Feature plugin proposal: Privacy Data Request Form

As part of the core-privacy team’s 2019 roadmap, the team has begun a discussion on the possibility of creating a front-end forms feature to handle Privacy Data Requests introduced in WordPress 4.9.6, most likely as a feature plugin.

We welcome all thoughts on this proposal, which you are welcome to leave as comments on this post, or share with us directly in the #core-privacy channel on Making WordPress SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/..

Introducing this feature pluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins. proposal

In 4.9.6, the ability for an administrator to initiate a data export or data erasure for a user by email address was added.

While this provided sites with the tools to be compliant with new laws and regulations, sitesite (versus network, blog) owners are still left to find a way to accommodate those requests.

Adding a way for users to initiate this request on their own would prove a more “out of the box” experience and decrease the burden on site administrators to initiate these requests themselves.

Source: Core Privacy Team Roadmap

Creating a privacy front-end form mechanism –first as a feature plugin– presents an opportunity for the project to makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility). a positive impact across privacy areas. It will empower administrators within the ecosystem to better comply with privacy-related requirements, while contributing to a better standard of protecting user privacy across the open web.

Integrated in the Privacy Policy page, this feature would help big websites administrators to automatize privacy requests management (exactly as in WordPress.org related page).

This feature would also help regulation organisms to directly verify the conformity of WordPress powered websites by creating privacy requests and checking the result directly.

Last but not least, using the feature in websites privacy policy pages would eventually made visitors more confident about the website owner as they could request their data by themselves.

Technical scope of the feature plugin

The feature plugin should at least handle the following scope:

  • PHPPHP The web scripting language in which WordPress is primarily architected. WordPress requires PHP 5.6.20 functions to generate privacy data requests front-end forms
  • PHP filters to handle forms customizations like editing wording and choosing either to use data removal action, data export action, or both
  • Privacy Request WidgetWidget A WordPress Widget is a small block that performs a specific function. You can add these widgets in sidebars also known as widget-ready areas on your web page. WordPress widgets were originally created to provide a simple and easy-to-use way of giving design and structure control of the WordPress theme to the user.
  • Privacy Request ShortcodeShortcode A shortcode is a placeholder used within a WordPress post, page, or widget to insert a form or function generated by a plugin in a specific location on your site.
  • Privacy Request GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ BlockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience.
  • PHP documentation for both functions and filters
  • CSSCSS Cascading Style Sheets. classes documentation

Introducing the existing base pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party

During previous meetings, the #core-privacy team discussed about an existing plugin reported by @garrett-eclipse and @xkon.

This existing plugin is already managing some parts of the feature:

  • PHP functions to generate front-end Privacy Requests Forms
  • PHP filters to handle forms customizations (like choosing either to show remove request, export request, or both)
  • Privacy Request Widget
  • Privacy Request Shortcode
  • Privacy Request Gutenberg Block

It has 5000+ active installs and the idea is to use this plugin to prepare and test a potential coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. merge of the Privacy Data Request Form feature in WordPress Core.

As the initial author of the plugin, I already made some changes:

  • The plugin’s SVN repository is open for core privacy team contributions (current contributors: @xkon and @audrasjb).
  • The plugin’s GitHub repository is open for contributions as well.
  • The plugin is not displaying anymore my employer’s logo.

What’s next?

Once the plugin is confirmed as a feature plugin, the next steps would be:

  • To increase the number of users of the feature plugin.
  • To change the display name of the plugin from “GDPR Data Request Form” to “Privacy Data Request Form” (though we must keep the actual slug, I guess we could edit the plugin Display Name).
    – Plugin Review team validation needed on that point.
  • To add other interested privacy team members and core developers as contributors of the plugin.
  • To keep an eye on the feature plugin’s support questions and ratings.
  • To iterate on the feature plugin development.
  • To audit some specific aspects of the feature plugin:
    • wording/copywriting
    • accessibilityAccessibility Accessibility (commonly shortened to a11y) refers to the design of products, devices, services, or environments for people with disabilities. The concept of accessible design ensures both “direct access” (i.e. unassisted) and “indirect access” meaning compatibility with a person’s assistive technology (for example, computer screen readers). (https://en.wikipedia.org/wiki/Accessibility)
    • design/theme compliance
    • security
    • coding-standards and documentation
  • To create a TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. ticketticket Created for both bug reports and feature development on the bug tracker. to handle a potential future merge proposal – if the feature plugin deserves it.
    Note: I already created a GitHub repo and generated a core diff file to test the feature directly against WordPress trunktrunk A directory in Subversion containing the latest development code in preparation for the next major release cycle. If you are running "trunk", then you are on the latest revision. (though it doesn’t contains the Gutenberg block nor AJAX validation)

#privacy

Feature plugin discussion: a consent and logging mechanism for user privacy

As part of the #core-privacy team’s 2019 roadmap, the team has begun a discussion on the possibility of creating a consent and logging mechanism, most likely as a feature plugin. This is a working document to assemble our thoughts on what the initiative would involve; this document is not the formal proposal.

