Dictionary of Privacy, Data Protection and Information Security

Mark Elliot, Professor of Data Science, School of Social Sciences, University of Manchester, UK, Anna Maria Mandalari, Assistant Professor, Department of Electronic and Electrical Engineering, University College London, UK, Miranda Mourby, Researcher, Faculty of Law, University of Oxford, UK and Kieron O’Hara, Emeritus Fellow in Electronics and Computer Science, University of Southampton, UK

• ContentsAcknowledgements xxxviiiPreface xxxixHow to use this dictionary xliiAA29WP 1Abortion 1Abstract 2Accessibility 2Access Control 2Access Control List (ACL) 2Access Point 3Accountability 3Account Management 4Account Take Over (ATO) 4Accuracy 4ACL 5Additivity 5Adequacy 5Ad Exchange 6ADF 6Ad Hoc Network 7Ad Network 7Adtech 8Advanced Electronic Signature 8Advanced Encryption Standard (AES) 8Adversary 9Adware 9AES 10Affinity Analysis 10Aggregation 10Agreement 10AI 11Algorithm 11American Data Privacy and Protection Act 11Analogue Hole 11Analysis Server 12Analytical Completeness 12Analytical Validity 12Anomaly Detection 13Anonymisation 13Anonymisation Decision-Making Framework (ADF) 15Anonymising Proxy 15Anonymity 15Anonymous Search Engine 16Anti-Discrimination Law 16Anti-Malware Software 16Anti-Virus Software 17APEC Privacy Principles 17API 18App 18Application (App) 18Application Layer Attack 19Application Programming Interface (API) 19Appropriate Safeguards 20Appropriate Technical and Organisational Measures 20Appropriation of Name or Likeness 21AR 21Article 29 Working Party (A29WP) 21Artificial Intelligence (AI) 22AS 23Asset 23Associational Privacy 24Assured Data Deletion 24Asymmetric Cryptography 24Asymmetric Information 25ATO 25Attack 26Attacker 26Attack Model 26Attack Surface 26Attack Tree 27Attack Vector 27Attentional Privacy 27Attention as a Resource 28Attention Tracking 28Attitude–Behaviour Gap 29Attribute 29Attribute Disclosure 30Attribution 30Audit Trail 31Augmented Reality (AR) 31Authentication 32Authorisation 32Automated Decision-Making 33Autonomous System (AS) 34Autonomy 34Auxiliary Data 35Auxiliary Information 35Auxiliary Knowledge 35Availability 36Awareness 36BBackdoor 38Back-Up 38Barnardisation 39BCI 39BCR 40Behavioural Advertising 40Benefits of Privacy 40Bicycle Attack 41Big Brother 42Big Data 42Binary Variable 43Binding Corporate Rules (BCR) 44Biobank 44Biometric Data 45Biometrics 46Black Hat Attack 46Blacklist 46Blackmail 47Blinding 48Blockchain 48Block Cipher 50Blocking Variable 50Blocklist 50Bluejacking 50Bluesnarfing 51Blue Team 51Bluetooth 51Bodily Privacy 52Bot 52Botnet 53Boundary 54Bounded Rationality 54Bounds 55Brain–Computer Interface (BCI) 55Brain Implant 56Brainwashing 56Breach 57Breach Disclosure 58Breach of Confidence 59Bring Your Own Device Policy (BYOD) 59Browser Fingerprinting 60Browsing History 60Brussels Effect 61Brute Force Attack 61Buffer Overflow Attack 62Bug 63Business Case 63Business Impact Level 64BYOD 64CCA 65Categorical Data 65CCTV 65Celebrity Privacy 66Cell Suppression 66Censorship 66Census 67Centralised Governance 67Certification 68Certification Authority (CA) 69Chain of Trust 69Challenge-Response 70Charter of Fundamental Rights 70Charter Rights 71Checksum 71Chief Privacy Officer 72Children’s Privacy 72Chilling Effect 73Chinese Wall 74Choice Architecture 74CIA Triad 74Cipher 75Ciphertext 76Classified Information 76Cleartext 76Clickstream Data 77Client Confidentiality 77Client-Side Scanning 78Closed Circuit Television (CCTV) 78Cloud Computing 79Cloud Storage 80Code Audit 81Code of Conduct 82Code of Ethics 82Code Review 83Commodification 83Common Law 84Communication 84Communication Privacy 85Communication Privacy Management (CPM) Theory 86Community Privacy 87Compliance 88Concentration