id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,focuses 43175,Discussion - Pseudonymisation,xkon,,"I'm opening up this ticket as an area of discussion to try and find out if there's anything needed or will be done in the future regarding 1 specific area of the GDPR. Specifically for `Pseudonymisation`. In my eyes the paragraph below seems to be in need of more attention than explaining to the user what data we are collecting on any given site. As it is stated at the moment on https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#Pseudonymisation Pseudonymisation The GDPR refers to pseudonymisation as a process that transforms personal data in such a way that the resulting data cannot be attributed to a specific data subject without the use of additional information. An example of pseudonymisation is encryption, which renders the original data unintelligible and the process cannot be reversed without access to the correct decryption key. The GDPR requires that this additional information (such as the decryption key) be kept separately from the pseudonymised data. Pseudonymisation is recommended to reduce the risks to the concerned data subjects and also help controllers and processors to meet their data-protection obligations (Recital 28). Although the GDPR encourages the use of pseudonymisation to ""reduce risks to the data subjects,"" (Recital 28) pseudonymised data is still considered personal data (Recital 26) and therefore remains covered by the GDPR. After reading that we made some discussions with some law firms (specializing on internet matters) and the answers that we got where pretty much the same and are as follow: The idea is to either have pretty much all the data encrypted ( for example phone numbers, addresses etc ) or have the website connecting into 2 databases instead of 1 that keeps the data. So you would require access to both databases to identify a person. For example DB 1 keeps the name and password, the 2nd keeps the address and phone. The idea is that if there's a breach it would require both databases to make a full match of a person else the data are incomplete etc. -- Now since I'm not into law or anything, maybe there's somebody around with a more clear view into what's ( IF ) needed to be done. And if that's the case maybe it should become a matter of discussion since May isn't that far off. I've seen Plugins and developers in general are already moving and altering things towards being GDPR compliant, but my question is based on if there's something that needs to be done within the core of WordPress itself so it can be 'shipped' GDPR ready ( if not already compliant ). -- We could also try and gather somewhere all the information regarding WordPress / GDPR to see a more spherical view of the matter and what is changing / needs to be adjusted ( policies etc ).",enhancement,closed,normal,,Privacy,,normal,wontfix,,,