We welcome all thoughts on this document, which you are welcome to leave as comments on this post, or share with us directly in the #core-privacy channel on Making WordPress SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/..

What is in scope?

Our roadmap notes

Consent capture refers to creating a means for users to express their consent to data capture and usage, and to change their opt-in or opt-out status at any time, through easily accessible means such as front-end user settings or account information areas.

Consent logging refers to creating a means for administrators to collect a history of how users have opted in or out of various means of processing their data across coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress., themes, and plugins, to view the current status of that consent, and to makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility). that history (and present state) available to users.

A standard way for WordPress core, plugins, and themes to obtain consent from users should be established to provide a consistent and stable experience for administrators, developers, and users of all kinds.

This initiative will likely require long term research, especially since it will be heavily influenced by pending regulations, such as the ePrivacy Regulation revamp, as well as user testing to ensure a positive experience for all while preventing “consent fatigue” or dark patterns. 

Existing consent and logging projects, such as Joomla’s consent system, will be studied and emulated (where possible) for both functionality as well as potential applicability as a pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party rather than a core feature.

Work on consent and logging is a considerable opportunity, and a challenge, for frontend and UXUX User experience design. Thought should be given to how users are prompted for consent, how and where they change consent, and how this experience could be consistent across WordPress sites regardless of plugins or themes. Creating an open sourceOpen Source Open Source denotes software for which the original source code is made freely available and may be redistributed and modified. Open Source **must be** delivered via a licensing model, see GPL. pattern library of designs for consent and choice while collaborating with other projects and organizations is advisable. Some existing pattern libraries have been developed for IAPP (International Association of Privacy Professionals) and by IF London, working with Open Rights Group (whom Automattic sponsors).

Although this work is independent of any specific regulation or law, it should be done with mindfulness of the new privacy laws coming into play in early 2020. Making a “head start” will allow an effective solution to be deployedDeploy Launching code from a local development environment to the production web server, so that it's available to visitors. well in advance of the eventual compliance deadlines.

While there are a range of privately produced plugins available in the repository to deal with user consent and logging, no work has been done to date evaluating these issues from a core perspective. We also know that many administrators have deployed these solutions without really verifying that they are useful, effective, or meet the regulatory compliance requirements applicable to them. Additionally, we know that everyone – users and administrators alike – will be fully aware of the obtrusive, confusing, and almost entirely incorrect cookie and consent windows which appeared across the web as a result of a misunderstanding of GDPR’s requirements. Where these are based in plugins, they can occasionally do more harm than good.

Creating a core-centred consent and logging mechanism, as a feature pluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins., presents an opportunity for the project to make a positive impact across all these areas. It will empower administrators within the ecosystem to better comply with privacy-related requirements, while contributing to a better standard of protecting user privacy across the open web.

Is this a legal thing?

As a team, we work from the perspective of placing user privacy first and foremost, regardless of any particular legal compliance obligation, or indeed, any lack of one.

This mechanism would look ahead to the upcoming consent and compliance requirements of CCPA (US, January 2020) and the ePrivacy Regulation overhaul (Europe, spring 2020), while also looking back at GDPR. Recent developments including updated guidance on GDPR cookie consent from the data protection regulators in the UK and France, as well as Nevada’s data rights law taking effect on October 1, have brought forward the need for the mechanism.

That being said, this feature plugin would not be built specifically as a legal compliance package, as our V1 GDPR tools were, nor will it be depicted as a compliance solution. Indeed, a responsible approach to user privacy will mean having conversations along the lines of “well, X law says users do not have to be prompted to grant consent for Y thing, but should we give them that option and build that functionality regardless?” Working from this proactive user-centric approach, rather than taking a reactive legal compliance view, will help to future-proof the work and, perhaps, continue to protect users who may find that their legal privacy rights are being stripped back.

How to build effective user controls

The core-privacy team draws on previously produced research, studies, and documents on best privacy practice. For user controls, the definitive source is: A Roadmap to Enhancing User Control via Privacy Dashboards (pdf), a study by the Privacy Bridges Project at the University of Amsterdam.

This diagram within the report explains the elements of a good consent and logging mechanism: 

Diagram of the elements in a user control mechanism: agency (users), architecture (technology and design), attitude (providers and platforms), and authority (privacy regulators).

