Andrew Ozz 2:57 pm on March 28, 2018
Tags: gdpr-compliance, roadmap ( 9 )

Roadmap: tools for GDPR compliance

This roadmap is for adding privacy tools to coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.. These tools will help site owners comply with the GDPR and other privacy laws and requirements.

Main tasks

I. Add tools for creating a privacy policy

The idea is to have a “special” page for the privacy policy, #43435 (initial version of this is already committed), and #43491. The site owners are able to select an existing page or create a new one. There will be wp_get_privacy_policy_page() helper functions for use in themes, etc.

Another idea is to have a “postbox” shown when editing the policy page. All plugins that collect personal data or set cookies can output some concise information about what they collect and store and why. This information should be phrased for inclusion in the site’s privacy policy.

Core will also contain text that the site owners can use to create their policies. The text will be used as the default privacy policy and will be inserted in the privacy policy page when a new one is created. See #43473.

II. Create guidelines for plugins on how to get GDPR compliant

This should be a chapter on privacy in the plugins handbook. Needs text.

III. Add tools to core to facilitate compliance, and privacy in general

There are several plugins that are implementing similar tools. It would be great if the pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party authors participate/contribute to core to include the base tools, so we don’t double the efforts.

These tools will require a confirmation of the email of the person that requests an action, see #43443 (first version is already committed). When a confirmed request is received, the site owner will perform the action.

This could be done automatically. However deleting and anonymizing will be non-reversible. In this case it’s better if the site owners perform the actions themselves, after additional confirmation if required.

There will be two main tools:

To export all personal data stored on the site (by email address or user login), see #43438, #43440, #43547, #43547.
To delete all personal data and anonymize published/public content (like posts, comments, etc.), see #43637.

Note that registered users (“author” and above) have access to almost all of their personal data on the User Profile screen. They also have access to all posts and comments they have made on the site, and can edit or delete them. Site owners should deal mostly with requests from “contributor” level users and people that have commented on the site.

Couple of tasks can be performed in core without additional tools. For example a registered user’s account can be deleted and all of their posts can either be deleted or reassigned to another (already created) user account. This is sufficient for anonymizing a user account if there are no plugins that store private user data outside user_meta. Also, admins can search for and delete a specific user’s comments.

However having a specialized tools will enable plugins to hook into the performed actions and do their share. This is critical as many of the top 100 plugins seem to store at least some private user data.

IV. Add documentation/help for site owners on how to use these tools

The documentation should be on the new Tools => Privacy screen. Alternatively we can add only a very brief explanation and link(s) to WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ with more extended help. Needs text.

All GDPR related tickets can be accessed here: https://core.trac.wordpress.org/query?status=!closed&keywords=~gdpr

#gdpr-compliance, #roadmap

Jb Audras 10:49 pm on March 22, 2018
Tags: 4.9.5 ( 21 ), core ( 563 ), gdpr-compliance

Dev Chat Summary: March 21st (4.9.5 week 7)

This post is a summary of the latest dev chat meeting which took place on March 21st (agenda– Slack archive).

Meeting time change

Due to Spring time change, the weekly coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. dev chat meeting will change from next week to be 20:00 UTC and held as usual in #core on SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/..

4.9.5 planning

WordPress 4.9.5 beta as been released Tuesday, March 20th.

There is 23 already fixed tickets and 2 blessed tasks. The milestone is clear. Some bugbug A bug is an error or unexpected result. Performance improvements, code optimization, and are considered enhancements, not defects. After feature freeze, only bugs are dealt with, with regressions (adverse changes from the previous version) being the highest priority. fixes can still ship with 4.9.5 (before RCrelease candidate One of the final stages in the version release cycle, this version signals the potential to be a final release to the public. Also see alpha (beta).), but enhancements have to land in 4.9.6.

Release candidaterelease candidate One of the final stages in the version release cycle, this version signals the potential to be a final release to the public. Also see alpha (beta). is still scheduled for Tuesday, March 27th, around 23:00 UTC.

4.9.5 release following on Tuesday, April 3rd.

Updates from focus leads and component maintainers

The GDPR Compliance team continues to meet at 16:00 UTC on Wednesdays and have reached "critical mass" in #gdpr-compliance. The team have general ideas of what needs doing and how to do it. Next step would be to get more eyes on the GDPR related tickets.

Note the max-width caption revert coming in 4.9.5 (see Dev note).

Thursday, March 22 Support meeting was dedicated to plan the increase in support traffic from a forthcoming "Try GutenbergGutenberg The Gutenberg project is the new Editor Interface for WordPress. The editor improves the process and experience of creating new content, making writing rich content much simpler. It uses ‘blocks’ to add richness rather than shortcodes, custom HTML etc. https://wordpress.org/gutenberg/" promo (see TracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. ticketticket Created for both bug reports and feature development on the bug tracker. #41316).

