Skip to main content Accessibility help
×
Hostname: page-component-586b7cd67f-gb8f7 Total loading time: 0 Render date: 2024-11-24T22:02:24.820Z Has data issue: false hasContentIssue false

Glossary of defined terms and abbreviations

Published online by Cambridge University Press:  24 October 2024

Massimo Marelli
Affiliation:
International Committee of the Red Cross (ICRC) and Universiteit Maastricht, Netherlands
Type
Chapter
Information
Publisher: Cambridge University Press
Print publication year: 2024
Creative Commons
Creative Common License - CCCreative Common License - BYCreative Common License - NCCreative Common License - ND
This content is Open Access and distributed under the terms of the Creative Commons Attribution licence CC-BY-NC-ND 4.0 https://creativecommons.org/cclicenses/

Anonymization

encompasses techniques that can be used to ensure that data sets containing Personal Data are fully and irreversibly anonymized so that they do not relate to an identified or identifiable natural person, or that the Data Subject is not or no longer identifiable.

Artificial Intelligence

refers to “[a] set of sciences, theories and techniques whose purpose is to reproduce by a machine the cognitive abilities of a human being”.Footnote 1 In its current form, it aims to allow technology developers “to entrust a machine with complex tasks previously delegated to a human”.Footnote 2

Biometrics

or biometric recognition means the automated recognition of individuals based on their biological and behavioural characteristics.

Blockchain

is “in essence an append-only decentralized database that is maintained by a consensus algorithm and stored on multiple nodes (computers)”.Footnote 3

Cash and Voucher Assistance,

Cash Transfer Programming, cash-based interventions and cash-based assistance are terms in the humanitarian sector to describe the delivery of humanitarian aid in the form of vouchers or cash.

CERT –

Computer Emergency Response Team

CISO –

Chief Information Security Officer

Cloud Services

most commonly refers to “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction”.Footnote 4

Consent

means the freely given, specific and informed indication of a Data Subject’s wishes by which the Data Subject signifies agreement to Personal Data relating to him or her being processed.

CSIRT –

Computer Security Incident Response Team

CSO –

Chief Security Officer

CTO –

Chief Technology Officer

Data Analytics

denotes the practice of combining very large volumes of diversely sourced information (big data) and analysing them, using sophisticated algorithms to inform decisions.

Data Breach

means the unauthorized modification, copying, unlawful destruction, accidental loss, improper disclosure, or undue transfer of, or tampering with, Personal Data.

Data Controller

means the person or organization who alone or jointly with others determines the purposes and means of the Processing of Personal Data.

Data Processor

means the person or organization who processes Personal Data on behalf of the Data Controller.

Data Protection Impact Assessment

or DPIA means an assessment that identifies, evaluates and addresses the risks to Personal Data arising from a project, policy, programme or other initiative.

Data Subject

means a natural person (i.e. an individual) who can be identified, directly or indirectly, in particular by reference to Personal Data.

Digital Identity

refers to “a collection of electronically captured and stored identity attributes that uniquely describe a person within a given context and are used for electronic transactions”.Footnote 5

DPO

in the context of this Handbook means a Humanitarian Organization’s internal data protection office or Data Protection Officer.

Drones

are small aerial or non-aerial units that are remotely controlled or operate autonomously. They are also known as Unmanned Aerial Vehicles (UAVs) or Remotely Piloted Aircraft Systems (RPAS).

Further Processing

means additional Processing of Personal Data that goes beyond the purposes originally specified at the time the data were collected.

Health Data

means data related to the physical or mental health of an individual, which reveal information about their health status.

Humanitarian Action

means any activity undertaken on an impartial basis to carry out assistance, relief and protection operations in response to a Humanitarian Emergency. Humanitarian Action may include “humanitarian assistance”, “humanitarian aid” and “protection”.

Humanitarian Emergency

means an event or series of events (in particular arising out of armed conflicts or natural disasters) that poses a critical threat to the health, safety, security or well-being of a community or other large group of people, usually over a wide area.

Humanitarian Organization

means an organization that provides aid to alleviate human suffering, and/or protects life and health, and upholds human dignity during Humanitarian Emergencies in accordance with its mandate and/or mission.

IaaS

stands for Infrastructure as a Service.

International Data Sharing

includes any act of transferring or making Personal Data accessible outside the country or International Organization where they were originally collected or processed, including to a different entity within the same Humanitarian Organization or to a Third Party, via electronic means, the Internet or other means.

International Organization

means an organization and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries.

Know Your Customer (KYC)

is a process enabling businesses to check the identity of their customers in order to comply with regulations and legislation on money laundering and corruption.Footnote 6

Machine Learning

is a specific form of Artificial Intelligence that can be defined as the study of algorithms that improve their performance when completing a certain task with experience in the form of machine-readable data.

PaaS –

Platform as a Service

Personal Data

means any information relating to an identified or identifiable natural person.

Processing

means any operation or set of operations which is performed on Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, combination, or erasure.

Pseudonymization,

as distinct from Anonymization, means the Processing of Personal Data in such a manner that the Personal Data can no longer be attributed to a specific Data Subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the Personal Data are not attributed to an identified or identifiable natural person.