The mechanism must provide users with the agency to exercise true and meaningful control over their personal privacy; it must be built on an architecture that has already enabled optimal user privacy by default; and it must be used to its fullest extent, by sitesite (versus network, blog) administrators, from an attitude of responsibility and respect to users. A fourth element is authority, the interplay of legal obligations to user privacy; this sits alongside, rather than within, the main mix, as not all countries and systems have privacy laws in place. Users who do not have privacy regulations or safeguards protecting them therefore rely on agency, architecture, and attitude even more.

The report collated best practice advice on consent mechanisms (dashboards) offered by UK, Australian, Canadian, New Zealand, US (the FTC), and EU data protection bodies, and this list offers us quite a bit of food for thought:

Accessible

  • Make the consent dashboard easily accessible for all users (for example, linking from the first screen);
  • Make the consent dashboard available to authenticated users, but also incorporate tools for passive and unauthenticated users, where their personal data is collected and used;
  • Link to this consent dashboard in the privacy policy of partner websites or third parties receiving personal data;
  • (We would add here that “accessible” should also mean the WordPress sense of a11yAccessibility Accessibility (commonly shortened to a11y) refers to the design of products, devices, services, or environments for people with disabilities. The concept of accessible design ensures both “direct access” (i.e. unassisted) and “indirect access” meaning compatibility with a person’s assistive technology (for example, computer screen readers). (https://en.wikipedia.org/wiki/Accessibility).)

Comprehensive

  • The consent dashboard should be comprehensive to manage all services and privacy settings in one place;
  • Manage not only the processing, but also the collection of their personal data; and
  • Allow the exercise of data subject rights, e.g., access to copies of personal data (linking to our existing data export and erasure tools).

Default-settings

  • Default-settings have to comply with the applicable law (also including regional variations);
  • Default-settings to be specific to each product/service with privacy-friendly defaults, and
  • A feature to ‘restore to default settings’ could also be added.

Granularity

  • Provide granular controls and upfront permissions, as well as giving the user ongoing control over their consent;
  • Provide information and control over which third parties receive personal data; and 
  • Offer a Do Not Track (DNT) mechanism that allow consumers to choose to prevent tracking by ad networks or other third parties.

Usability

  • The consent dashboard should be easy and straightforward to use;
  • Create a clear user interface that works to convey messages and draw attention;
  • Use design elements such as graphics, colours and layers to create hierarchies and user action;
  • It should be as easy to revoke consent as it was to provide it;
  • Ensure that users have a way to modify their information, have control of any tracking and delete their profile entirely if they wish;
  • Avoid making the dashboard unwieldy or too complex; and
  • Avoid dark patterns and any deceptive UX which compromises user privacy.

Information and transparency

  • Present information about the collection and use of personal data in an open, fair, and comprehensive way (as with our existing privacy notice tool); and
  • Instead of just using an on/off button, explain the consequences of making a choice to provide data so users can make an informed decision.

Support from other projects

As part of our participation in the cross-CMS privacy working group, we would be working closely with Joomla’s equivalent of the core-privacy team, which has already launched a consent management mechanism. They have offered to support us with practical advice and assistance. We also have support from the privacy initiative at Drupal, which has a consent and logging mechanism within a GDPR module (not in Core); Umbraco is looking to all three projects’ work to hopefully follow.

Timescale

We have the benefit (right now) of a few months of leadup time, and our previous work together as a team means we have a good sense of how we work as a unit. What that means is that unlike our V1 GDPR work, we have a bit of breathing space to plan, iterate, design, test, and reflect.

That being said, CCPA’s deadline is 1/1/20, and its requirements are clearly defined. It may be practical to look at a V1 launch of the plugin with the functionality and options required for GDPR and CCPA, and then iterate for a V2 update containing the functionality required for the ePrivacy Regulation revamp; by that time we will know what its requirements will be.

It would therefore be logical – and more than a bit fun – to aim to build something for Rian Kinney to be able to show during her CCPA talk at WordCamp US (1-3 November); it would be a natural fit for a team table at WCUS contributor dayContributor Day Contributor Days are standalone days, frequently held before or after WordCamps but they can also happen at any time. They are events where people get together to work on various areas of https://make.wordpress.org/ There are many teams that people can participate in, each with a different focus. https://2017.us.wordcamp.org/contributor-day/ https://make.wordpress.org/support/handbook/getting-started/getting-started-at-a-contributor-day/. as well.

What we will need

Our work on a consent and logging mechanism will need participation and expertise from a range of contributors:

Developers who can create the functionality needed to hook a range of consents and data rights into a single dashboard. As consent and logging requirements impact larger and enterprise clients at scale, we would love to see participation from agencies and teams working at this level in particular;

Designers and UX specialists who can integrate existing design research from CNIL, IAPP (member-only content available in Slack), and IF, as well as user testing, to make the back end interface simple and attractive, while making any front-end interfaces both effective and within healthy compliance; 

Policy experts who can advise on upcoming legal and regulatory changes which will impact what functionality might need to be built in (I handle this for Europe, @riankinney handles this for the US, and we’d love to expand our policy knowledge base with experts from other regions);

Project managers who can keep a complex, multidisciplinary initiative like this on task; and finally;

Conference speakers from the team who can speak about the initiative, and our work in general, at future WordCamps.

