Set #3Vocabulary (Data Flow Diagrams and Related Concepts)

Vocabulary flashcards covering key privacy, security, and data protection terms from the lecture notes.

Data Flow Diagrams

A graphical representation of the flow of data in an information system; used by analysts to design information systems and by management to model data flow within organizations.

Data Loss Prevention

Strategy and software to prevent end users from disseminating sensitive information outside the organization and to control what data can be transferred.

Data Masking

Process of de-identifying or anonymizing data so the structure remains but the content is not sensitive, used to create data sets for training or testing.

Data Matching

Activity of comparing personal data from multiple sources to make decisions about the individuals the data pertains to.

Data Minimization Principle

Principle that data collection should be limited to what is directly relevant and necessary for the stated purpose, retained only as long as needed.

Data Processing

Any operation on personal data (collecting, recording, organizing, storing, using, disclosing, etc.).

Data Processor

Individual or organization that processes data on behalf of the data controller; can be a third-party provider or the controller itself.

Data Protection Authority

Official body that ensures compliance with data protection laws and investigates breaches.

Data Quality

Fair information practices principle: data should be relevant, accurate, complete, and up-to-date for its purposes.

Data Recipient

Person, authority, agency or body that processes personal data on behalf of the data controller.

Data Subject

The individual about whom information is being processed (e.g., patient, employee, customer).

De-identification

Action of removing identifying characteristics so data does not identify an individual.

Declared Data

Personal information directly given to a social network or other website by a user.

Demographic Advertising

Web advertising based on information about an individual (age, height, weight, location, gender).

Digital Advertising Alliance

Non-profit organization setting standards for consumer privacy, transparency and control in online advertising; over 100 companies participate.

Digital Fingerprinting

Use of log files to identify a website visitor; often used for security and system maintenance.

Digital Rights Management

Management of access to and use of digital content after sale; often tied to access control technologies to defend copyrights and IP.

Digital Signature

Means for ensuring the authenticity of an electronic document (email, file, etc.).

Directive on Privacy and Electronic Communications Act 2002/58EC

EU policy directives continued from the Data Protection Directive; amended by the Cookie Directive 2009/136EC.

Discretionary Access Control

Access control where the owner of an object can grant or deny access.

DMZ (Demilitarized Zone) Network

Firewall configuration securing LANs; DMZ hosts act as a broker for traffic between the LAN and an outside network.

Do Not Track

Proposed regulatory policy allowing consumers to opt out of web Usage tracking.

E-Commerce Websites

Websites with online ordering capabilities that have direct access to user purchase and payment information, creating privacy risks.

Electronic Communications Data

Contains three main categories: content of a communication, traffic data, and location data.

Electronic Communications Network

Transmission systems and resources that permit the conveyance of signals by wire, radio, optical or other electromagnetic means.

Electronic Communications Service

Any service which provides to users the ability to send or receive wire or electronic communications.

Electronic Surveillance

Monitoring through electronic means (video surveillance, intercepting or stored communications, location-based services).

Encryption

Process of obscuring information, often through a cryptographic scheme to make information unreadable without special knowledge.

Encryption Key

A cryptographic element used with an algorithm to encrypt plaintext or decrypt ciphertext.

End-User License Agreement

Contract between the owner of the software and the user; user pays to use the software and must comply with restrictions.