Rule 88Conditions for Processing 88Confidence 89Confidentiality 89Confidentiality Club 91Confidentiality Pledge 91Conflict of Rights 92Connected Place 92Connectomics 93Consent 93Consent Form 94Consequential Data 95Consistency Mechanism 95Consumer Information Markets 96Consumer Preference Information 97Content Data 97Contextual Advertising 98Contextual Integrity 98Continuous Data 99Controlled Rounding 99Controlled Tabular Adjustment (CTA) 99Convention 108 100Cookie 100Cooperation Mechanism 101Co-Privacy 102Correct Attribution Probability 102Count Data 103CPM 103Credentials 103Creepiness 103Creepy Line, The 104Crime Prevention Exemptions 104CRM 105Cross-Border Data Processing 105Cross-Device Tracking 105Cross-Site Request Forgery (CSRF) 106Cross-Site Scripting (XSS) 107Cryptanalysis 107Cryptocurrency 108Cryptographic Hash Function 109Cryptographic Key 109Cryptographic Protocol 110Cryptography 110Crypto-Shredding 111Crypto Wars 112CTA 112Cultural Variation of Privacy 113Currency 113Customer Relationship Management (CRM) 114Customer Tracking 114Cybercrime 115Cyber Insurance 116Cyber Resilience 117Cybersecurity 117Cyberstalking 117Cyberterrorism 118Cyberwarfare 119Cypher 120Cypherpunk 120DDark Pattern 121Dark Web 121Data 122Data Abuse 123Data Ageing 123Data Aging 124Data at Rest 124Database 124Database of Ruin 124Data Breach 125Data Breach Notification 126Data Broker 126Data Capture 127Data Centre 127Data Classification 128Data Controller 128Data Curation 129Data Custodian 129Data Degaussing 129Data Destruction 130Data Divergence 130Data Dumping 130Data Enclave 131Data Environment 131Data Environment Analysis 132Data Ethics 132Data Exhaust 133Datafication 133Data Flow 134Data Flow Diagram 134Data Governance 135Data Harmonisation 136Data Harvesting 136Data in Motion 137Data Intermediary 137Data in Transit 137Data Intruder 138Data Intrusion Simulation 138Data in Use 138Data Lake 138Data Lifecycle 139Data Lifecycle Management 140Data Linkage 140Data Map 141Data Minimisation 141Data Minimisation Principle 142Data Mining 142Data Ownership 143Data Portability 144Data Privacy 145Data Processing 145Data Processor 145Data Protection 145Data Protection Authority 146Data-Protection-by-Default 146Data-Protection-by-Design 147Data Protection Directive 147Data Protection Impact Assessment (DPIA) 148Data Protection Officer (DPO) 149Data Protection Policy 150Data Protection Principles 151Data Provenance 151Data Quality 152Data Recipient 153Data Release 153Data Retention 154Data Safe Haven 155Data Sanitisation 156Data Schema 156Dataset 156Data Sharing 157Data Sharing Agreement (DSA) 158Data Situation 158Data Situation Audit 159Data Sovereignty 159Data Steward 160Data Stewardship Organisation 161Data Storage 161Data Subject 162Data Subject Access Request 163Data Synthesis 163Data Transfer 164Data Trust 165Data Unit 166Data User 166Data Utility 166Dataveillance 167Data Warehouse 168DDOS 168Deanonymisation 169Decentralisation of the Web 169Decisional Privacy 170Declared Data 170Decryption 171Deepfake 171Deep Learning 172Deep Packet Inspection (DPI) 173Deep Web 173Defamation 173Default Settings 174De-Identification 175Deletion 175Delta 176Demographic Advertising 176Demonstration Attack 176Denial of Service (DoS) 177Deterministic Record Linkage 178Device Fingerprinting 178DICOM Standard (Digital Imaging and Communications inMedicine) 179Differencing 179Differential Identifiability 180Differential Privacy 180Digital Assistant 181Digital Breadcrumbs 182Digital Certificate 182Digital Divide 183Digital Economy 183Digital Fingerprinting 183Digital Footprint 184Digital Footprint Eraser 185Digital Hygiene 186Digital Imaging and Communications inMedicine 186Digital Identity 186Digital Inequality 