Privacy glossary

Online privacy can be confusing. What’s fingerprinting? Why are trackers bad? In this easy-to-read list you’ll find short definitions of essential privacy terms.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

Ad blocker
An ad blocker is a browser feature, or a browser extension, that prevents your Web browser from showing ads on webpages, videos, streams, podcasts, or apps. Ad blockers often improve your browsing experience, but can bring security risks.
AML
AML stands for “anti-money laundering.” The term refers to the practices that financial institutions—like banks and payment services—use to make sure their customers’ money does not come from illegal activity. Financial regulators require institutions to have robust AML, as part of their efforts to fight financial crime.
AMP
AMP stands for “Accelerated Mobile Pages,” a limited version of HTML, developed by Google. Website owners can create AMP versions of their pages, which look like they’re coming from the original publisher’s site. But in fact an AMP page is a cached version of the original page that lives on Google’s servers. This makes AMP harmful to privacy, security, and the openness of the Web. Google positioned AMP as a way for website owners to make their pages faster but, ironically, they’re often slower than the original publisher versions.
Anonymity
In the context of Web privacy, anonymity means that when you visit a website it can’t distinguish you from any other visitor, or even know whether you’ve visited previously. There’s an important difference between anonymity and pseudonymity, which is a related (and far more common) concept. Pseudonymity means that when you visit a website the site can tell whether you’ve been to the site before, and may even remember what you did in previous visits, but otherwise doesn’t know anything about your real-world identity.
API
API stands for “application programming interface.” Most generally, an API is a way for software systems or pieces of code to communicate with each other—generally, for one system or piece of code to “ask” another to perform tasks, transfer data, or both. One system’s API defines what other systems/code can ask it to do, and the technical details of the communication (such as data formats).

B

Big tech
“Big tech” is a blanket term for large tech companies that make widely used hardware and software, and generally have a huge amount of influence on technology, the Internet, and the economy as a whole. When capitalized as “Big Tech,” the term often refers to five companies: Amazon, Apple, Google (or Alphabet), Meta (formerly Facebook), and Microsoft. Several of the major Internet brands you may know are actually part of these companies, such as YouTube (Google), Instagram and WhatsApp (Meta), and LinkedIn (Microsoft).
Bounce tracking
Bounce tracking is a technique used by Web trackers. It involves inserting an intermediary link between you and the website you want to visit, allowing a tracker to know you and / or your interests, and thus use this data to sell more targeted ads. This technique is also sometimes known as “redirect tracking.”
Browser
A browser (or Web browser) is an app for your computer, tablet, or smartphone that lets you look at and interact with websites. The browser “calls” the server on which a website is hosted, and then renders that site for you in an intelligible way. Note that a browser is different than a search engine.

C

Cache
Cache (also known as “browser cache” or “Web cache”) is a temporary storage area on your device that holds copies of frequently accessed webpages, images, and other online content. Allowing your browser to store some data about previously visited websites prevents the need for future requests, and helps those sites / pages load faster the next time you visit.
Certificate
A certificate is a digital document that a website or other Internet service uses to prove its identity to users. If you see a lock icon in your Web browser’s address bar, that means the website you’re viewing has presented a valid certificate. And this generally means that anyone who might be spying on your Internet connection (like someone else on your Wi-Fi network) wouldn’t be able to see or modify the content you’re seeing on that website.
Client
A client is the hardware or software that accesses a service on a server. The term “client” may refer to a person using the service, or a piece of software (like a Web browser) or hardware (like a phone or computer) the person is using to access the service. A server is a piece of software or hardware whose purpose is to offer a service over a computer network, such as the Internet.
Cookie
A cookie is a small piece of data that a website (the server) places on your device (the client). The exact meaning of cookie contents is specific to each website. In some cases these are benign, and required for the site or app to function (e.g. to know you put an item in a shopping cart). In other cases, cookies can be used to track your browsing activity, search history, and to follow you across the Web. Note that the term “cookie” is used in two different ways: to describe a specific way of setting values on browsers; and as a general term for all ways sites can store values on clients.
Cybersecurity
Cybersecurity is the practice of protecting computing devices and networks from external threats. For purposes of this article, “cybersecurity” refers to practices that IT and security professionals use to protect the systems they’re in charge of, or whole groups of employees. The related term “security” is more general, and can also refer to practices an individual might take to stay safe online or a business might use to secure the buildings they use.

D

DNS
The Domain Name System (DNS) is an Internet protocol that enables a browser and operating system to look up the IP addresses that correspond to domain names. IP addresses and domain names are each a type of identifier for devices on the Internet. IP addresses are numerical (like 203.0.113.43), while domain names are human-readable (like “brave.com”).