It should be noted that no members of the core-privacy team are funded or sponsored to contribute to privacy in WordPress, so we will need to be very realistic about what we will be able to accomplish within the time availability that we have; or indeed, if an initiative of this scope will be possible on a purely voluntary basis.

Next steps

Please join us in our #core-privacy office hours at 1900 UTC on Wednesdays to discuss this, or any of the other activities of the team’s work.

#privacy

Privacy Office Hours Agenda: July 24th, 2019

The following is the agenda for the privacy weekly office hours meeting. The meeting is held every Wednesday at 19:00 UTC in the #core-privacy room of the Making WordPress Slack.

  • Announcements
  • Upcoming ReleaseRelease A release is the distribution of the final version of an application. A software release may be either public or private and generally constitutes the initial or new generation of a new or upgraded application. A release is preceded by the distribution of alpha and then beta versions of the software. (5.3) Discussion & Planning
  • New ICO cookie guidance – https://ico.org.uk/for-organisations/guide-to-pecr/guidance-on-the-use-of-cookies-and-similar-technologies/how-do-we-comply-with-the-cookie-rules/
  • Data Request Form feature pluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins. and direction
  • Open Floor

If you have anything to propose for the agenda or specific items related to those listed above, please leave a comment below.

#privacy, #core-privacy

Dev Chat Summary: May 29th, 2019

Announcements

@chanthaboune announced that since 5.2 has been successfully released, work will be resuming on the Team Leadership training. A blogblog (versus network, site) post on make.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org//updates will be published for anyone wanting to help review the training materials or otherwise indicate they are interested in learning more about how leads lead in WordPress.

WordPress 5.2.2 Updates

5.2.2 co-lead @marybaum updated the agenda with the following proposed dates for bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. scrubs and releases:

Bug Scrub: Wednesday, May 29, 2019, 14:00 UTC
Bug Scrub: Thursday, May 30, 2019, 18:00 UTC
Release Candidaterelease candidate One of the final stages in the version release cycle, this version signals the potential to be a final release to the public. Also see alpha (beta). 1: Monday, June 3, 2019, 19:00 UTC
Bug Scrub: Thursday, June 6, 2019, 20:00 UTC
Release Candidate 2: Monday, June 10, 2019, 16:00 UTC
Final ReleaseRelease A release is the distribution of the final version of an application. A software release may be either public or private and generally constitutes the initial or new generation of a new or upgraded application. A release is preceded by the distribution of alpha and then beta versions of the software.: Thursday, June 13, 2019, 16:00 CDT

Special thanks to @desrosj, @karmatosed, and @audrasjb who led bug scrubs in the past week!

Finally, requesting release packagers be available for the scheduled RC1 release on Monday, June 3, 2019.

WordPress 5.3 Updates

Owners of tickets currently milestoned for 5.3 are encouraged to triagetriage The act of evaluating and sorting bug reports, in order to decide priority, severity, and other factors. them appropriately. If, as a ticketticket Created for both bug reports and feature development on the bug tracker. owner, you are unable to volunteer any time to your tickets in this cycle, please unassign yourself. I’d much rather know for sure that I have spots to fill/tickets to move than let anyone feel unnecessary guilt.

A few components are still assessing potential features to focus on. Once those are settled and focus leads have volunteered, then a finalized timeline for the release can be set. A mid- to late-August timeframe was hoped for, but maintainers were clear that expected features/focuses should be decided upon before more firmly committing to a final timeline. There’s no official, rigid requirement of an August release of WordPress 5.3.

@spacedmonkey asked if any key features have been announced for 5.3. @chanthaboune indicated that nothing is solid yet, and more confidence from maintainers about features that can reasonably completed for 5.3 is needed.

@spacedmonkey also inquired about what GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ features should be expected for 5.3. @aduth pointed to a previous #core-editor chat that laid out the expected goals for Gutenberg updates in 5.3.

One of the aforementioned goals was a navigation blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience. in Gutenberg. @spacedmonkey asked whether the new block will use existing menus from WordPress core. This spawned some debate between contributors about how menu data should be stored and the various admin interfaces used to interact with them. No decisions were made, and continuing discussion is encouraged on the relevant tickets at https://github.com/WordPress/gutenberg/issues/13690 and https://github.com/WordPress/gutenberg/pull/14856. See the Slack conversation for more of the debate.

Updates from component maintainers

Tickets were to be discussed, but time ran short, so they are included here for some additional visibility.