187Digital Inheritance 188Digital Literacy 188Digital Persona 189Digital Rights Management (DRM) 189Digital Self-Determination 190Digital Signature 190Digital Twin 191Digital Wallet 191Dignity 192Direct Access Attack 192Direct Identifier 193Direct Marketing 193Directory Indexing 194Disassociability 194Disclosive Data 194Disclosure 195Disclosure and Barring (Check) 195Disclosure Control Methods 195Disclosure Risk 196Discrete Data 196Discretionary Access Control 197Discretisation 197Disguise 197Distributed Denial of Service 197Distributed Ledger 198DNS Server 198Domain Generalisation 198Dominance Rule 199Do Not Track (Protocol) 199DOS 200Doxxing 200DPI 200DPIA 200DPO 200D-Privacy 200DRM 201DSA 201Duty of Confidence 201Duty to Protect 201Duty to Warn 201Dyad 202Dynamic Consent 202Dynamic Data Situation 203EE2EE 204E3 204Eavesdropping 204Eavesdropping Attack 204ECHR 205E-Commerce 205Economics of Privacy 206Edge Computing 207EDPB 207EDPS 207EHR 208Electronic Health Record (EHR) 208EM Algorithm 208Emotion Recognition 209Employee Information 210Encrypt-Everything-Everywhere (E3) 210Encryption 211Encryption Algorithm 211Encryption Key 211Endpoint Security 212End-to-End Encryption (E2EE) 212End-User Licence Agreement (EULA) 213Engineering Ethics 213Enhanced Privacy ID (EPID) 214EPID 214Eprivacy Directive 214Eprivacy Regulation 215Epsilon 215Equivalence Class 216Equivalence Class Structure 216Erasure 216Escrow 217Ethical Hacking 218Ethics 218Ethics Committee 218EULA 219European Convention on Human Rights (ECHR) 219European Data Protection Board (EDPB) 220European Data Protection Supervisor (EDPS) 221Exfiltration 221Expectation-Maximization Algorithm 221Explainable AI (XAI) 221Explanatory Variable 222Explicit Consent 222Exposure 223Express Consent 223Extranet 224Extrinsic Privacy 224FFace Recognition 225Facial Recognition Technology 225FAIR 226Fair Information Practice Principles (FIPPS) 226Fairness 227Fair Processing Notice 228Fake Profile 228False Light 229False Negative 230False Positive 230Family Resemblance Theory of Meaning 231FARAS 231Feature 231Federal Trade Commission (FTC) 232Federated Identity 232Federated Learning 233Feminist Critique of Privacy 233FHE 234Fiduciary Duty 234Filing System 235Financial Privacy 235FIPPS 236Firewall 236Firmware 237Fishing Attack 238Five Safes 238Flexible Output 238Formal Anonymisation 239Formal Privacy 239Format Preserving Encryption (FPE) 240Foundation Model 240FPE 240Freedom of Expression 241Freedom of Information 241Freely Given Consent 242Frequency Data 242FTC 243Fully Automated Remote Analysis System (FARAS) 243Fully Homomorphic Encryption (FHE) 243Functional Anonymisation 244Functional Unique Identifier 245Function Creep 246Fuzzing 246GGait Recognition 247Game Theory 247Gatekeeper 248GDPR (General Data Protection Regulation) 248Gendered Spaces 250General Data Protection Regulation 250Generative AI 250Genetic Data 251Genetic Fingerprint 251Genetic Privacy 252Genomic Data 253Geographical Resolution 253Geoprivacy 254Geo-Social Data 254Geotagging 255Globally Unique Identifier (GUID) 255Global Privacy Control (GPC) 256Global Recoding 256Global Suppression 257Gossip 257GPC 257Graduated Security 258Grey Hat Attack 258Group Harms 258Group Privacy 259GUID 260HHacking 261Harassment 261Harm 262Hashing 263Header Information 263Health Information Exchange (HIE) 264Health Insurance Portability and Accountability Act (HIPAA) 265Hellinger Distance 265Hidden Service 266HIE 266Hierarchical Data 266HIPAA 266History of Privacy 266Homomorphic Encryption 268Honeypot 268HRIA 269HTTP 269HTTPS 269Human-Centred Cybersecurity 269Human Rights Impact Assessment (HRIA) 270Hypertext Transfer Protocol (HTTP) 270Hypertext Transfer Protocol Secure (HTTPS) 271II2P 272ID Card 