Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 6 years ago

#43491 closed enhancement (fixed)

Automatically create a Privacy Policy page when installing WordPress

Reported by: fclaussen's profile fclaussen Owned by: azaozz's profile azaozz
Milestone: 4.9.6 Priority: normal
Severity: normal Version:
Component: Privacy Keywords: gdpr has-patch fixed-major dev-reviewed has-dev-note
Focuses: Cc:

Description

  1. Install WordPress
  2. Add a Privacy Policy page just like Sample Page. Possibly add a special page status like 'front-page' 'blog posts'
  3. Add a privacy policy selector to options-reading or customizer like front page and blog posts
  4. Under tools we have the actual tools for exporting user data, anonymization of data and so on.

What I'm proposing is that this type of page is important. Specially now. So we need to pay proper attention to it.

Attachments (1)

43491.patch (1.7 KB) - added by azaozz 7 years ago.

Download all attachments as: .zip

Change History (27)

#1 @fclaussen
7 years ago

  • Keywords gdpr added

#2 follow-up: @mikejolley
7 years ago

This sounds like the same thing as https://core.trac.wordpress.org/ticket/43389?

#3 in reply to: ↑ 2 @fclaussen
7 years ago

Replying to mikejolley:

This sounds like the same thing as https://core.trac.wordpress.org/ticket/43389?

More or less.. the decision right now seems to be having the page picker under tools.
#43389 also doesn't mention the possibility of having a privacy policy page being added on first install.

#4 @mikejolley
7 years ago

Hmm. I see. My question is what is worse for a new site.

a) A default privacy policy the user didn't write.
b) No privacy policy at all.

If a policy is general enough to avoid legal issues it could be useful. If it *needs* admin input, it should be manual.

#5 @fclaussen
7 years ago

I'm against a default privacy policy. The admin should write it. But presenting it along with Sample Page maybe is saying "Hey, this is important. Write something here".

Go to your settings and select the front page, blog page, privacy page and so on.

#6 @azaozz
7 years ago

Think we should do that. Creating a new page titled "Privacy Policy", setting the option for it, but keep it a draft. The default content can be something like:

(Edit this page to create your privacy policy.)

Then the user will not have to select or create it from the Tools => Privacy screen, and can edit it straight away (it will be in the pages list table).

@azaozz
7 years ago

#7 @azaozz
7 years ago

  • Keywords has-patch needs-testing added

In 43491.patch: add a page for the privacy policy on install, similarly to the sample page.

#8 @allendav
7 years ago

  • Summary changed from Privacy Flow Proposal to Automatically create a Privacy Policy page when installing WordPress

Updating title to "Automatically create a Privacy Policy page when installing WordPress" per ticket scrub discussion in Making WordPress gdpr-compliance chat today.

#9 @dejliglama
7 years ago

  • The page could be pre-populated with the policy texts from WP core.
  • Using WP's standard page versioning system to inform website owners of changes to the page, when policy texts update from WP core - or other plugins for that matter, seems as a good idea. Though a bit of a new way of using the versioning system in this usecase:
  1. User sees new drafted policy page uppon install.
  2. User does litel or no changes and publish the page
  3. WP core updates policy text (page does not go back into draft)
  4. Updated text oges in to revision +1 (one step ahead of current version)
  5. Admin is alerted that a page holds a new version that is yet to be published
  6. Admin reviews changes, edits and publish.

One question: could step 4 be implemented using The Customizer feature: scheduling with no set date, but awaiting review ?

#10 @fclaussen
7 years ago

What @dejliglama suggested is important. Every time this page is published, we need to alert users of an updated privacy policy page and seek reconsent.

I already do that on the plugin with a notice that says something like "If this was just a typo fix you can dismiss this, if not you should seek reconsent"

But that goes into the consent management component, which we don't have for core and I don't know if we will ever have.

To me, this particular feature should be plugin based.

#11 @melchoyce
7 years ago

  • Keywords ux-feedback added

#12 @dejliglama
7 years ago

@melchoyce has some details going on in this trac : https://core.trac.wordpress.org/ticket/43620

#13 @azaozz
7 years ago

  • Owner set to azaozz
  • Resolution set to fixed
  • Status changed from new to closed

In 42981:

Privacy: automatically create a Privacy Policy page when installing WordPress.

Props fclaussen, azaozz.

Fixes #43491.

#14 @azaozz
7 years ago

In 42982:

Fix typo (missing !).

See #43491.

#15 @johnbillion
7 years ago

  • Milestone changed from Awaiting Review to 5.0
  • Version trunk deleted

#16 @azaozz
7 years ago

In 43243:

Privacy: make creating a privacy policy page on install multisite compatible.

See #43491.

#17 @azaozz
7 years ago

  • Milestone changed from 5.0 to 4.9.6
  • Resolution fixed deleted
  • Status changed from closed to reopened

Reopen for 4.9.6 consideration.

#18 @SergeyBiryukov
7 years ago

  • Keywords fixed-major added

#19 @desrosj
7 years ago

  • Keywords dev-feedback added

This ticket was mentioned in Slack in #core by desrosj. View the logs.


7 years ago

This ticket was mentioned in Slack in #core by azaozz. View the logs.


7 years ago

This ticket was mentioned in Slack in #gdpr-compliance by azaozz. View the logs.


7 years ago

#23 @SergeyBiryukov
7 years ago

  • Keywords dev-reviewed added; dev-feedback removed

#24 @SergeyBiryukov
7 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 43272:

Privacy: automatically create a Privacy Policy page when installing WordPress.

Props fclaussen, azaozz.
Merges [42981], [42982], [43243] to the 4.9 branch.
Fixes #43491.

#25 @desrosj
7 years ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

#26 @desrosj
6 years ago

  • Keywords has-dev-note added; needs-testing ux-feedback removed
Note: See TracTickets for help on using tickets.