E

Encryption
Encryption is a cryptography term that means a message or data is indecipherable to outside observers. In Web browsing, this can mean data is unreadable as it moves across the Internet. If the data is also only readable by the site or app you want to view, it would be “end-to-end” (E2E) encrypted. Note that E2E encryption has very specific technical requirements, and most services that claim to offer it actually don’t. Also note that in some cases the parties on the website you’re viewing can see your message content (e.g. Facebook can see what you post in the WhatsApp client).
Extension
A browser extension (usually just “extension”) is a mini-app that can be downloaded and added to a Web browser to augment it’s out-of-the-box functionality or to add a new feature. Common browser extensions include ad blockers, spell-checkers, dark-mode / visual altering tools, and crypto wallets. Extensions are usually made by third parties (i.e. not the browser), and not always policed or vetted for security / privacy risks.

F

Filter list
A filter list is a list of criteria that ad blockers and tracker blockers use to determine which content to block. This can include ads, trackers, pop-ups, cookie consent notifications, or other website annoyances.
Fingerprinting
A fingerprint is a combination of many characteristics of your browser and device that uniquely identify you to a website. Fingerprinting is a tracking technique that doesn’t rely on cookies, which more browsers are blocking by default.
First-party ad
A first-party ad is a Web ad whose content is loaded from the same domain as the page showing the ad. The domain is the part of the URL after the “://” and before the next slash. For example, the domain of this page’s URL is “brave.com.” The opposite of a first-party ad is a third-party ad, which is loaded from a different domain than the page showing the ad.

G

GDPR
The General Data Protection Regulation (GDPR) is a European Union (EU) law. It provides individuals with rights over the use of their personal data, and sets out rules that companies and organizations must follow when collecting and using personal data about individuals. GDPR has been in force since 2018.

H

HTML
HTML (short for “HyperText Markup Language”) is a system of special notations that specify what a webpage should look like and how it should work. HTML is how webpages—including their text, images, tables, links, forms, and so on—are transmitted over the Internet to your device. HTML is the standard coding (or “markup”) language used to build pages that render in a Web browser.
HTTPS
HTTPS (HyperText Transfer Protocol, Secure) is a secure version of HTTP, the standardized method by which Web browsers and Web servers talk to each other over a network. HTTPS generally protects data in transit between a server (where a website or app “lives”) and the client (the phone or computer) you’re browsing from. Some browsers now automatically upgrade sites to HTTPS, or will warn you if HTTPS isn’t available; sites where HTTPS is not available should be visited with caution.

I

IP address
An Internet Protocol (IP) address is a numerical label (like 203.0.113.43) that identifies a device on a network, and allows computers to talk to each other. Any device on any network will need an IP address so it can receive data from other devices; the IP address is how the network gets data to the right place. Some IP addresses are public, while others are private. Sometimes, your IP address can be used to identify and track you across sites and apps.
ISP
An Internet service provider (ISP) can provide home or work access to the Web, along with things like domain name registration and Web hosting. For many home Internet users, being online means all data must go through some sort of ISP (and this ISP can see all your traffic and online activity unless you take steps to prevent it). Some examples of ISPs include Comcast, AT&T, and Verizon.

K

KYC
KYC stands for “Know Your Customer.” The term refers to the practices that financial institutions—like banks and payment services—use to make sure they know the true identities of the people and organizations they serve, and to assess the risks of serving them. The term can also refer to the government regulations that require these practices. Financial regulators require institutions to have robust KYC, as part of their effort to fight financial crime.

M

Malware
Malware is any software that has a malicious purpose. Common uses of malware are to steal private information, steal or extort money, disrupt infrastructure, or to simply cause chaos. Examples of malware include viruses, Trojans, ransomware, and Spyware. When browsing the Web, it’s important to take adequate steps to protect yourself from malware.

O

Open source
Open-source software is software whose source code—the instructions that define what the software does—is published and freely available. The opposite of open source is closed source. Source code is human-readable, and software developers create software by writing it. To run software on a device, though, the source code has to be transformed into a form that’s mostly unreadable to humans. That unreadable form is what you get when you download an app. Open-source software is often developed in a collaborative manner, and considered a public good, free for anybody to use. The Brave Browser, Linux operating system, and OpenOffice are examples of open-source software.

P

Password manager
A password manager is software that stores the usernames and passwords to your online accounts. It can automatically fill in usernames and passwords on login pages, generate new random passwords, and sync your passwords across multiple devices. Using a password manager can save you a lot of hassle and—when used properly—dramatically improve your privacy, safety, and security online.
Phishing
Phishing (pronounced “fishing”) refers to stealing people’s passwords by tricking them, using a fake website that mimics a legitimate one. Phishing often takes place via email, with the sender pretending to be a well known person or company. Phishing messages typically invoke a sense of urgency or panic, and compel readers to take immediate action.
Privacy
In the context of computing, privacy means that your personal data isn’t seen by anyone whom you don’t want to see it, and isn’t used by anyone in ways you don’t approve of. Personal data means both information about you (e.g. your name, email address, or phone number) and also about what you do (e.g. which websites you visit, what you post online, who you talk to, or what you buy).
Privacy policy
A privacy policy is a document from a company or organization that describes how they collect and store personal information, what they do with it, and what your rights are with regard to your personal information.
Private (incognito) window
A private window (or incognito window), is a browser window that forgets everything you did in it when you close it. Different browsers use different names for the same feature. Brave, Safari, and Firefox use “private window,” while Chrome uses “incognito window” and Edge uses “InPrivate window.” Note that this “forgetting” only refers to data stored on your device.