272Idem-Identity 272Identifiability 273Identifiable Data 273Identifiable Individual 273Identifiable Natural Person 273Identification Card 274Identification File 275Identified Data 276Identified Natural Person 276Identifier 277Identity 277Identity Assurance 279Identity Cloning 280Identity Disclosure 280Identity Documents 281Identity Management 281Identity Provider 282Identity Theft 283Ideological Privacy 283IDS 284Impact Management 284Impersonation 284Implicit Consent 284Imputation 285Inadvertent Disclosure 285Incognito Mode 286Incremental Authorisation 286Indirect Identifier 286Inference 287Inference Attack 288Inferential Disclosure 288Inferred Data 289Inforgs 289Information 289Informational Privacy 289Informational Self-Determination 291Information Broker 291Information Classification Table 291Information Ethics 292Information Governance 292Information Lifecycle Management 293Information Loss 293Information Ownership 293Information Security 294Informed Consent 294Infosphere 295Inherence 296Input Privacy 296Input Statistical Discloure Control 297Integrity 297Intellectual Privacy 298Intellectual Property (IP) 298Intentional Data 300Intention–Behaviour Gap 300Interference 300Internal Security Testing 301International Transfer 301Internet 301Internet of Humans 302Internet of People 302Internet of Things 302Internet Protocol (IP) 303Interoperability 304Interval Publication 305Intimacy 305Intranet 306Intruder 306Intruder Testing 307Intrusion 307Intrusion Detection System (IDS) 308Intrusion Prevention System (IPS) 308Intrusion upon Seclusion 309Invasive BCI 309Inversion Attack 310Inviolate Personality 310Invisible Computing 311Invisible Internet Project 311IP 311IP Address 312IPS 312IPSE-Identity 312Iris Scanning 312Irreversibility 313ISO27001 313ISO27002 314Isolation 314J Jensen–Shannon Divergence 316Jigsaw Identification 316Joint Data Controller 316Jurisdiction 317Just-In-Time Consent 317Just-In-Time Notice 318KK-Anonymity 319Key Disclosure 319Key Logger 319Key Logging 319Key Variable 320Knowledge Economy 320Kompromat 320LLaplace Noise 322Large Language Model 322Lawful Basis 322Lawfulness 323Layered Notice 324Layered Security Model 324LBS 325L-Diversity 325Lead Supervisory Authority 325Least Privilege 326Legal Basis for Processing 326Legitimate Interest 326Libel 327Licence Agreement 327Lifecasting 328Lifelogging 328Lifestreaming 329Linkability 329Linkable Information 330Linkage 330Linkage Attack 330Link Encryption 331Local Shared Object (LSO) 331Local Suppression 331Locational Privacy 332Location-Based Service (LBS) 333Location Data 333Location Tracking 334Logic Bomb 334Longitudinal Data 335Loyalty Card 335LSO 336MMAC 337Machine Learning (ML) 337Magnitude Data 339Main Establishment 339Male Gaze, The 339Malicious Proxy Server 340Malware 340Management Information System 340Mandatory Access Control (MAC) 341Mandatory Decryption 341Mandatory Key Disclosure 342Man-in-the-Middle Attack 342Manual Key Transport 343Mash Attack 343Mask 343Masking 344Masquerade 344Matching 344Material Scope 345Material Transfer Agreement 345Maximum Knowledge Intruder 346Media Access Control (MAC) Address 346Medical Record 347Membership Inference Attack 347Mental Capacity 347Mental Privacy 348Mesh Network 349Message Digest 349Metadata 350Metadata-Level Controls 350Metaverse 351MFA 351Microaggregation 351Microdata 352Minimal Unique 352Missing Data 353Mission Creep 353Misuse of Private Information 353ML 354Mobility Traces 354Model Inversion Attack 355Molka 355Monetary Equivalent Burden (of Privacy) 355Mosaic Identification 356Motivated Intruder 356Motivated Intruder Test 356M-Probability 356Multi-Factor Authentication (MFA) 357Multimodal De-Identification 357Multiple Imputation 357Multi-Vector Attacks 358Mutual