#4-9-5

Pascal Casier 8:05 pm on February 27, 2018
Tags: gdpr-compliance, summary ( 820 )

GDPR Compliance Chat Recap – February 21st

(full text on slack)

A centralised GitHubGitHub GitHub is a website that offers online implementation of git repositories that can easily be shared, copied and modified by other developers. Public repositories are free to host, private repositories require a paid subscription. GitHub introduced the concept of the ‘pull request’ where code changes done in branches by contributors can be reviewed and discussed before being merged be the repository owner. https://github.com/ folder was created to gather all info (Roadmap, knowledge base, tracTrac An open source project by Edgewall Software that serves as a bug tracker and project management tool for WordPress. tickets list, etc) while waiting for a final location: https://github.com/gdpr-compliance/info

@idea15 (webdevlaw on slackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/.) indicated that a privacy centre to hold GDPR information for site users, for site administrators/owners, and developers is being build. To be checked how this will be split between wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ and wordpress.comWordPress.com An online implementation of WordPress code that lets you immediately access a new WordPress environment to publish your content. WordPress.com is a private company owned by Automattic that hosts the largest multisite in the world. This is arguably the best place to start blogging if you have never touched WordPress before. https://wordpress.com/

How 'other systems' deal with the request to see personal data can be found on https://github.com/gdpr-compliance/info/blob/master/KB.md#how-do-others-allow-users-to-download-their-own-data

A discussion was started if the GDPRWP.com interface is way to go and/or if CoreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress. should provide actions & filters to provide means to plugins to report their personal data.

@allendav was pointing to https://github.com/allendav/wp-privacy-policy-shortcodes for possible shortcodes to expose privacy policy statements in a consistent way.

@schlessera pointed out that localization might be difficult to handle, how to avoid a mix of languages?

Current global idea is that plugins submit the info using hooksHooks In WordPress theme and development, hooks are functions that can be applied to an action or a Filter in WordPress. Actions are functions performed when a certain event occurs in WordPress. Filters allow you to modify certain functions. Arguments used to hook both filters and actions look the same./filters, the adminadmin (and super admin)/controller needs to 'accept' them so that enduser can see the full list, all based on versioning per pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party.

Additional capabilities (like e.g. manage_compliance) could be needed.

#gdpr-compliance #summary

Andrew Ozz 12:01 pm on February 19, 2018
Tags: gdpr-compliance, roadmaps ( 17 )

Proposed roadmap: Tools for GDPR compliance

This is a proposed roadmap for adding privacy tools to coreCore Core is the set of software required to run WordPress. The Core Development Team builds WordPress.. The plan is to finalize it at the next #gdpr-compliance chat in SlackSlack Slack is a Collaborative Group Chat Platform https://slack.com/. The WordPress community has its own Slack Channel at https://make.wordpress.org/chat/..

Main goal

Add tools to help site owners comply with the GDPR and other privacy laws and requirements.

Add notices for both registered users and commenters on what data is collected in core by default, and why.

Shorter texts in core with links to more information. Needs text.
Create these “more information” pages on WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/. Needs text.

Create some guidelines for plugins on how to get compliant.

A page (or several pages) on WordPress.org. Needs text.

Add tools to core to facilitate compliance, and privacy in general.

There are few plugins that have started implementing these tools, so we have a nice head start.

The requests to see, download and delete/anonymize private data have to be with a confirmation (double opt-in) to avoid misuse. One possible solution would be to send a token by email when a user or a commenter has requested access to or deletion/anonymization of their private data. Then they will have to submit that token as a confirmation of their request.

TBD: shall we make this process automatic or should a site owner perform the action upon receiving the confirmed request?

For commenters. The stored private data is emails and IP addresses, the rest is public.
1. Dialog for requesting to see and download their private data.
  TBD: should that data also contain the public portion?
2. Dialog for requesting deletion/anonymization of the data.
  TBD: Deletion or anonymization? Or both and let the site owner decide?
3. Ask for consensus for storing commenter cookies. This can be a (checked) checkbox under the comments form, something like “Save my name, email and site URLURL A specific web address of a website or web page on the Internet, such as a website’s URL www.wordpress.org in my browser for next time I post a comment. More information”.
For registered users. All of the data stored by default is already visible in the user profile (except IP addresses if they have commented on the site), and most can be edited or deleted from there.
1. Button for downloading their private data, including IP addresses if they have commented. Again, should that also contain the public data?
2. Button for requesting deletion/anonymization of their account.

Add documentation/help for site owners on how to use these tools.

This should probably be another page under the Tools menu and contain short explanation of what privacy tools are available and how to use them. It could also contain the actual tools, for example an input field for anonymizing commenters by email address.

There are a few things that need clarification:

IP addresses may be considered personal data so they need to be deleted or anonymized. However do they need to be sent to the user when requesting to see or download their personal data? They are essentially third-party tokens used temporarily to access the Internet and the users have no control over them. Do other websites make them available?
Who are considered “controllers”? All admins on single install and all superadmins on multisitemultisite Used to describe a WordPress installation with a network of multiple blogs, grouped by sites. This installation type has shared users tables, and creates separate database tables for each blog (wp_posts becomes wp_0_posts). See also network, blog, site? Are admins on multisite controllers for their own site?

Please post your suggestions in comments so we can finalize the roadmap at the next #gdpr-compliance chat on Wednesday. Thanks @casiepa for helping with this!

#roadmaps

Welcome!

Communication