Glossary
The canonical reference for every privacy, legal, and data broker term we use across this site. Plain English. One anchor per term so other pages can link directly. If a term you need is missing, write us.
A
- ACP (Address Confidentiality Program)
- A state-run program that gives you a substitute mailing address. State and local agencies use the substitute in place of your real home address. Active in California, Texas, Florida, New Jersey, and others. Eligibility usually covers sworn officers, judges, and survivors of stalking or domestic violence. → /protections/address-confidentiality-program
- Address exposure
- When your home address becomes findable through brokers, public records, or court filings. The most common starting point for doxxing, swatting, and stalking. → /address-exposure
- Address-keyed search
- Broker search by address instead of name. Returns everyone living at the address. Especially dangerous because a visible house number gives anyone the names of everyone inside. → /address-exposure
- ALPR (Automatic License Plate Reader)
- Cameras that read license plates and log time and location. The data gets sold to insurers, repo agents, and brokers. Some vendors enrich plate data with DMV-derived name and address, which is where the DPPA risk lives.
B
- Broker (data broker)
- A company that buys, scrapes, aggregates, and resells personal data on individuals. People-search sites are the consumer-facing tier. LexisNexis, TLOxp, and Pipl are the B2B-investigative tier sold only to credentialed subscribers.
C
- CCPA (California Consumer Privacy Act)
- California state law passed in 2018. Gives California residents the right to demand deletion of their data from companies that hold it, including data brokers. Many brokers process CCPA delete requests for non-California residents because the state check is hard to enforce. → /laws/ca-delete-act
- CPRA (California Privacy Rights Act)
- California ballot measure passed in 2020. Strengthened CCPA and created the California Privacy Protection Agency, the first dedicated state privacy regulator in the US. → /laws/ca-delete-act
- Crossover page
- A profession-by-threat page on this site, like /doxxing/judges or /swatting/nurses. Each one covers what the threat looks like for that specific job and what to do about it.
D
- Daniel's Law
- New Jersey statute (NJSA §47:1B-1 et seq., 2020, expanded 2023). Lets covered persons demand removal of home address and unpublished phone from data brokers within ten business days. $1,000 per violation in statutory damages plus punitive damages where willful. Covers active and retired LEOs, judges, prosecutors, corrections officers, and immediate family at the same residence. → /laws/daniels-law
- Doxxing
- Publishing someone's home address, phone, family details, or workplace online to encourage harassment. The data almost always comes from a broker page. → /doxxing
- DPPA (Driver's Privacy Protection Act)
- Federal statute at 18 USC §§2721-2725, passed in 1994. Restricts what state DMVs can share about drivers and binds anyone downstream who got DMV-derived data. Civil damages of $2,500 per violation plus attorney fees and possible criminal liability. → /laws/dppa
F
- Family targeting
- When attackers go after your spouse, parents, or kids because they can't reach you directly. Brokers link relatives on the same page, which is what makes this trivial. → /family-targeting
- FCRA (Fair Credit Reporting Act)
- Federal statute passed in 1970. Governs consumer-reporting agencies. The legal basis for FTC enforcement actions against the worst broker actors when their reports are used for credit, employment, or tenant decisions.
- FERPA (Family Educational Rights and Privacy Act)
- Federal statute passed in 1974. Protects student education records and limits what schools can disclose as directory information. Relevant if your kids attend a public school that publishes a directory. → /laws/ferpa
- FOIA (Freedom of Information Act)
- Federal statute passed in 1966 (5 USC §552). Requires federal agencies to disclose records on request unless an exemption applies. Exemptions 6 and 7(C) protect personal info of federal LE personnel from public release.
H
- HIPAA (Health Insurance Portability and Accountability Act)
- Federal statute passed in 1996. Privacy and breach-notification rules for health data held by covered entities. Limits what hospitals, insurers, and clearinghouses can share, and requires notice when there is a breach.
I
- Identity verification
- The process of confirming someone is who they say they are. Some brokers require it for opt-out, which is the privacy paradox of the industry. They ask for your driver's license to verify your identity before they'll remove your driver's-license info from their site.
