WordPress.org

Make WordPress Core

Opened 2 months ago

Last modified 4 weeks ago

#43811 assigned enhancement

Licence & Policy notice during installation

Reported by: xkon Owned by: xkon
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Privacy Keywords: gdpr needs-patch
Focuses: Cc:

Description

This was a thought mentioned in #43492 originally but it deserves it's own ticket at the moment.

We all know about the lovely 5 minute installation process that WordPress provides. I feel like we can create a small placeholder during the installation process ( probably on the first page even ) to notify the users about GPL license and a text on Policy. Yes the license is included in a .txt, but people are more used when installing things to see a license / policy during the installation and then continue to the actual install.

I'm not personally thinking about a full blown page with a wall of text but rather a discreet placeholder to hold just the right the information needed like an excerpt from the GPL and a link refering to the full text for the ease of use etc as well as the connection between WordPress and wp.org during updates and such as stated on other tickets so we can be even more clear and upfront to any given user.

@melchoyce do you think you could check this as well so we can provide a mockup/patch to see how it feels and then we can go forth adding the texts needed here as well just in case this could make it to the release also ?

Change History (11)

This ticket was mentioned in Slack in #gdpr-compliance by xkon. View the logs.


2 months ago

#2 @desrosj
2 months ago

  • Owner set to xkon
  • Status changed from new to assigned

#3 @melchoyce
2 months ago

This feels very nebulous right now — how about we get the copy we'll be including drafted first, and then we can talk about design?

This ticket was mentioned in Slack in #gdpr-compliance by xkon. View the logs.


2 months ago

#5 @idea15
2 months ago

Let's break this down as we're really discussing three things.

  1. GPL

Is this really necessary for your everyday user? I don't see that the notification would need to be anything other than "The license under which the WordPress software is released is the GPLv2 (or later) from the Free Software Foundation", as the GPL is not something which will concern 99% of site admins.

  1. Policy

For the purposes of installing wp.org, this would mean WP's own privacy policy https://wordpress.org/about/privacy/, and it's important that the site administrator not conflate that with the one they are required to create.

  1. Connection between WP.org and updates

This is #43492, which is still open. So this is putting the cart before the horse in asking for the wording of text for an issue we haven't resolved.

Jetpack's recent addition says:

"We are committed to protecting your privacy." (I have a kneejerk reaction against "we are committed to X" from my marketing manager days as I think it sounds like customer service waffle, but that's just me.) "Read about how Jetpack uses your data in Automattic's privacy policy https://wordpress.org/about/privacy/ and What data does Jetpack sync? https://jetpack.com/support/what-data-does-jetpack-sync/" And then provides a slider, "Send information to help us improve our products." Which is opted in by default.

So that would be one model to follow, but. The questions are, are we happy with just going with 2 and 3, and leave GPL to the devs, and can we now look at #43492.

#6 @xkon
2 months ago

Thanks for your input @idea15 !

For 1 even the quotation you added is more than enough I guess as well. And imho even everyday users have to be informed about which Open Source license we are under even as a reminder, there are plenty out there with different scopes etc so a reminder of GPLv2+ is a good thing as some might get more educated as we're explaining to them what PHP is and why they need an update etc.

For 2 WordPress installation has nothing to do with 'installing wp.org' the privacy on https://wordpress.org/about/privacy/ is about you visiting wp.org as a user/website relationship and has nothing to do with WordPress as a software.

WordPress privacy policy during installation should be between 1 + 3 as the communicating data for the updates and such concern the admins/devs that are doing the setup usually. But even if #43492 is still open ( I'm not sure it will close in time for the release) I still think the first release should have a notice no matter if that's resolved fully or not.

To make a start then even this would be more than enough imho. I'd be happy to see it as a user/dev/admin if I was about to make my 1st ever WordPress installation:

WordPress is released under GPLv2 (or later) license from the Free Software Foundation. 

Quick License Summary: You may copy, distribute and modify the software as long as you track changes/dates in source files. Any modifications to or software including (via compiler) GPL-licensed code must also be made available under the GPL along with build & install instructions.

A full copy of the license is included with every copy of WordPress, but you can also review it here.

To be able to provide consistent security & feature updates WordPress might occasionally send some data to WordPress.org such as data,data,data,data.

This ticket was mentioned in Slack in #core by desrosj. View the logs.


2 months ago

#8 @desrosj
2 months ago

  • Keywords needs-patch added

This ticket was mentioned in Slack in #gdpr-compliance by xkon. View the logs.


2 months ago

#10 @desrosj
6 weeks ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.


4 weeks ago

Note: See TracTickets for help on using tickets.