Developer Focused Privacy Updates in 5.2

WordPress 5.2 brings several improvements for developers working with Privacy Policy pages and data exports.

New Privacy Policy Page Helpers

Four new features have been added to make customizing and designing the Privacy Policy page easier:

  • A new function, is_privacy_policy(), can be used in conditionals to identify whether the current $wp_query is for the Privacy Policy page.
  • A new theme template file, privacy-policy.php, is used for rendering the page assigned as the Privacy Policy.
  • .privacy-policy has been added as a body class and is inserted when the currently rendered page is the Privacy Policy page.
  • .menu-item-privacy-policy has been added as a menu item class to specify the menu link that points to the Privacy Policy page.

Backwards Compatibility

The only backwards compatibility concern with using these new helpers is with the is_privacy_policy() function, which would trigger a Call to undefined function fatal error.

Themes and plugins that would like to support the is_privacy_policy() function in older versions of WordPress can use the following shim:

if ( ! function_exists( 'is_privacy_policy' ) ) {
    function is_privacy_policy() {
        return get_option( 'wp_page_for_privacy_policy' ) && is_page( get_option( 'wp_page_for_privacy_policy' ) );

For more information, see #44005.

Loosened Tag Restrictions in User Data Exports

User Data exports no longer use a hardcoded list of allowed tags, limited to just <a> and <br>. They will now use the default list of allowed tags in wp_kses().

Furthermore, the code facilitating the export now passes a personal_data_export context to wp_kses(), so that the allowed tags and attributes can be filtered using the wp_kses_allowed_html filter and checking for the personal_data_export context.

Here’s a filter example that adds support for the <sub> and <sup> tags to the personal data export:

function prefix_allowed_html_filter( $allowedtags, $context ) {
	// Only target personal data export.
	if ( 'personal_data_export' !== $context ) {
		return $allowedtags;

	// Add support for the sub tag.
	if ( ! isset( $allowedtags['sub'] ) ) {
		$allowedtags['sub'] = array();

	// Add support for the sup tag.
	if ( ! isset( $allowedtags['sup'] ) ) {
		$allowedtags['sup'] = array();

	return $allowedtags;
add_filter( 'wp_kses_allowed_html', 'prefix_allowed_html_filter', 2, 10);

For more information, check out the documentation for the wp_kses_allowed_html filter.

See: #44044

#5-2, #core-privacy, #dev-notes, #privacy, #themes

#Core-privacy March update

This is a cumulative update for #core-privacy office hours and bug scrubs held in March 2019.

Office hours are held every Wednesday at 19:00 UTC in the #core-privacy channel on Making WordPress Slack. Bug scrubs are Mondays at 1600 UTC.

We have welcomed several new members into our channel, and were also delighted to welcome back @xkon and @javorszky 🙂

Ticket and bug scrub update

The team has shipped all of its enhancements for the 5.2 release: #44005, #44044, #44707, #44761, #44822, #44833, #44901, #45136, #45999, #46041, #46254, #46369, #43438, #44233, and #44876.

Props @desrosj, @birgire, @garrett-eclipse, @tz-media, @xkon, @cc0a, @itowhid06, @mmuhsin, @arena, @duckdagobert, @dejliglama, @afercia, @mukesh27, @iandunn, @pbiron, @allendav, @azaozz, @jesperher, @davidbinda, @ocean90, @mikejolley, @Clorith, @pento, @ianbelanger, @jplojohn, @joostdevalk

The remaining 5.2 work will focus on resolving a few bugs which reside outside of the component but have a privacy feature. These are the two i18n issues affecting privacy notifications (#44721 and #46056) and an improvement (#37782) to the Menus which introduces the Privacy Policy page as an important page in the list.

@garrett-eclipse worked with Meta to update the Privacy Policy to link to the Data Erasure Request page (meta: 4223) and remove Quantcast verbiage (meta: 4216), and to start work on introducing the Data Export Request page (meta: 4224).

The team has begun to flag privacy-related tickets which should be built as feature plugins with the `feature-plugin` manual tag.

V2 Roadmap

The team’s 2019 roadmap has been published to Make. @postphotos wrote a blog post on Make announcing its publication and explaining how the team has structured the plan.

Github repo

@postphotos has gained admin access to the Github repo which we used for the V1 GDPR phase of our work. It has had no updates since 17 May of last year.

The team will now begin actively using the Github repo. The #core-privacy component maintainers have been given owner access to use it to build the feature plugins detailed in the V2 roadmap.

