Encryption is a way to conceal information by altering it so that it appears to be random data. Encryption is essential for security on the Internet.

Is a means of preventing anyone other than those who have a key from accessing data, be it in an email, on a PC or on a storage device.

Any device (which includes a laptop, phone, tablet or server) connected to a secure organisation/business network.

Article 17(1) of the GDPR establishes that data subjects have the right to erasure of their personal data if: the data is no longer needed for its original purpose and no new lawful purpose exists; the lawful basis for the processing is the data subject

An AI tool that extracts data from the dataset it
has been trained on (but can't create data).

Fairness means data subjects must be aware of the fact that their personal data will be processed, including how the data will be collected, kept and used, to allow them to make an informed decision about whether they agree with such processing and to enable them to exercise their data protection rights. Consent notices should not contain unfair terms and supervisory authority powers should similarly be exercised fairly.

Federal Bureau of Investigation

A firewall is a network security device that prevents unauthorised access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats.

The General Data Protection Regulation requires that consent be a freely given, specific, informed and unambiguous indication of the data subject

The General Data Protection Regulation (GDPR) replaced the Data Protection Directive in 2018. The aim of the GDPR is to provide one set of data protection rules for all EU member states and the European Economic Area (EEA). The document comprises 173 recitals and 99 articles.

An AI tool that generates new, realistic content
in the form of text, audio, computer code, data
or images etc.

means personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question

In AI, guardrails are mechanisms or guidelines designed to ensure that AI systems operate safely, ethically, and within predefined boundaries to prevent harmful or undesirable outcomes.

Someone with some computer skills who uses them to break into computers, systems and networks.

Instances where generative AI model creates content that either contradicts the source or creates factually incorrect output under the appearance of fact.

Information Commissioner's Office, the UK data protection regulator.

https://ico.org.uk/

Identity fraud occurs when someone uses another person's personal information (like their name, date of birth, address, or financial details) without their permission to commit a crime, often for financial gain. This can involve opening new credit accounts, making purchases, or obtaining benefits in the victim's name, leaving them with damaged credit or debt.

Immutable storage is a data storage method that prevents data from being modified or deleted after it has been created. It uses the write-once-read-many (WORM) technology to ensure that data can only be read, but not overwritten.

In cybersecurity, impersonation refers to a deceptive tactic where a malicious actor assumes the identity of a legitimate or trusted individual, organization, or system with the intent to deceive a target. The goal is to trick the victim into performing actions that benefit the attacker, such as divulging sensitive information (e.g., credentials, financial data), making fraudulent payments, or granting unauthorized access to systems or networks. Impersonation attacks often leverage social engineering techniques and can manifest through various channels, including email (e.g., Business Email Compromise - BEC, CEO fraud), phone calls (vishing), text messages (smishing), fake websites, or compromised social media accounts.

The protection of information for the purposes of preventing loss, unauthorized access and/or misuse. It is also the process of assessing threats and risks to information and the procedures and controls to preserve confidentiality, integrity and availability of information.