when an attacker secretly intercepts and potentially alters communication between two parties who believe they’re communicating directly with each other. Like someone secretly reading and possibly changing letters between correspondents, a MITM attacker can spy on data being transmitted, steal credentials or sensitive information, inject malicious content, or manipulate transactions. This commonly happens on unsecured public Wi-Fi where attackers on the same network can intercept unencrypted traffic.
MITM attacks exploit unencrypted communications or fool users into connecting to malicious networks disguised as legitimate ones (like a fake “Free Airport WiFi” that’s actually an attacker’s laptop). Protection comes from using encrypted connections (HTTPS for websites, VPNs for network traffic), being cautious on public Wi-Fi, verifying network authenticity before connecting, and paying attention to browser security warnings about invalid certificates. Your device might be talking to an attacker who’s forwarding communications to the real destination while copying everything, making the attack invisible without proper encryption. This is why using HTTPS and VPNs on public networks is crucial—encryption prevents attackers from reading intercepted data even if they successfully position themselves in the middle.
Learn more: Kaspersky – What is a Man-in-the-Middle Attack?
SIM Swapping
SIM swapping (also called SIM hijacking) is an attack where criminals convince your mobile carrier to transfer your phone number to a SIM card they control, allowing them to receive your calls and text messages, including two-factor authentication codes sent via SMS. Attackers typically use social engineering with carrier customer service, providing stolen personal information (from data breaches or social media) to “prove” they’re you and claim they need to transfer service to a new phone.
Once they control your number, attackers can reset passwords on accounts using SMS-based two-factor authentication, access banking apps, intercept verification codes, and effectively hijack your digital identity. High-profile victims have lost cryptocurrency worth millions, had social media accounts taken over, and suffered identity theft. Protection includes using authenticator apps or hardware security keys instead of SMS for two-factor authentication (SMS is the weakest form), adding PINs or passwords to your mobile carrier account to prevent unauthorized changes, being careful about personal information shared publicly, and immediately reporting if your phone suddenly loses service—a warning sign of possible SIM swap in progress. Carriers have improved security after numerous incidents, but SIM swapping remains a serious threat particularly for high-value targets.
Learn more: FCC – SIM Swap Scams
Differential Privacy
Differential privacy is a mathematical framework for sharing information about datasets while protecting individual privacy, adding carefully calibrated random noise to data or queries so that patterns and statistics remain accurate while individual records become indistinguishable. The key principle is that any analysis should produce nearly identical results whether any single individual’s data is included or not, making it impossible to determine if specific people are in the dataset or what their specific data values are.
Major tech companies like Apple and Google use differential privacy to collect usage statistics and trends from millions of users without exposing individual behavior—for example, learning which emojis are popular overall without knowing which specific users typed them. The “privacy budget” concept limits how many queries can be made before accumulated information could compromise privacy. Differential privacy is mathematically provable unlike vague claims of “anonymization,” but requires careful implementation and meaningful privacy parameters—companies can tune settings to prioritize accuracy over privacy. This represents one of the most promising technical approaches to the tension between useful data analysis and individual privacy, though it’s complex enough that few people understand whether specific implementations actually protect privacy meaningfully.
Learn more: NIST – Differential Privacy (Video)
Digital Footprint
Your digital footprint is the trail of data you leave behind through online activities—social media posts, website visits, online purchases, search queries, app usage, location history, and any other digital interactions. This includes both your “active” footprint (data you intentionally share like posting photos or filling out forms) and “passive” footprint (data collected about you without direct action, like tracking cookies, browsing history, or metadata from your activities).
Digital footprints are increasingly permanent, searchable, and comprehensive—creating detailed portraits of your interests, relationships, habits, beliefs, and life history that exist beyond your control. Employers Google job candidates, universities review applicants’ social media, romantic partners investigate each other online, and even casual acquaintances can access years of your digital history. Reducing your digital footprint requires actively managing privacy settings, periodically searching for yourself to see what’s publicly visible, deleting old accounts and content, being selective about what you share, and understanding that everything online should be considered permanent and potentially public regardless of current privacy settings. Your digital footprint follows you through life and can be weaponized against you, making regular footprint audits and careful online behavior essential for long-term privacy.