The existing pages on the repo from the V1 GDPR phase of the team’s existence will be retained on the repo and archived for reference.

Conference talks

  • Chris Wiegman – How to Improve Privacy of Your Site for You & Your Users at WordCamp Miami
  • Panel: What you need to know about Privacy and Security in 2019 at WordCamp Miami (no video yet)
  • Regina Dubinska y Jordi Sala: RGPD en la empresa y en WordPress at WordCamp Barcelona

Cross-project privacy cooperation

Please review and comment on the draft plugin privacy audit workflow drafted by @idea15 and Achilleas from the Joomla! privacy team.

The cross-privacy group will be participating in the Mozilla Open Leaders global sprint in May. It is essentially a virtual contributor day or days focused on something over and above the usual ticket scrubs and doc updates. The #core-privacy team participants should brainstorm something fun to do in cooperation with the Drupal, Joomla, and Umbraco privacy teams to advance global internet health.


Privacy Office Hour Notes: January 30, 2019

The following is a summary of the weekly Privacy office hours that occurred on January 30, 2019. Weekly privacy office hours are held every Wednesday at 19:00 UTC. A full transcript can be found here in the #core-privacy room in the Make WordPress Slack.

Attendees: @desrosj, @idea15, @garrett-eclipse, @dejliglama.

Here are the highlights of the meeting:


The items in the latest roadmap revision were discussed and reprioritized. Because of uncertainty with upcoming laws, existing items should be worked on until around the time of WCEU. The priorities were reorganized into the following order:

  • Core Feature Privacy (things already in Core)
  • Gravatar Privacy Controls
  • Embed Privacy Controls
  • Gutenberg Blocks
  • WP-CLI Support
  • Multisite Support

All other items were moved to the back burner.

Roadmap update will soon be published on

Other Items/Open Floor

  • @dejliglama was officially championed as a privacy component maintainer.

The next weekly privacy office hours will be held on Wednesday, February 6, 2019, at 19:00 UTC in the #core-privacy room in the Make WordPress Slack.

#core-privacy, #privacy

Privacy Office Hours Agenda: January 30, 2019

The following is the agenda for the privacy weekly office hours meeting. The meeting is held every Wednesday at 19:00 UTC in the #core-privacy room of the Making WordPress Slack.

  • Tie the roadmap into Trac and the other priorities for the year.
  • Resolve any outstanding comments, uncertainties, etc.
  • Get it out of a Google Doc and onto Make – here we go into the “who has permissions for what” thing again!
  • Sequencing upcoming work on the roadmap so that contributors focus on one key aspect at a time. It currently reads as a backlog.
  • Working in Github vs. Trac for yet to be shipped in core
  • Cross Project Work
  • Ticket candidates for closure.
  • Discuss removing the admin pointers for privacy features added in 4.9.6.

#core-privacy, #privacy

Privacy Office Hour Notes: January 23, 2019

The following is a summary of the weekly Privacy office hours that occurred on January 23, 2019. Weekly privacy office hours are held every Wednesday at 19:00 UTC. A full transcript can be found here in the #core-privacy room in the Make WordPress Slack.

Attendees: @desrosj, @garrett-eclipse, @postphotos, @riankinney, @birgire.

Here are the highlights of the meeting:

WordPress 5.1 Related Items

The full WordPress 5.1 release schedule can be found here

  • At the time of the meeting, 13 privacy component or focus tickets had been committed for release in 5.1 on February 21, 2019. Thanks to everyone that contributed to the final push to land additional tickets in 5.1.
  • Moving forwards, only tickets addressing bugs or regressions only in trunk will be considered.
  • With 5.1 closed for Privacy items, attention should shift to the Privacy component and focus tickets in the 5.2 milestone. There are currently 8 and all but 1 has an owner assigned. More can be added if they are ready.
  • Moving forward, all Privacy tickets should have an owner when being added to a numbered milestone (not Future Release). This will help ensure Privacy tickets are not punted release to release and contributors have a clearer focus.

New Trac Keywords

Two new privacy-related keywords can be found in the Trac keyword dropdown field (see Meta-3896). These keywords (needs-privacy-review, has-privacy-review) need to be added and detailed in two locations to encourage proper use:

  1. The privacy component page on Make WordPress.
  2. The Trac Workflow Keywords page in the WordPress Core Handbook.

After some wordsmith work from attendees, the following descriptions are being proposed:

  • needs-privacy-review: Input is needed from the core privacy team with regards to the privacy implications of the suggested changes.
  • has-privacy-review: Input has been given from the core privacy team reviewing the privacy implications of the suggested changes.

