diff --git a/builder/dockerfile/copy_windows.go b/builder/dockerfile/copy_windows.go
index 3f0ea32426..77cd866437 100644
--- a/builder/dockerfile/copy_windows.go
+++ b/builder/dockerfile/copy_windows.go
@@ -14,7 +14,7 @@ import (
 	"golang.org/x/sys/windows"
 )
 
-var pathBlacklist = map[string]bool{
+var pathDenyList = map[string]bool{
 	"c:\\":        true,
 	"c:\\windows": true,
 }
@@ -98,7 +98,7 @@ func validateCopySourcePath(imageSource *imageMount, origPath, platform string)
 			p = filepath.Join("c:\\", p)
 		}
 	}
-	if _, blacklisted := pathBlacklist[p]; blacklisted {
+	if _, ok := pathDenyList[p]; ok {
 		return errors.New("copy from c:\\ or c:\\windows is not allowed on windows")
 	}
 	return nil
diff --git a/plugin/manager.go b/plugin/manager.go
index 17b17882e6..6bdf53c0f0 100644
--- a/plugin/manager.go
+++ b/plugin/manager.go
@@ -298,17 +298,17 @@ func (pm *Manager) GC() {
 	pm.muGC.Lock()
 	defer pm.muGC.Unlock()
 
-	whitelist := make(map[digest.Digest]struct{})
+	used := make(map[digest.Digest]struct{})
 	for _, p := range pm.config.Store.GetAll() {
-		whitelist[p.Config] = struct{}{}
+		used[p.Config] = struct{}{}
 		for _, b := range p.Blobsums {
-			whitelist[b] = struct{}{}
+			used[b] = struct{}{}
 		}
 	}
 
 	ctx := context.TODO()
 	pm.blobStore.Walk(ctx, func(info content.Info) error {
-		_, ok := whitelist[info.Digest]
+		_, ok := used[info.Digest]
 		if ok {
 			return nil
 		}
diff --git a/profiles/seccomp/seccomp_default.go b/profiles/seccomp/seccomp_default.go
index 9e6508e5b2..644481533f 100644
--- a/profiles/seccomp/seccomp_default.go
+++ b/profiles/seccomp/seccomp_default.go
@@ -40,7 +40,7 @@ func arches() []types.Architecture {
 	}
 }
 
-// DefaultProfile defines the whitelist for the default seccomp profile.
+// DefaultProfile defines the allowed syscalls for the default seccomp profile.
 func DefaultProfile() *types.Seccomp {
 	syscalls := []*types.Syscall{
 		{