Assistance 358Mutual Authentication 358NNational Security 360Natural Person 360Necessity 361Need to Know 361Negative Externalities of Disclosed Data 362Negative Externalities of Privacy 362Negligence 363Network 364Network Encryption 364Network Layer Attack 364Network Security 365Network Segmentation 365Neural Prosthesis 366Neurocapitalism 366Neurodata 367Neuroethics 367Neuroprivacy 368Neuroprosthetics 368Neurotechnology 368(N,K) Rule 369Noise Addition 369Nom de Guerre 369Nom de Plume 369Nominal Data 370Non-Disclosure Agreements 370Non-Discrimination Law 370Non-Invasive BCI 371Notice and Consent 371Nudge Theory 372Nudging 372OObfuscation 373Objective Harm 373Oblivious Transfer (OT) 373Obscurity 374Obtrusion 375OECD Guidelines (On Privacy) 375Offline Dictionary Attack 376One-Stop-Shop 377One-Way Hash Function 377Onion Routing 378Online Vetting 378Ontological Security 378Onward Transfer 379OPE 380Open Access 380Open Data 381Open Source 382Opt-In 383Opt-Out 383Order-Preserving Encryption 384Ordinal Data 385Orwell Attack 385OT 385Other 386Outing 386Outlier 386Output Checking 387Output Privacy 387Output Statistical Disclosure Control 388Overimputation 389PP3P 390Packet Filter 390Packet Sniffing 390Panel Data 391Panopticon 391Paparazzi 392Paparazzi Attack 392Parental Controls 393Partially Homomorphic Encryption 393Participant Information Sheets 393Participatory Surveillance 394Passive Collection 394Password 395Password Manager 395Patch 395Patch Management 396PDS 396Peeping Tom 396Penetralia 396Penetration Test 397Persistent Cookie 397Persistent Pseudonym 397Person 398Personal Data 398Personal Data Cloud 399Personal Data Store (PDS) 399Personal Identification Number (PIN) 400Personal Information 400Personal Information Management System (PIMS) 401Personalisation 402Personalisation Reactance 403Personalised Medicine 403Personalised Services 404Personally Identifiable Information (PII) 404Personal Space 405Personhood 405Perturbation 406Pervasive Computing 406PET 406Pharming 407PHE 407Philosophy of Information 407Phishing 409Phone Hacking 409Physical Privacy 409PIA 410PII 410PIMS 410PIN 410Pixelisation 410Plaintext 411Platform for Privacy Preferences (P3P) 411Poisoning Attack 412Population 412Population Unique 412Population Unit 413Port Scan 413Positive Externalities of Disclosed Data 414Post Quantum Cryptography (PQC) 414Post Randomisation (PRAM) 415PPDA 415PPDM 415PPML 415P/Q Rule 415PRAM 416Predictive Analytics 416Predictive Modelling 417Presence Detection 417Price Discrimination 417Primary Data 418Prior Posterior Ambiguity Rule 418Privacy 418Privacy as Control 419Privacy as Redistribution of Costs 420Privacy Avatar 421Privacy, Benefits of 421Privacy Budget 422Privacy-by-Design 422Privacy Calculus 423Privacy Concern 423Privacy, Cultural Variation of 424Privacy Elasticity 424Privacy Engineering 424Privacy-Enhancing Technology (PET) 425Privacy First 425Privacy Fundamentalists 426Privacy Guarantee 426Privacy Impact Assessment 427Privacy Insurance 427Privacy-Invasive Technology 427Privacy Metric 428Privacy Model 428Privacy Notice 429Privacy Officer 429Privacy Paradox 430Privacy Policy 431Privacy Pragmatists 431Privacy Preference 432Privacy Premium 432Privacy-Preserving Data Analytics (PPDA) 432Privacy-Preserving Data Mining (PPDM) 433Privacy-Preserving Data Publishing 433Privacy-Preserving Machine Learning (PPML) 433Privacy-Preserving Record Linkage (PPRL) 434Privacy Risk 434Privacy Screen 435Privacy Seal 435Privacy Settings 436Privacy Threat 436Privacy Tort 437Privacy Trade-Off 438Privacy Unconcerned 438Privacy, Value of 439Private Army 439Private Biometrics 439Private Browsing Mode 440Private Enterprise 440Private Key 440Private Life 440Private Parts 441Private Property 442Private