- Incident page
- A documented public case file on this site at /incidents/[slug]. Real-world incidents with sourced citations. We use them to ground recommendations in what has actually happened.
L
- Lieu Act (Daniel Anderl Judicial Security and Privacy Act)
- Federal statute signed in December 2022, Pub. L. 117-263. Gives federal judges and immediate family a mechanism to demand removal of personal information from data brokers and government records. Named for Rep. Ted Lieu, the House sponsor. → /laws/lieu-act
M
- Marsy's Law
- A crime-victim rights statute enacted in many states. Sometimes invoked to shield officers involved in shootings from public name disclosure, where the officer is the alleged victim of an assault during the incident. → /laws/fl-marsys-law
N
- NY Civil Rights Law §50-a
- Repealed in 2020. For decades it shielded New York officer disciplinary records from public release. Repeal exposed previously confidential records and triggered a wave of FOIL requests for officer history. → /laws/ny-civil-rights-50a
O
- Opt-out
- The process of asking a broker to remove your data. Each broker has its own form, response timeline, and refresh cycle. Most expire and you have to do it again.
- OSINT (Open-Source Intelligence)
- Information gathering from publicly available sources: social media, public records, search engines, and broker pages. The discipline of stitching loose facts into a profile of a person, their home, their schedule, and their family. Pattern matching, not hacking.
P
- People-search site
- A consumer-facing broker that aggregates name, address, phone, and relatives data and sells reports for $5-30 each. Spokeo, Whitepages, BeenVerified, TruePeopleSearch, and dozens more. They're the front end of the broker industry.
- PII (Personally Identifiable Information)
- Any data that identifies a specific person. Name, home address, phone, email, date of birth, SSN. Different statutes define it differently. The practical version is the stuff you wouldn't want a stranger to have.
- Playbook
- A crisis-response guide on this site at /playbooks/[slug]. Step-by-step what-to-do under specific threat conditions, written so you can read it under stress.
- PRA (Public Records Act)
- A state-level analog to federal FOIA. Each state has its own. Exemptions for officer personnel records, home addresses, and family information vary. Knowing your state's PRA carve-outs is how you keep your records out of public release.
R
- Re-listing
- When a broker republishes your data after you opt out. Most brokers re-list inside three to six months because their feeds re-pull from the same upstream sources. A one-time opt-out is a delay, not a fix.
- Re-listing window
- The typical three-to-six-month period after which a broker republishes opted-out data because the feed re-pulled. Why continuous sweeping beats a one-time opt-out.
- Reverse lookup
- Searching by phone number or address instead of name to find the owner. Most broker sites support it. A leaked phone number or a visible house number turns into a name in seconds.
S
- Scraping
- Automated harvesting of data from websites or APIs. Most broker data starts as scraped public records, court filings, voter rolls, and property transfers.
- Stalking
- A pattern of repeated unwanted contact, surveillance, or following. Stalkers, known and unknown, use the same broker sites you can search yourself on. → /stalking
- Suppression
- The broker industry term for opt-out. The industry prefers "suppression" because it sounds less mandatory than "delete."
- Suppression list
- The internal list a broker keeps of people who have opted out. Some brokers honor it indefinitely. Most do not, which is why re-listing happens.
- Swatting
- Calling in a fake high-priority emergency, like an active shooter or a hostage situation, to a target's home address. The goal is to send an armed police response to a location where no actual threat exists. People have died in swatting incidents. → /swatting
T
- TLO / TLOxp
- TransUnion's investigative-tier broker product. Sold only to credentialed subscribers like private investigators, attorneys, and law enforcement. Not covered by consumer opt-outs. If you're in TLO, you stay in TLO unless a statutory carve-out applies. → /data-brokers/transunion-tloxp
V
- Verification email / link
- An email a broker sends to confirm an opt-out request. If you don't click within 24-72 hours, the request usually dies silently. The broker keeps your data and the burden of proof shifts back to you.
Missing a term? Tell usand we'll add it.