Reidentification

describes the process of turning allegedly Anonymized or Pseudonymized data back into Personal Data through the use of data matching or similar techniques. If the risk of Reidentification is deemed to be reasonably likely, the information should be considered to be Personal Data and subject to all the data protection principles. It can be very difficult to assess the risk of Reidentification with absolute certainty.

SaaS –

Software as a Service

Sensitive Data

means Personal Data which, if disclosed, may result in discrimination against or the repression of the individual concerned. Typically, data relating to health, race or ethnicity, religious/political/armed group affiliation, or genetic and biometric data are considered to be Sensitive Data. All Sensitive Data require augmented protection even though different types of data falling under the scope of Sensitive Data (e.g. different types of biometric data) may present different levels of sensitivity. Given the specific situations in which Humanitarian Organizations work and the possibility that some data elements could give rise to discrimination, setting out a definitive list of Sensitive Data categories in Humanitarian Action is not meaningful. Sensitivity of data as well as appropriate safeguards (e.g. technical and organizational security measures) have to be considered on a case-by-case basis.

SLA –

A service-level agreement is an official commitment between a service provider and a client, particularly for the provision of reliable telecommunications and Internet services.

Sought Person

is a person unaccounted for, for whom a tracing operation has been launched.

Sub-Processor

is a person or organization that is engaged by a Data Processor to process Personal Data on its behalf.

Third Party

is any natural or legal person, public authority, agency, or any other body other than the Data Subject, the Data Controller or the Data Processor.

TLS –

Transport Layer Security is a cryptographic protocol to provide privacy and data integrity between a client and a server over an Internet connection.

1 Council of Europe (CoE), Glossary on Artificial Intelligence, Artificial Intelligence, accessed 6 January 2022: www.coe.int/en/web/artificial-intelligence/glossary.

3 Michèle Finck, “Blockchains and data protection in the European Union”, European Data Protection Law Review, Vol. 4, No. 1, 2018, p. 17: https://doi.org/10.21552/edpl/2018/1/6.

4 Peter Mell and Timothy Grance, The NIST Definition of Cloud Computing, NIST Special Publication 800-145, National Institute of Standards and Technology, US Department of Commerce, Gaithersburg, MD, September 2011: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800–145.pdf.

5 GSMA, World Bank Group, & Security Identity Alliance, Digital Identity: Towards Shared Principles for Public and Private Sector Cooperation, 2016, p. 11: www.gsma.com/mobilefordevelopment/resources/digital-identity-towards-shared-principles-public-private-sector-cooperation/.

6 PwC, Know Your Customer: Quick Reference Guide, January 2016: www.pwc.lu/en/anti-money-laundering/docs/pwc-kyc-qrg-final-interactive-2016.pdf.

Footnotes

1 Council of Europe (CoE), Glossary on Artificial Intelligence, Artificial Intelligence, accessed 6 January 2022: www.coe.int/en/web/artificial-intelligence/glossary.

3 Michèle Finck, “Blockchains and data protection in the European Union”, European Data Protection Law Review, Vol. 4, No. 1, 2018, p. 17: https://doi.org/10.21552/edpl/2018/1/6.

4 Peter Mell and Timothy Grance, The NIST Definition of Cloud Computing, NIST Special Publication 800-145, National Institute of Standards and Technology, US Department of Commerce, Gaithersburg, MD, September 2011: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800–145.pdf.

5 GSMA, World Bank Group, & Security Identity Alliance, Digital Identity: Towards Shared Principles for Public and Private Sector Cooperation, 2016, p. 11: www.gsma.com/mobilefordevelopment/resources/digital-identity-towards-shared-principles-public-private-sector-cooperation/.

6 PwC, Know Your Customer: Quick Reference Guide, January 2016: www.pwc.lu/en/anti-money-laundering/docs/pwc-kyc-qrg-final-interactive-2016.pdf.

Save book to Kindle

To save this book to your Kindle, first ensure [email protected] is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

  • Glossary of defined terms and abbreviations
  • Edited by Massimo Marelli, International Committee of the Red Cross (ICRC) and Universiteit Maastricht, Netherlands
  • Book: Handbook on Data Protection in Humanitarian Action
  • Online publication: 24 October 2024
  • Chapter DOI: https://doi.org/10.1017/9781009414630.003
Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

  • Glossary of defined terms and abbreviations
  • Edited by Massimo Marelli, International Committee of the Red Cross (ICRC) and Universiteit Maastricht, Netherlands
  • Book: Handbook on Data Protection in Humanitarian Action
  • Online publication: 24 October 2024
  • Chapter DOI: https://doi.org/10.1017/9781009414630.003
Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

  • Glossary of defined terms and abbreviations
  • Edited by Massimo Marelli, International Committee of the Red Cross (ICRC) and Universiteit Maastricht, Netherlands
  • Book: Handbook on Data Protection in Humanitarian Action
  • Online publication: 24 October 2024
  • Chapter DOI: https://doi.org/10.1017/9781009414630.003
Available formats
×