GDPR Compliance Agenda: February 14

This is the agenda for the first weekly meeting about WordPress coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. GDPR compliance on February 14, 2018 at 17:00 UTC / February 14, 2018 at 17:00 UTC in the gdpr-compliance channel on SlackSlack Slack is a Collaborative Group Chat Platform The WordPress community has its own Slack Channel at

  1. Introductions. Please introduce yourself with few words and include your field of expertise (developer, documentation specialist, project manager, lawyer, etc.).
  2. Start on a roadmap for GDPR compliance for core. There were few prerequisites identified in the gdpr-compliance channel. We'll need to have clear understanding about:
    • What is considered personal information in WordPress?
      • Emails, IP addresses.
      • Are posts and comments personal information? What about private posts?
      • Are login names personal information?
      • Anything else?
    • Who are the identifiable persons?
      • Are site owners "controllers"?
      • Are all admins site owners?
      • On multisitemultisite Used to describe a WordPress installation with a network of multiple blogs, grouped by sites. This installation type has shared users tables, and creates separate database tables for each blog (wp_posts becomes wp_0_posts). See also network, blog, site installs, who are controllers: site admins or only the networknetwork (versus site, blog) admins?
      • Are people that post comments and don't have accounts "identifiable persons"?

As always, please suggest other agenda items in the comments.

#agenda, #gdpr-compliance