WordPress.org

Make WordPress Core

Opened 2 years ago

Last modified 12 days ago

#43938 assigned enhancement

Make it clear to administrators that not all plugins support privacy policy content, personal data export and erasure

Reported by: allendav Owned by: xkon
Milestone: Future Release Priority: normal
Severity: normal Version: 4.9.6
Component: Privacy Keywords: needs-patch needs-design privacy-roadmap
Focuses: administration Cc:

Description

It is likely that there will be many plugins that will not implement the new privacy policy content hooks nor the personal data export and erasure hooks for some time (if ever).

It would be unfortunate for administrators to overlook privacy policy impacts from such plugins, or to assume that personal data export and erasure included personal data collected by such plugins.

As part of privacy policy content UX, as well as export and erasure UX, we should come up with a way to prompt administrators to take this into consideration.

Attachments (3)

erase.png (377.9 KB) - added by allendav 2 years ago.
Rough draft of erase notice
export.png (355.1 KB) - added by allendav 2 years ago.
Rough draft of export notice
privacy-policy-guide.png (523.6 KB) - added by allendav 2 years ago.
Rough draft of privacy policy guide notice

Download all attachments as: .zip

Change History (34)

This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.


2 years ago

#2 @idea15
2 years ago

I'd agree that we can strengthen the language we use to remind administrators that they are responsible for the accuracy of their privacy notices, but when you say "prompt" I think another dashboard admin notice. What did you have in mind?

#3 @desrosj
2 years ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

#4 @allendav
2 years ago

@idea15 - i was thinking less a notice and more a not-missable always-present blob o' text on the export and erasure management pages making it clear which exporters and erasers are present and calling to the admin's attention that they are responsible for separately managing exports/erasure for anything not listed.

#5 @idea15
2 years ago

Sure. Let's work on the text.

@allendav
2 years ago

Rough draft of erase notice

@allendav
2 years ago

Rough draft of export notice

@allendav
2 years ago

Rough draft of privacy policy guide notice

#6 @allendav
2 years ago

@idea15 @melchoyce rough draft ideas above

Version 0, edited 2 years ago by allendav (next)

#7 @idea15
2 years ago

I'd take out "please note" as it's a bit stiff from both.

When we say "this tool only erases the personal data stored by WordPress", remember that a lot of people have no understanding of what is and isn't of the box WP.

Also, when we say "non participating plugins", that could be interpreted as privacy shaming.


#8 @xkon
2 years ago

The participating plugins is a bit confusing to me. Even if I was to translate it on my native language it would still not make much sense all for a simple user 'all installed plugins are participating somehow since they are in there' if that makes sense.. Also the names of the exporters wouldn't mean anything to most people I guess as well.

@allendav would it be more wise to find to just show the names of the plugins that are using the erasure/export instead and leave it at that maybe?

This way we could say something like This tool only exports the personal data stored by WordPress and the plugins listed below. It is your responsibility to export any personal data from plugins that you might have installed and are not seen in this list. - [List of plugins names].

#9 @allendav
2 years ago

@xkon - I would love to just list the plugins that require manual export/erasure, but we don't have a way of getting the list of "participating" plugins... although plugins can register exporters and erasers, we can't work from that list back to the "participating" plugins - because we don't enforce/require plugin slugs during the current registration process.

Maybe we should fix that oversight.

This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.


2 years ago

This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.


2 years ago

#13 @desrosj
2 years ago

Related: #43750.

#14 @allendav
2 years ago

  • Keywords ui-feedback ux-feedback added

#15 @allendav
2 years ago

Hopefully we can use the plugin header work ( #43750 ) to make it so we can just present the plugins NOT participating - that will make it easier for the end-user to know what they need to do.

#16 @desrosj
2 years ago

  • Keywords privacy-roadmap added

#17 @desrosj
2 years ago

  • Keywords gdpr removed

Removing the GDPR keyword. This has been replaced by the new Privacy component and privacy focuses in Trac.

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


2 years ago

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


23 months ago

#20 @pento
18 months ago

  • Version trunk deleted

#21 @garrett-eclipse
18 months ago

  • Focuses administration added
  • Keywords changed from needs-patch, needs-design, ui-feedback, ux-feedback, privacy-roadmap to needs-patch needs-design ui-feedback ux-feedback privacy-roadmap
  • Version set to 4.9.6

#22 @karmatosed
14 months ago

  • Keywords ui-feedback ux-feedback removed

I think this still needs a design (if that's wrong please let me know), as a result removing the keyword for feedback until we have one.

#23 @garrett-eclipse
13 months ago

A quick thought at a glance... The notice feels almost overwhelming especially if lists of plugins also get introduced. I feel it would serve better as a 1-2 line paragraph with a link to trigger the help menu where more information is stored. In the additional help information, it can then become verbose and extendable without taking over the page.

A shorter notice getting across the point of the limitations of the tools is more likely to be read.

This ticket was mentioned in Slack in #core-privacy by garrett-eclipse. View the logs.


7 months ago

This ticket was mentioned in Slack in #core-privacy by carike. View the logs.


5 months ago

#26 @xkon
5 months ago

  • Owner set to xkon
  • Status changed from new to assigned

#27 @xkon
5 months ago

For related headers discussion that might make this easier see #49272

This ticket was mentioned in Slack in #core-privacy by garrett-eclipse. View the logs.


4 months ago

#29 @garrett-eclipse
4 months ago

  • Milestone changed from Awaiting Review to 5.5

This ticket was mentioned in Slack in #core by david.baumwald. View the logs.


12 days ago

#31 @whyisjake
12 days ago

  • Milestone changed from 5.5 to Future Release
Note: See TracTickets for help on using tickets.