  • https://core.trac.wordpress.org/ticket/46957
  • https://core.trac.wordpress.org/ticket/24730
  • https://core.trac.wordpress.org/ticket/40878
  • https://core.trac.wordpress.org/ticket/43941
  • https://core.trac.wordpress.org/ticket/41685
  • https://core.trac.wordpress.org/ticket/19755
  • https://core.trac.wordpress.org/ticket/47021
  • https://core.trac.wordpress.org/ticket/47192

General Announcements and Open Floor

@sergey asked to open a conversation around changing the invalid and worksforme ticket resolutions in TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. to something more neutral and less confusing for users. The suggested change is: invalidnot-applicable and worksformenot-reproducible. @chanthaboune suggested a Makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility). post for that discussion to allow for a more in-depth discussion.

@desrosj raised a flag for the current, expected size of the upcoming 5.2.2 release. At the time of the chat, there were only 13 tickets in the milestone. Based on past precedent, the release seems to be a bit under the threshold of what usually warrants a minor releaseMinor Release A set of releases or versions having the same minor version number may be collectively referred to as .x , for example version 5.2.x to refer to versions 5.2, 5.2.1, 5.2.3, and all other versions in the 5.2 (five dot two) branch of that software. Minor Releases often make improvements to existing features and functionality.. No decision was made, and a make/coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. post will be created to prompt more discussion of the topic.

Finally, @xkon announced that #core-privacy code has been split into its own files, adhering more to the WordPress Coding Standards and helping with maintainability. Given the better code organization/separation of concerns, now’s a good time to get involved with #core-privacy.

Thanks to all the attendees and everyone else that contributes to WordPress! These notes were taken by @davidbaumwald and proofread by @chanthaboune.

#5-2-2, #5-3#devchat#summary

#core-privacy April update

This is a cumulative update for #core-privacy office hours and bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. scrubs held in April 2019.

Office hours are held every Wednesday at 19:00 UTC in the #core-privacy channel on Making WordPress SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/.. Bug scrubs are Mondays at 15:00 UTC.

5.2 releaseRelease A release is the distribution of the final version of an application. A software release may be either public or private and generally constitutes the initial or new generation of a new or upgraded application. A release is preceded by the distribution of alpha and then beta versions of the software.

5.2 has been a monumental team effort by coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-privacy. The team has shipped all 24 of its tickets earmarked for the release. These included 15 bugfixes and 9 enhancements.

Special props go to @garrett-eclipse for being the driving force behind the team’s 5.2 ticketticket Created for both bug reports and feature development on the bug tracker. success.

The “biggest win” was #44005, introducing the new privacy policy page helpers.

General fixes include:

#46098 – The Privacy Policy guide help notice is now displayed on both the classic editor and the blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience. editor.

#44707 – Users are now able to makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility). additional requests when identical previous requests are in a complete or archived state.

#44644 – The ‘Download Personal Data’ adminadmin (and super admin) action no longer triggers a completion of the request.

Also in 5.2 some privacy nags were removed; post-4.9.6, these notifications had served their purpose:

#45999 – Remove the Privacy Pointer

#46819 – Remove the Privacy Bubble

Some i18Ni18n Internationalization, or the act of writing and preparing code to be fully translatable into other languages. Also see localization. Often written with a lowercase i so it is not confused with a lowercase L or the numeral 1. Often an acquired skill.-Privacy wins were:

#44721 – The Personal Data Erasure Fulfillment email is now in the User’s LocaleLocale A locale is a combination of language and regional dialect. Usually locales correspond to countries, as is the case with Portuguese (Portugal) and Portuguese (Brazil). Other examples of locales include Canadian English and U.S. English.

#46056 – The Personal Data Export email is now in the User’s Locale

Tickets shipped since the March team update included #44175, #44644, #44047, #46819, and #46098. Props @knutsp, @desrosj, @joshuawold, @birgire, @mechter, @subrataemfluence, @xkon, @saimonh, @audrasjb, @dejliglama, @ianbelanger, @iandunn, @pento, @sergeybiryukov.

@earnjam wrote a post in Make/Core on the developer-focused privacy updates in 5.2.

@williampatton wrote a dev note in Make/Themes on the new privacy policy page helpers coming in 5.2.

5.3: export and erasure

For 5.3, @xkon would like the team to focus on finalising all outstanding issues with export and erasure requests. @audrasjb has given @xkon access to his repo for the front-end forms for export and erasure, with a view to using this as our first team feature pluginFeature Plugin A plugin that was created with the intention of eventually being proposed for inclusion in WordPress Core. See Features as Plugins.. (#44013)

5.3: privacy notice updates

The team has discussed #44538, #44669, #46687 as an opportunity for collaboration with the #design team.

PluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party privacy audit

@idea15 has finished writing beta version 1 of the plugin privacy audit workflow, with the help of feedback from many team members and plugin developers. Please feel free to test the workflow on your plugin and provide the team with feedback in #core-privacy.

WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. Europe

@idea15 has signed up for a slot for the team at the WP Cafe at WCEU. This will be a friendly hangout and chat space with no set agenda.

As with last year, #core-privacy will have a team table at the WCEU contributor dayContributor Day Contributor Days are standalone days, frequently held before or after WordCamps but they can also happen at any time. They are events where people get together to work on various areas of https://make.wordpress.org/ There are many teams that people can participate in, each with a different focus. https://2017.us.wordcamp.org/contributor-day/ https://make.wordpress.org/support/handbook/getting-started/getting-started-at-a-contributor-day/.. As with last year, @idea15 @xkon @pputzer @postphotos will take turns secretly disconnecting the wi-fi.

Cross-project privacy cooperation

Members of the #core-privacy team who participate in the cross-project privacy initiative will be participating in the Mozilla Global Sprint in May to standardise file formats for data portability exports and imports across our CMSes, and to identify the export and import functionality which may need to be created within each project. All are welcome to join in. Dates TBC.

Conference talks

New on WPTV:

@rhyswynne at WordCamp Edinburgh 2018: How to integrate the 4.9.6 privacy features into your plugin

@mainplus at WordCamp Belfast 2018: Follow the data

@riankinney at WordCamp Rome 2018: The differences between U.S. and EU privacy law

New talks:

@idea15 participated remotely in a privacy BOF at Drupalcon Seattle on behalf of the #core-privacy team.

@pputzer gave an outstanding talk at WordCamp Vienna on 27 April focusing on active #core-privacy tickets from a developer/sitesite (versus network, blog) owner perspective. The slides are available here.

Other matters:

@javorszky started a review of the wp.org privacy policies which is currently active and available for discussion & review here.

Developer Focused Privacy Updates in 5.2

WordPress 5.2 brings several improvements for developers working with Privacy Policy pages and data exports.

New Privacy Policy Page Helpers

Four new features have been added to makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility). customizing and designing the Privacy Policy page easier:

  • A new function, is_privacy_policy(), can be used in conditionals to identify whether the current $wp_query is for the Privacy Policy page.
  • A new theme template file, privacy-policy.php, is used for rendering the page assigned as the Privacy Policy.
  • .privacy-policy has been added as a body class and is inserted when the currently rendered page is the Privacy Policy page.
  • .menu-item-privacy-policy has been added as a menu item class to specify the menu link that points to the Privacy Policy page.

Backwards Compatibility

The only backwards compatibility concern with using these new helpers is with the is_privacy_policy() function, which would trigger a Call to undefined function fatal error.

Themes and plugins that would like to support the is_privacy_policy() function in older versions of WordPress can use the following shim:

if ( ! function_exists( 'is_privacy_policy' ) ) {
    function is_privacy_policy() {
        return get_option( 'wp_page_for_privacy_policy' ) && is_page( get_option( 'wp_page_for_privacy_policy' ) );
    }
}

For more information, see #44005.

Loosened Tag Restrictions in User Data Exports

User Data exports no longer use a hardcoded list of allowed tags, limited to just <a> and <br>. They will now use the default list of allowed tags in wp_kses().

Furthermore, the code facilitating the export now passes a personal_data_export context to wp_kses(), so that the allowed tags and attributes can be filtered using the wp_kses_allowed_html filterFilter Filters are one of the two types of Hooks https://codex.wordpress.org/Plugin_API/Hooks. They provide a way for functions to modify data of other functions. They are the counterpart to Actions. Unlike Actions, filters are meant to work in an isolated manner, and should never have side effects such as affecting global variables and output. and checking for the personal_data_export context.

Here’s a filter example that adds support for the <sub> and <sup> tags to the personal data export:

function prefix_allowed_html_filter( $allowedtags, $context ) {
	// Only target personal data export.
	if ( 'personal_data_export' !== $context ) {
		return $allowedtags;
	}

	// Add support for the sub tag.
	if ( ! isset( $allowedtags['sub'] ) ) {
		$allowedtags['sub'] = array();
	}

	// Add support for the sup tag.
	if ( ! isset( $allowedtags['sup'] ) ) {
		$allowedtags['sup'] = array();
	}

	return $allowedtags;
}
add_filter( 'wp_kses_allowed_html', 'prefix_allowed_html_filter', 2, 10);

For more information, check out the documentation for the wp_kses_allowed_html filter.

See: #44044

#5-2, #core-privacy, #dev-notes, #privacy, #themes

#Core-privacy March update

This is a cumulative update for #core-privacy office hours and bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. scrubs held in March 2019.

Office hours are held every Wednesday at 19:00 UTC in the #core-privacy channel on Making WordPress SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/.. Bug scrubs are Mondays at 1600 UTC.