School 442Private Sector 443Private Sphere 443Probabilistic Record Linkage 444Processing 445Profile 445Profiling 445Prolepticon 446Proportionate Security 446Proportionality 447Proprietary Privacy 447Protected Characteristics 448Protocol 448Provable Security 449Proxemics 450Proxy 450P% Rule 450Pseudonym 450Pseudonymisation 451Pseudonym Reversal 453Psychographic Advertising 453Psychological Privacy 453Public 454Publication 455Public Disclosure of Private Facts 455Public Domain 456Public Figure 456Public Interest 457Publicity 458Public Key 459Public-Key Cryptography 459Public-Key Infrastructure (PKI) 460Public Records 460Public Sphere 461Publishing 462Purchase History 462Purple Team 462Purpose Limitation 463Purpose Specification 464QQuantitative Privacy 465Quantum Computing 465Quasi-Identifier 466Query Logging 466Query Overlap 467Quishing 467RRadical Transparency 468Radio Frequency Identification (RFID) 468Randomised Response 469Random Rounding 469Random Unique 469Ransomware 470Rational Consumer 470Reality Mining 471Reasonable Expectation of Privacy 471Reasonable Search 473Recognition 473Recommendation System 473Recommender System 474Reconstruction Attack 474Record 474Record Linkage 475Records Management 476Record Suppression 476Rectification 476Redaction 476Red Team 477Reference Monitor 477Regulation 477Regulators 478Reidentification 478Reidentification Attack 480Relational Autonomy 480Release and Forget 481Reliability 481Reliance 481Reliance Authentication 481Remailing 482Remediation 482Remedies 482Remote Access 483Remote Access Server 483Remote Analysis Server 483Remote Query 484Replay Attack 484Repurposing 485Reputation 485Reputation Management 485Reserve 486Resilience 486Respondent 486Response Knowledge 487Response Variable 487Responsible Disclosure 487Restricted Access 488Retention 488Revenge Porn 488Reverse Fishing Attack 489Reversibility 489Revocation 489Right of Access 490Right to an Explanation 490Right to Be Forgotten 491Right to Be Informed 492Right to Be Let Alone 493Right to Correct 494Right to Data Portability 494Right to Data Protection 494Right to Deletion 495Right to Object 495Right to Privacy 496Right to Rectification 496Right to Restriction 496Risk 497Risk Assessment 498Risk Management 498Risk Tolerance 498Risk–Utility Trade-Off 499Roe v Wade 500Role-Based Access Control 500Rounding 500RSA Encryption 501R-U Map 501Rumour 501SSafe Data 502Safe Harbor 502Safe Output 503Safe People 503Safe Projects 503Safe Settings 503Safety 504Salt 504SAML 505Sample Unique 505Sample Unit 505Sampling 505Sampling Fraction 505Sandbox 506Sandboxing 506Scenario Analysis 506Schrems 507Scraping 507Scrutiny 507SDC 508SDL 508SDLC 508Search 508Search Engine 510Seclusion 510Secondary Data 510Secondary Differentiation 511Secondary Use 511Secrecy 511Secret 512Secret Ballot 512Secret Sharing 513Secure Communication 514Secure Messaging 514Secure Multi-Party Computation 514Secure Sockets Layer (SSL) 515Secure Web Gateway (SWG) 515Secure Web Platform 516Security 516Security Assertion Markup Language (SAML) 517Security Audit 518Security-By-Design 518Security-By-Obscurity 518Security Information Management (SIM) 519Security Parameter 519Security Posture 520Security Requirement 520Security Token 520Self-Archiving 521Self-Control Security 521Self-Disclosure 521Self-Reflection 522Self-Sovereign Identity (SSI) 522Self, The 523Semantic Security 524Semi-Invasive BCI 524Sensitive Data 524Sensitive Variable 524Sensitivity 525Sensor 525Serial Number 526Service User Agreement 526Sessional Cookie 526Shoulder Surfing 526SIM 527Single Out 527Single Sign-On 528Singularity, The 528Slander 529Smart City 529Smart Device 530Smart Grid 530Smart Implants 531Smart Meter 531Smishing 531SNARK 532Social Credit System 