R

Randomness
Randomness is the property of lacking structure or organization, or otherwise being unpredictable. In the context of digital security, randomness plays an important role in cryptography and encryption—often used to generate random strings of characters and numbers known as “keys.”
Ransomware
Ransomware is a type of malicious software (malware) that encrypts the contents of your device so it’s unusable, then offers to restore your device (your phone, computer, or tablet) in exchange for a payment to the ransomware operator.
Retargeting
Retargeting is a specific type of ad targeting, in which you’re shown ads for something that you’ve shown interest in buying. For example, if you put an item in your shopping cart on an e-commerce site, but you don’t check out, you might start seeing ads for that item all over the Web. Those ads are retargeted.

S

Safe Browsing
Safe Browsing is a service, run by Google, that catalogs fraudulent or malicious websites. It’s integrated into several major browsers—including Brave, Chrome, Safari, and Firefox—so that they can warn you if you’re about to visit such a site. Edge uses a similar (though slightly different) service that’s run by Microsoft.
Search engine
A search engine is a service, accessible over the Web, that finds information on the Web in response to your queries. The most widely used search engine, by far, is Google Search, usually just called “Google.” Google Search is so ubiquitous that “to google” has become a verb meaning “to search the Internet.” Some large sites, like YouTube, have search functionality that only finds items on that site (videos and channels, in YouTube’s case). That’s sometimes called a search engine too.
Security
Computer security is the protection of computing devices, networks, and data from external threats.
Server
A server is a piece of software or hardware whose purpose is to offer a service over a computer network, such as the Internet. Servers can be physical machines, virtual machines, or software that performs server-like functions. The consumers of the service are called clients. The term “client” may refer to a person using the service, or a piece of software (like a Web browser) or hardware (like a phone or computer) the person is using to access the service.
Spam
Spam is unwanted, unsolicited communications such as emails, text messages (SMS), or calls, sent in bulk to many recipients at once.
Storage
Storage is a general term in computing that means keeping data over a period of time. In the context of Web browsers, it has a more specific meaning: Web browsers set aside a limited amount of space on your device, where websites can store data. This is usually called “local storage.” Common uses of local storage are to store your settings for the site (such as your dark mode / light mode preferences) and to save work in progress. Some sites may also use local storage to enable limited offline functionality (such as the ability to continue editing a Google doc, even without a Wi-Fi connection).
Surveillance economy
The surveillance economy describes the business of collecting and monetizing people’s personal information at scale, and the companies that are involved in this business.

T

Third-party ad
A third-party ad is a Web ad whose content is loaded from a different domain than the page showing the ad. The domain is the part of the URL after the “://” and before the next slash. For example, the domain of this page’s URL is “brave.com.” The opposite of a third-party ad is a first-party ad, which is loaded from the same domain as the page showing the ad.
Tracker
A tracker is a small piece of software, embedded in a website, that records your activity on the site. Trackers send information about the activity they’ve recorded to a tracking server, owned by the company that made the tracker. Web ads usually include trackers, though you couldn’t tell just by looking at an ad. Social media buttons on other sites (such as “Like” buttons) also include trackers. Most trackers are invisible.

U

URL
A URL (short for Uniform Resource Locator) is a string of letters, numbers, and special characters that identifies a place on the Internet, such as a website, and provides a method for reaching it. When browsing the Web, URLs appear in the address bar of your browser, as with https://www.brave.com/glossary. For this reason URLs are sometimes called “addresses.”
UTM
A UTM is a parameter that can be appended to the end of a website address (or URL), and share information about where you got the URL from. UTMs are a common way for marketers to learn how visitors are finding their site, and are often associated with tracking.

V

VPN
A virtual private network (VPN) enables data to be sent from your device over the Internet (e.g. to a website) via an encrypted tunnel. VPNs can be used to remotely access private networks, or to shield personal info like your IP address, and generally allow for added privacy and security. But note that not all VPNs are created equal.

Ready to Brave the new internet?

Brave is built by a team of privacy focused, performance oriented pioneers of the web. Help us fix browsing together.

close
close

Almost there…

You’re just 60 seconds away from the best privacy online

If your download didn’t start automatically, .

  1. Download Brave

    Click “Save” in the window that pops up, and wait for the download to complete.

    Wait for the download to complete (you may need to click “Save” in a window that pops up).

  2. Run the installer

    Click the downloaded file at the bottom left of your screen, and follow the instructions to install Brave.

    Click the downloaded file at the top right of your screen, and follow the instructions to install Brave.

    Click the downloaded file, and follow the instructions to install Brave.

  3. Import settings

    During setup, import bookmarks, extensions, & passwords from your old browser.

Need help?

Get better privacy. Everywhere!

Download Brave mobile for privacy on the go.

Download QR code
Brave logo Click this file to install Brave
Click this file to install Brave Brave logo