We have welcomed several new members into our channel, and were also delighted to welcome back @xkon and @javorszky 🙂

Ticketticket Created for both bug reports and feature development on the bug tracker. and bug scrub update

The team has shipped all of its enhancements for the 5.2 releaseRelease A release is the distribution of the final version of an application. A software release may be either public or private and generally constitutes the initial or new generation of a new or upgraded application. A release is preceded by the distribution of alpha and then beta versions of the software.: #44005, #44044, #44707, #44761, #44822, #44833, #44901, #45136, #45999, #46041, #46254, #46369, #43438, #44233, and #44876.

Props @desrosj, @birgire, @garrett-eclipse, @tz-media, @xkon, @cc0a, @itowhid06, @mmuhsin, @arena, @duckdagobert, @dejliglama, @afercia, @mukesh27, @iandunn, @pbiron, @allendav, @azaozz, @jesperher, @davidbinda, @ocean90, @mikejolley, @Clorith, @pento, @ianbelanger, @jplojohn, @joostdevalk

The remaining 5.2 work will focus on resolving a few bugs which reside outside of the component but have a privacy feature. These are the two i18ni18n Internationalization, or the act of writing and preparing code to be fully translatable into other languages. Also see localization. Often written with a lowercase i so it is not confused with a lowercase L or the numeral 1. Often an acquired skill. issues affecting privacy notifications (#44721 and #46056) and an improvement (#37782) to the Menus which introduces the Privacy Policy page as an important page in the list.

@garrett-eclipse worked with MetaMeta Meta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. to update the Privacy Policy to link to the Data Erasure Request page (meta: 4223) and remove Quantcast verbiage (meta: 4216), and to start work on introducing the Data Export Request page (meta: 4224).

The team has begun to flag privacy-related tickets which should be built as feature plugins with the `feature-pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party` manual tagtag A directory in Subversion. WordPress uses tags to store a single snapshot of a version (3.6, 3.6.1, etc.), the common convention of tags in version control systems. (Not to be confused with post tags.).

V2 Roadmap

The team’s 2019 roadmap has been published to Makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility).. @postphotos wrote a blog post on Make announcing its publication and explaining how the team has structured the plan.

GithubGitHub GitHub is a website that offers online implementation of git repositories that can can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ repo

@postphotos has gained adminadmin (and super admin) access to the Github repo which we used for the V1 GDPR phase of our work. It has had no updates since 17 May of last year.

The team will now begin actively using the Github repo. The #core-privacy component maintainers have been given owner access to use it to build the feature plugins detailed in the V2 roadmap.

The existing pages on the repo from the V1 GDPR phase of the team’s existence will be retained on the repo and archived for reference.

Conference talks

  • Chris Wiegman – How to Improve Privacy of Your Sitesite (versus network, blog) for You & Your Users at WordCamp Miami
  • Panel: What you need to know about Privacy and Security in 2019 at WordCamp Miami (no video yet)
  • Regina Dubinska y Jordi Sala: RGPD en la empresa y en WordPress at WordCamp Barcelona

Cross-project privacy cooperation

Please review and comment on the draft plugin privacy audit workflow drafted by @idea15 and Achilleas from the Joomla! privacy team.

The cross-privacy group will be participating in the Mozilla Open Leaders global sprint in May. It is essentially a virtual contributor dayContributor Day Contributor Days are standalone days, frequently held before or after WordCamps but they can also happen at any time. They are events where people get together to work on various areas of https://make.wordpress.org/ There are many teams that people can participate in, each with a different focus. https://2017.us.wordcamp.org/contributor-day/ https://make.wordpress.org/support/handbook/getting-started/getting-started-at-a-contributor-day/. or days focused on something over and above the usual ticket scrubs and doc updates. The #core-privacy team participants should brainstorm something fun to do in cooperation with the Drupal, Joomla, and Umbraco privacy teams to advance global internet health.

#core-privacy
#privacy

Core Privacy’s 2019 Roadmap Published

We are super excited and proud to announce the #core-privacy team’s V2 Roadmap, which was published last week.

  • We’ve worked through the roadmap for the past few months, focusing on building for general privacy enhancements rather than specific legal obligations.
  • We intend to enhance our existing tools (the Privacy Policy generator, export tool, and the erasure tool we built for the V1 GDPR phase) while also developing extended support for things like Embed Privacy Controls and WP-CLIWP-CLI WP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/ https://make.wordpress.org/cli/ support. We are, of course, keeping an eye on legal developments in the privacy sphere to learn what tools and enhancements we’ll need to build a little later on as the needs change.
  • Where possible, we’ll work to build out plugins first, in order to makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility). development easier for features, and then offer them as a merge to CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress..

Let us know what you think of our roadmap! Share your feedback in the #core-privacy SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/. channel.