532Social Engineering 532Social Genome 533Social Linked Data (SOLID) 533Social Network 534Social Network Analysis 536Social Profiling 536Social Steganography 536Sock Puppet 536Software 536Software Development Lifecycle (SDLC) 537SOLID 537Solitude 537Sousveillance 538Spam 538Spam Filter 539Spatial Cloaking 539Spatial Privacy 539Spear Phishing 540Special Category Data 540Special Unique 540Speech Recognition 541Split Tunnelling 541Spontaneous Recognition 542Spoofing Attack 542Spyware 543SQL 543SQL Injection 543SSI 544SSL 544Stakeholder 544Stalking 545Standard 545Standard Contractual Clauses 546Standard Model Clauses 547Static Key 547Statistical Disclosure 547Statistical Disclosure Control (SDC) 548Statistical Disclosure Limitation (SDL) 549Steganography 549Storage Limitation 549Streisand Effect 550Structural Zero 550Structured Query Language (SQL) 551Subject Access Request 551Subjective Harm 551Subliminal Advertising 552Subtraction Attack 552Succinct Non-Interactive Zero-Knowledge Proof (SNARK) 553Super Cookie 553Supervisory Authority 554Suppression 554Surname Attack 555Surveillance 555Surveillance Capitalism 556Swapping Key 557SWG 558Symmetric Cryptography 558Symmetric Key Encryption 558Synthetic Data 558T Table Redesign 559Tabular Data 559Tagging 559Target Dataset 560Targeted Advertising 560Target Variable 560TCB 560T-Closeness 560TCP 561Technical And Organisational Measures 561TEE 561Telephone Tapping 561Terms of Service 561Territorial Privacy 562Territorial Scope 562Text Anonymisation 563TFA 563The Onion Router 564Therapeutic Alliance 564Thermal Imaging 564Third Party 565Third Party Doctrine 566Thought Police 566Threat Modelling 566Threshold Rule 567Time Bomb 567Time Series 568TIPS (Trust, Identity, Privacy, Security) 568TLS 569Tokenisation 569Topcoding 569TOR (The Onion Router) 569Tracing 570Tracker 570Tracker Blocker 571Tracking 571Traffic Data 571Transmission Control Protocol (TCP) 572Transparency 572Transparency Notice 573Trapdoor 574Trespass 574Trojan Horse 574Trust 575Trusted Computing Base (TCB) 576Trusted Execution Environment (TEE) 576Trusted Research Environment 577Trusted Third Party 577Trustworthy Digital Identity 578Tunnel Encryption 578Two Factor Authentication (TFA) 578UUbicomp 579Ubiquitous Computing (UBICOMP) 579UK GDPR 579Unambiguous Consent 580Unicity 580Uniform Resource Identifier (URI) 580Unique Identifier 581Uniqueness 581Unreasonable Search 581Untraceability 582U-Probability 583URI 583User 583User-Centred Design 584User Modelling 584Username 585US Privacy Laws 585Utility First 586V Value–Action Gap 587Value of Data 587Value of Privacy 588Value Sensitive Design (VSD) 589Veil 589Verifiable Secret Sharing (VSS) 590Vicarious Liability 590Virality 591Virtual Machine (VM) 592Virtual Private Network (VPN) 592Virus 593Vishing 593Vital Interests 593VM 594Voice over Internet Protocol (VoIP) 594VoIP 595Voyeurism 595VPN 595VSD 595VSS 595Vulnerability 595Vulnerability Management 596Vulnerable Population 597W Wearable Computing 598Wearable Tech 599Web 2.0 599Web 3.0 599Web Beacon 600Web Bug 601Web of Trust 601Web Profiling 602Web Skimming Attack 602Whistleblowing 602White Box Testing 603White Hat Attack 604Wiretapping 604World Wide Web (WWW) 604Worm 606WWW 606XXAI 607XSS 607X Variable 607YY Chromosome 608Y Variable 608ZZero Day Attack 609Zero Knowledge 609Zero Knowledge Proof 610Zero Trust Security 610

‘The prize for top class analysis of linked administrative data is huge. But it is critical that such data are held safely and used ethically. This can be hugely enhanced by the use of privacy enhancing methods. This Dictionary, compiled by some of the leading figures in the field, is an important source for identifying the best strategy. I am delighted to endorse it.’