Barring any feedback in the #core-privacy room on the Make WordPress Slack or in the comments below, these keywords and descriptions will be added to those locations.

Open Floor

  • #45999 was re-raised by @garrett-eclipse for feedback. The main concern expressed was “Is removing these pointers in 5.2 too soon?” Some research needs to be done to see what Core has deemed an acceptable timeline for removal in the past.
  • As items on the V2 start to be tackled, work for this should be done using GitHub.
  • Smaller, single feature focused plugins is preferred. But, there will be some features that are too closely related to build in isolation.
  • The pre-existing WordPress Privacy group on GitHub should also be utilized.

The next weekly privacy office hours will be held on Wednesday, January 30, 2019, at 19:00 UTC in the #core-privacy room in the Make WordPress Slack.


Privacy Office Hour Notes: January 16, 2019

The following is a summary of the weekly Privacy office hours that occurred on January 16, 2019. A full transcript can be found here in the #core-privacy room in the Make WordPress Slack.

Attendees: @desrosj, @garrett-eclipse, @dejliglama, @postphotos.

Here are the highlights of the meeting:

WordPress 5.1 Related Items

The full WordPress 5.1 release schedule can be found here

  • At the time of the meeting, 9 privacy component or focus tickets had been committed for release in 5.1 on February 21, 2019.
  • There were 6 privacy component or focus tickets remaining in the 5.1 milestone that needed to be committed or punted by the 5.1 Beta 2 release on Tuesday, January 21, 2019.
  • That list of 6 had been scrubbed the previous Monday (January 14).

Open Floor

  • @idea15 mentioned that @xkon and herself have volunteered to represent the privacy team as participants in the cross-CMS privacy group.
  • The discussion was reopened about expanding the Privacy component to a recognized team with more responsibilities. @postphotos had a discussion with @chanthaboune at WCUS. The main suggestion was to make sure office hour summaries and agendas are regularly posted. Clearer momentum and documentation, as well as a larger contributor base, are also huge pluses.
  • Moving forward in the near term, new privacy features are going to be developed as plugins so they can be quickly iterated on and improved. Bug fixes to existing privacy features in WordPress Core and newly discovered issues that need to be addressed can continue to take place in Trac.
  • @garrett-eclipse mentioned that in some recent Trac gardening he marked a few tickets with the close keyword and would like second opinions. Those tickets are #43958, #44161, and #44464.
  • #45999 was created to explore removing the privacy admin pointers added in 4.9.6.
  • Some attendees expressed that they were currently finding it difficult to find time to contribute. @desrosj suggested investigating better ways to divide parts of initiatives and tasks to ensure work continues even when time for contributing is inconsistent or uncertain.

The weekly privacy office hours are held every Wednesday at 19:00 UTC in the #core-privacy room in the Make WordPress Slack.

#core-privacy, #privacy

Privacy Office Hour Notes – January 9th, 2019

Huge thank you to all who attended the very productive office hours! The recap notes are a bit delayed, but they were not forgotten! A full agenda can also be found in an earlier post, and the full transcript can be found in Slack.

Here are the highlights of the meeting:

Agenda Item 1 – Roadmap Review

  • @idea15 reminded us that there is a more recent version of the Roadmap.
    • @desrosj will investigate how to give more maintainers access to update the roadmap page.
  • @lakenh mentioned Trac issue #44161, regarding IP addresses stored within the usermeta table.
    • @xkon provided an example of a user meta session token, and it contained both a user agent and IP address.
    • @lakenh also discovered that the community-events-location user meta field also contains a full IP address.
      • He also suggested perhaps anonymizing that particular IP by dropping the last few places as the geographical location shouldn’t change by much.
    • @desrosj then asked if these fields were accounted for within the original data export/erasure tools.
      • @garrett-eclipse delivers the bad news that they were not.
      • Ticket to track this issue has been opened, #45889.