As a friendly reminder, we are always looking for new contributors to our great little team. You can find our open Trac tickets here. We have bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. scrubs on Mondays at 1600 UTC and we meet for office hours on Wednesdays at 19:00 UTC.

#core-privacy

#core-privacy Office Hours Agenda – 27 February 2019

The following is the agenda for the coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-privacy weekly office hours meeting. The meeting is held every Wednesday at 19:00 UTC in the #core-privacy channel on Making WordPress SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/..

Current items

Ticketticket Created for both bug reports and feature development on the bug tracker. and bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. scrub update

  • #44822, #46254, #44707 – ready to commit
  • #46056 and #44721 need testing
  • #43895 depends on #44845
  • #45999@desrosj to patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing.
  • #46169, #46170 – ongoing discussion on Google Fonts and performance/privacy issues
  • #46303 – email subjects in privacy export emails (@garrett-eclipse)
  • #46304 – break word for legibility (@garrett-eclipse)
  • 4205 – Privacy policy on Jetpack-activated sites
  • 4215 – DPO email address for .org
  • 4223 needs verbiage
  • 4216 is done
  • Any other tickets arising

V2 roadmap

  • Finalise and publish to Makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility).
  • Identify work for feature plugins, including GDPR Request Form for a GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ blockBlock Block is the abstract term used to describe units of markup that, composed together, form the content or layout of a webpage using the WordPress editor. The idea combines concepts of what in the past may have achieved with shortcodes, custom HTML, and embed discovery into a single consistent API and user experience. (see #44013)

V1 repo housekeeping (Github)

Standing Items

Recent and upcoming WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more./conference privacy talks

Cross-CMS privacy working group report

#core-privacy

#core-privacy Office Hours Minutes – 13 February 2019

The following is a summary of the weekly coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.-privacy office hours held on 13 February 2019. Weekly privacy office hours are held every Wednesday at 19:00 UTC. A full transcript can be found here in the #core-privacy channel in the Makemake A collection of P2 blogs at make.wordpress.org, which are the home to a number of contributor groups, including core development (make/core, formerly "wpdevel"), the UI working group (make/ui), translators (make/polyglots), the theme reviewers (make/themes), resources for plugin authors (make/plugins), and the accessibility working group (make/accessibility). WordPress SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/..

Participants: @desrosj @dejliglama @idea15 @pepe @lakenh @chriscct7 @postphotos

Adminadmin (and super admin) pointers

@desrosj has created a patchpatch A special text file that describes changes to code, by identifying the files and lines which are added, removed, and altered. It may also be referred to as a diff. A patch can be applied to a codebase for testing. (#45999) to remove the admin pointers for the privacy features which were added in 4.9.6. The attendees agreed that the pointers’ usefulness peaked around the GDPR deadline time when the features were new, but they are no longer necessary.

Workplan for 5.2

The team agreed ten tickets to focus on for releaseRelease A release is the distribution of the final version of an application. A software release may be either public or private and generally constitutes the initial or new generation of a new or upgraded application. A release is preceded by the distribution of alpha and then beta versions of the software. 5.2, all of which are bugfixes or enhancements of existing tools.

The bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. scrub for Monday 25 February will focus on 5.2 tickets, and the bug scrub for Monday 4 March will focus on component tickets marked awaiting review.

Component roadmap

@desrosj and @dejliglama have cleaned up the draft roadmap for the component’s work in 2019. The group will finalise all outstanding issues on the roadmap during office hours on Wednesday 20 February, and will post the final roadmap to Make.

Candidates for feature plugins

The roadmap process has included discussions of which new features would be best delivered as plugins. These include embed privacy controls, WP-CLIWP-CLI WP-CLI is the Command Line Interface for WordPress, used to do administrative and development tasks in a programmatic way. The project page is http://wp-cli.org/ https://make.wordpress.org/cli/ support, multisitemultisite Used to describe a WordPress installation with a network of multiple blogs, grouped by sites. This installation type has shared users tables, and creates separate database tables for each blog (wp_posts becomes wp_0_posts). See also network, blog, site support, and GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/ blocks for data export and erasure requests.

Google Fonts

In response to privacy and performance concerns about Google Fonts (#46169, #46170), @pepe is creating a proof of concept patch to add a customizerCustomizer Tool built into WordPress core that hooks into most modern themes. You can use it to preview and modify many of your site’s appearance settings. option to disable Google Fonts for the older (pre-Twenty Nineteen) default themes.

Upcoming WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They're one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more./conference privacy talks

Cross-CMS privacy working group report

The cross-project privacy team is creating a draft workflow to audit project plugins, modules, and extensions for best privacy practice. The workflow is designed to be adapted to each project’s specific needs. Please review and comment on the first draft.

#core-privacy