Glossary

Definitions of common privacy terms and how they may affect you.

CAN-SPAM Act — legislation enacted in January 2003 to establish guidelines for online marketers to follow when sending electronic messages to consumers.

Cookie — a data file that is stored by a Web browser on the hard drive of a computer used to view a Web site. Cookies are placed by that site or by a third party, such as an advertiser. The information stored can be used to collect anonymous marketing research information or to store functional data to be used again during future visits.

COPPA - Children’s Online Privacy Protection Act, applies to the online collection of personal information from children under 13. The rules spell out what a Web site operator must include in a privacy policy, when and how to seek verifiable consent from a parent and what responsibilities an operator has to protect children’s privacy and safety online.

Data privacy — the reasonable assurance that a company takes necessary steps to ensure that data cannot be viewed by anyone other than its intended recipient.

Do Not Call List — registering with the national Do Not Call Registry helps to reduce unwanted telemarketing phone calls to your home or cell phone.

HIPAA Privacy Rule — requires authorization or waiver of authorization for the use or disclosure of identifiable health information.

Identity theft — the deliberate use of another person’s name and other identifying information to commit theft or fraud or to access confidential information about an individual.

IP Addresses — Internet Protocol (IP) Addresses are numerical codes that are used to identify the unique address of each computer or device that is attached to the Internet, or a local area network (LAN) that support the Internet Protocol. In some cases, IP addresses are assigned on a dynamic basis (each time a computer connects to the network, it is assigned a new address). IP addresses are useful for tracking annonymous activity, but they can provide limited or no personal information about visitors.

Mail Preference Service — a service that may help you reduce junk mail sent to your residential, postal mailing address. Companies that belong to the Direct Marketers Association are supposed to scrub their mailing lists against the do not mail list.

Malware — a blend of the words “malicious” and “software”, malware refers to software specifically designed to infiltrate or damage a computer system without the owner’s informed consent.

Opt In — a consumer provides consent that permits a company to send marketing messages to the consumer.

Opt Out — the action whereby a consumer withdraws permission to be contacted by a company for marketing purposes.

Permission Level — the level of permission a user has granted a company to receive marketing messages from them.

Personally Identifiable Information (PII) — data which can be used to identify or contact a person uniquely. Might include name, address, telephone number, e-mail address, social security number or other identifying information.

Phishing — a fake Web site created to trick you into entering your password and other personally identifiable information. You might mistype letters in a URL by accident (e.g. “a0l.com” instead of “aoi.com”) and arrive at a fake page made to look like the real one. Often fake email spam designed to look like it’s from real financial companies or shopping Websites, encourage you to click a link that directs you to a fake page and login.

Pretexting — the use of false pretenses, including fraudulent statements and impersonation, to obtain an individual’s personal information, such as bank balances or phone records.

Pretty Good Privacy (PGP) — a user-friendly form of public-key encryption that prevents a message (e.g. email) from being altered in route from sender to receiver, although it does not protect the message from being altered once the receiver decodes it with a digital “key.”

Privacy policy — A statement that summarizes how a company intends to use data collected during a visit to their Web site.

Spam — typically refers to email marketing messages sent without opt-in consent.

Spyware — typically refers to software applications that gather information about a person without his/her knowledge. The program is usually secretly installed on a computer to gather information about the user and relay it to advertisers or other interested parties.

Vishing — short for voice phishing. A variation on phishing. Fraudsters trick unsuspecting consumers into calling a phone number and revealing personally identifiable information. Scammers might also call the consumer directly and misrepresent themselves as representatives for a business the consumer is familiar with.