Agenda Item 2 – 2019

  • @idea15 gave an update on the cross-project privacy group which broke ground at Drupal Europe. Joomla’s Glip (similar to WordPress’ Slack) now has representatives from this WordPress Privacy team, Drupal, Joomla, Typo3, Umbraco, as well as other industry representatives who are all providing aid to make all CMSs have great privacy features built-in.
  • @desrosj helped to set expectations for what privacy-related changes are acceptable moving forward based on a recent discussion in #core-committers. Small enhancements and bug fixes will generally be OK to include in new releases with little oversight. Larger enhancements will need approval by version release leads.
  • Brainstorm session for how the team’s goals and the greater WordPress project’s goals overlap in 2019.
    • @desrosj suggested the following three areas of being places that we can help out:
      • Providing a way for users to opt-in to automatic plugin and theme updates.
      • Providing a way for users to opt-in to automatic updates of major Core releases.
      • Building a directory for discovering blocks, and a way to seamlessly install them.
    • @desrosj also suggested Health Check as a possible area, as perhaps there are some server level privacy checks that could be built in.
      • @clorith expressed that the team was open to any ideas and that privacy features for Health Check can be created as GitHub issues on its repo for consideration.

#core-privacy, #privacy

Core Privacy Agenda – 9 January 2019

Happy New Year to all, and hope everyone enjoyed the holiday season. Our weekly office hours resume today, January 9th, 2019 at 19:00 UTC in #core-privacy.

The goal today is to ease back into the swing of things a bit slowly, starting with short office hours today, and see where things go from there.


  • Roadmap Review
    • Is our roadmap still looking how we want it? Is anything missing?
  • 2019 Plans
    • Matt posted the 9 priorities for 2019 last month.
    • Privacy is not explicitly mentioned in any of them. But, as a team, we should brainstorm where overlap exists with the team’s goals and where we can help out on this list.
      • Example: Auto-update support is one of the priorities; perhaps we can try and get the telemetry changes merged with it (#43492)
  • Open Floor
  • Off-Topic Open Floor
    • How were your holidays? Catch up and chit-chat 🙂

Hope to see you all there! All contributors welcome regardless of skill level or expertise.

#core-privacy, #privacy

Core-Privacy Agenda – 12 December

When/Where: Join us in #core-privacy on Making WordPress Slack on Wednesday, 12 December at 1900 UTC

1. WCUS postmortem
a. Leo and Kevin’s privacy talk – comments, feedback, and follow up
b. Contributor Day – lack of a table as a core component team despite having had a table at WCEU
c. Morten’s talk/Leo
d. Other business arising

2. V2 roadmap updates

3. Team issues
a. Recruitment of new team members and contributors (chicken and egg discussion)
b. Instructions regarding the core-privacy team issued to the Marketing team
c. Team structure & visibility – per 17 October office hours summary and 28 June meeting



Core-Privacy Office Hours Summary, 21 and 28 November

Ticket and coding issues

  • Gutenberg 11999, Fix the Privacy Policy Help Notice – merged into Core r43920. There is an open PR on the Classic Editor that will reverse the changes in r43920 and preserve the current placement of the notice (below the post title, above the editor) when that plugin is active.
  • As far as the contributors are aware, Gutenberg 11648 is the only remaining 5.0 related privacy ticket.
  • Quantcast advertising tracking has been removed from the .org footer. Props @ocean90. Matt has also approved replacing the social networking links with non-tracker links.
  • There are some potential privacy issues regarding Google Captcha 3.0. @idea15 to research.
  • #45395, which added the “shield” illustration to the admin dashboard privacy page, has raised the issue of the currency and accuracy of the text under it.
  • The 26 November bug scrub examined several new tickets: #45416 #45154, #45136, #44952, #44940, and #44876.
  • The needs-privacy-review tag in Trac (#3896) has been marked commit. @garrett-eclipse will add a link to the “needs-privacy-review” page on the main component page when there are active tickets.
  • There are 46 privacy tickets awaiting review.

Conference talks

Team issues

  • @javorszky has had to step away from contributing due to time constraints. @allendav is also unable to contribute at pre-4.9.6 levels. The team is always looking for new participants and contributors.
  • @riankinney and @idea15 are meeting with the Joomla! Core privacy team after WCUS to identify potential areas for mutual cooperation and to also learn more about their consent and logging work.
  • @idea15 wrote a post about the component’s work for the Marketing team.
  • The attendees agreed to use our 12 December office hours meeting, after WCUS and our contributions to Gutenberg are out of the way, to kickstart the V2 core privacy work.

Reminder: our weekly office hours are now at Wednesdays at 1900 UTC while bug scrubs remain Mondays at 16:00 UTC. The next office hours will take place on Wednesday, December 5, 2018 at 19:00 UTC