#43389 closed feature request (wontfix)
Add a privacy policy page setting to options-reading.php
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 5.1 |
| Component: | Administration | Keywords: | |
| Focuses: | Cc: |
Description
Proposed: Add a privacy policy page setting to options-reading.php or possibly options-general.php. The privacy policy page setting, like the home page setting, could default to un-set, and an admin could otherwise select from pages on the site.
The selected page would be saved in the site's options and available to themes and plugins via something like get_privacy_policy_url (similar to how get_home_url works)
We should also have a is_privacy_policy that returns true (similar to how is_home works)
May or may not want the result filterable like home_url supports.
Rationale for adding to core: with the EU GDPR coming into effect, more sites are required to have a published privacy policy. Having a standard means of fetching a site's privacy policy url will be great help to themes and widgets that need to expose that information.
Attachments (2)
Change History (15)
#2
@
6 years ago
This issue came out of the GDPR chats.
We should decide if we want 1 master ticket, several smaller tickets, both, or neither based on timing, etc...
#3
@
6 years ago
I'm a fan of breaking work down - this piece seems fundamental to me and could actually be delivered early and independently of other GDPR related work.
Edit: I'll be sure to mention this particular ticket/idea in next week's .org slack gdpr office hours as well
#4
@
6 years ago
- Keywords gdpr needs-patch added
- Milestone changed from Awaiting Review to 5.0
Related: #43435.
#5
@
6 years ago
I'm not convinced we need another "special" page for the privacy policy. These are too complex to implement, have too many edge cases, too many rules that don't make sense for most users that make them hard to set and use.
On the other hand having a WP page will ensure the theme displays it properly.
Perhaps we can use a standard page. It will be created automatically when the site owner creates a privacy policy, see #43435. We can set the title and the slug according to the site's language. Then we can have get_privacy_policy_content() that will output the policy text the user created. Can even do it with a shortcode :)
#6
@
6 years ago
Perhaps we can use a standard page. It will be created automatically when the site owner creates a privacy policy, see #43435. We can set the title and the slug according to the site's language. Then we can have get_privacy_policy_content() that will output the policy text the user created. Can even do it with a shortcode :)
I like this. We could even provide a helper function for themes/plugins to fetch whatever page the privacy policy shortcode is on if we don't want to persist it to an option?
#7
@
6 years ago
On further thought (and discussion in slack) I don't think we should automatically create a page, but I think we still allow the admin to designate a page as the privacy policy page.
I suggest we then use #43435 to, instead of having a separate settings page, have a wide meta box that appears when editing the privacy policy page into which plugins can filter their privacy policy items, which can then be cut and pasted into the site's actual privacy policy in the co-located page editor.
This makes the UX more of a single-page workflow (instead of having two places to work - in settings and in a page editor) and also might even pave the way for privacy policy Gutenberg-blocks down the road.
#8
@
6 years ago
- Keywords has-patch added; needs-patch removed
Here's a patch that adds a new setting to Settings > Reading for the privacy policy. It saves it in a page_for_privacy_policy option. I did not create a url-getter function since standard practice is probably to use something like get_permalink( get_option( 'page_for_privacy_policy' ) ); instead anyways.
#9
@
6 years ago
Discussed this in Slack: https://wordpress.slack.com/archives/C9695RJBW/p1520271733000031?thread_ts=1520270079.000490&cid=C9695RJBW
The plan is:
- Add "Privacy" page under Tools menu.
- Then add to it:
- A button to create a page and set it as the Privacy Policy.
- A drop-down to designate an existing page as the PP page. Once one of these is done, show a link to edit the PP page.
- A tool to anonymize comments by the email.
- A tool to anonymize user by email (and/or login name).
- Explanations what each tool does.
See #43435.
#10
@
6 years ago
Agreed - I'll redo this and expose the setting on the Tools > Privacy page #43435 is adding instead
Will also add an affordance (link?) to create the page if no page is selected. Link will open post-new with the title filled in as "Privacy Policy". On save, the page_for_privacy_policy option will be updated
If a page is selected, will include a link to edit the privacy policy page that will open post.php to edit the page.
#11
@
6 years ago
Please see https://core.trac.wordpress.org/ticket/43435#comment:14 for this setting now.
#12
@
6 years ago
- Resolution set to wontfix
- Status changed from new to closed
We delivered this setting UI to a different screen in https://core.trac.wordpress.org/ticket/43435
This was discussed in Making WordPress gdpr-compliance office hours today and we all agreed that there was no need to duplicate this setting UI in options-reading as well. Closing this issue as wontfix.
Related: #43175
Before we jump the gun here I'd heavily suggest discussing stuff like that in the GDPR compliance chats.
See https://make.wordpress.org/core/2018/02/19/proposed-roadmap-tools-for-gdpr-compliance/ for more information.