WordPress.org

Make WordPress Core

Opened 16 months ago

Last modified 14 months ago

#43923 new enhancement

Add a step to the Data Removal/Erasure UX for deleting a user account

Reported by: coreymckrill Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version:
Component: Privacy Keywords: has-patch, needs-testing
Focuses: Cc:

Description

In the ERASURE.md file over on #43602, it is mentioned that processing an erasure request does not actually remove the user's account, as that should be a separate step. However, this isn't mentioned anywhere in the UX, and may not match the expectations of some admins who are trying to fulfill a request to completely remove a user.

Perhaps the request could include a row action that initiates the process of deleting a user account? Or at least a blurb at the top explaining that account deletion is a separate step over on the Users table.

Attachments (2)

43923.diff (2.4 KB) - added by allendav 16 months ago.
Add username and Delete User action to personal data erase request rows
delete-user.png (252.2 KB) - added by allendav 16 months ago.

Download all attachments as: .zip

Change History (20)

This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.


16 months ago

#2 @desrosj
16 months ago

  • Milestone changed from Awaiting Review to 4.9.7

@allendav
16 months ago

Add username and Delete User action to personal data erase request rows

#3 @allendav
16 months ago

  • Keywords has-patch needs-testing added; needs-patch removed

This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.


16 months ago

#5 follow-up: @coreymckrill
16 months ago

Does deleting a user also erase/anonymize their comments and other potentially personal data? If not, I wonder if this row action should only be available after the erasure request has been completed...

#6 in reply to: ↑ 5 @allendav
16 months ago

Replying to coreymckrill:

Does deleting a user also erase/anonymize their comments and other potentially personal data? If not, I wonder if this row action should only be available after the erasure request has been completed...

Mostly no. Deleting a user does dump their user meta as their user is deleted. It also removes their authorship from posts. Nothing else is cleaned up. In general, you could actually run these actions (erase personal data, delete user) in either order safely.

#7 @iandunn
16 months ago

I think it'd be good to add a current_user_can( 'delete_user', $user->id ) check before displaying the link, to avoid showing the admin a link for something they won't be able to do, if a plugin has removed that cap from them.

This ticket was mentioned in Slack in #gdpr-compliance by xkon. View the logs.


16 months ago

#9 @TZ Media
16 months ago

Great work. This functionality could utilize a feature similar to what is proposed in #43880 to ensure an anonymous user is present and auto-reassign the posts to that user.

Also, it might be useful to add a filter for the $row_actions to allow plugins to add their stuff, if possible.

#10 @iandunn
16 months ago

#44009 was marked as a duplicate.

This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.


15 months ago

#12 @desrosj
15 months ago

  • Milestone changed from 4.9.7 to Future Release

Moving gdpr tickets that are not bugs to Future Release until the next steps can be properly evaluated.

#13 @desrosj
15 months ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.


15 months ago

This ticket was mentioned in Slack in #core-multisite by iandunn. View the logs.


15 months ago

This ticket was mentioned in Slack in #core by allendav. View the logs.


15 months ago

This ticket was mentioned in Slack in #core-privacy by allendav. View the logs.


15 months ago

#18 @desrosj
14 months ago

  • Keywords gdpr removed

Removing the GDPR keyword. This has been replaced by the new Privacy component and privacy focuses in Trac.

Note: See TracTickets for help on using tickets.