Learn more: Berkeley – Managing Your Digital Footprint
Privacy Policy
A privacy policy is a legal document that explains what personal data a company collects, how they use it, who they share it with, how long they keep it, and what rights you have regarding your data. Companies are legally required to have privacy policies in many jurisdictions, and they’re supposed to provide transparency about data practices so you can make informed decisions about using services. Privacy policies typically cover data collection methods, purposes for processing, third-party sharing, cookies and tracking, international transfers, security measures, and contact information for privacy inquiries.
The reality is that most privacy policies are written in dense legal language designed to maximize company flexibility while technically meeting legal requirements, running dozens of pages that almost nobody reads before clicking “I agree.” They often use vague language like “we may share data with partners” without specifying who or why, bury concerning practices in walls of text, and include broad permissions that most users wouldn’t knowingly consent to if explained clearly. Reading privacy policies is important for understanding what you’re agreeing to, though it’s an unrealistic burden—estimates suggest fully reading all privacy policies you encounter would take hundreds of hours annually. Tools that summarize or grade privacy policies help, as does focusing on policies for services handling your most sensitive data rather than trying to read everything.
Learn more: Terms of Service; Didn’t Read
Geolocation / GPS Tracking
Geolocation is determining your physical location using various technologies—GPS satellites, cellular tower triangulation, Wi-Fi network positioning, or IP address lookup—enabling location-based services like maps and navigation, local search results, weather forecasts, and geotagged photos, while also creating detailed records of everywhere you go. Your smartphone tracks your location constantly through multiple methods even when you’re not actively using navigation, building comprehensive location histories that reveal your home, workplace, frequently visited places, daily routines, relationships (who you spend time with based on location overlap), and even sensitive locations like medical clinics, religious institutions, or political meetings.
Location data is particularly revealing and valuable—advertisers use it for targeting, data brokers sell it to anyone willing to pay, apps share it with third parties, and law enforcement can subpoena location records to place suspects at crime scenes. Protecting location privacy requires disabling location services when not needed (though this breaks functionality of many apps), reviewing which apps have location access and limiting to “while using” rather than “always,” turning off location history in device settings, being aware that photos often contain GPS coordinates in metadata, and understanding that even with GPS disabled, rough location can be determined from IP addresses and Wi-Fi networks. Perfect location privacy is nearly impossible with smartphones, but limiting access and understanding who’s tracking you helps manage exposure.
Learn more: EFF – The Problem with Mobile Phones
Dark Web
The dark web refers to encrypted networks like Tor that require special software to access and host websites with addresses ending in .onion rather than .com, providing anonymity for both visitors and site operators. This anonymity enables valuable uses like secure whistleblowing platforms, forums for political dissidents in repressive countries, and privacy-focused services, but also facilitates illegal marketplaces, illicit content, and criminal coordination. The dark web is a small fraction of the “deep web”—content not indexed by search engines like private databases, subscription content, and internal company networks.
Contrary to media portrayals, the dark web isn’t exclusively criminal—many legitimate privacy advocates, journalists, and regular people use it to avoid surveillance or censorship. Accessing the dark web via Tor Browser is legal in most countries, though obviously participating in illegal activities is criminal regardless of where they occur. The dark web is slower, less user-friendly, and filled with scams even among criminal services, while law enforcement has successfully infiltrated dark web marketplaces despite anonymity protections. For most people, the dark web isn’t particularly useful or interesting—normal privacy tools and practices provide adequate protection without needing this level of anonymity—though understanding its existence helps contextualize online privacy technologies and threats.
Learn more: Kaspersky – What is the Dark Web?
Data Portability
Data portability is your right under laws like GDPR to receive personal data you’ve provided to a company in a structured, commonly used, machine-readable format, and to transmit that data to another service provider without hindrance from the original company. This prevents vendor lock-in where companies hold your data hostage, making it difficult to switch to competitors—for example, you could request all your photos from one social network and upload them to another, or transfer your music playlists between streaming services.
Companies must provide data portability for data you actively provided (posts, uploads, profile information) but not for derived or inferred data (like algorithmic recommendations or analytics about your behavior). The practical implementation varies—some companies provide excellent data export tools while others make it unnecessarily difficult or provide data in formats that are technically “machine-readable” but practically useless. Data portability empowers competition by making it easier to leave services you’re unhappy with, and gives you control over your digital legacy. When evaluating services, check whether they offer data export tools and in what formats—companies that make exporting easy demonstrate respect for user autonomy and deserve preference over those that make leaving difficult.
Learn more: GDPR.eu – Right to Data Portability
