WordPress.org

Make WordPress Core

Opened 2 weeks ago

Closed 2 weeks ago

Last modified 7 days ago

#43980 closed defect (bug) (fixed)

Consider outputting the suggested privacy policy content to a new page insted of a postbox

Reported by: azaozz Owned by: azaozz
Milestone: 4.9.6 Priority: normal
Severity: normal Version: trunk
Component: Privacy Keywords: gdpr 2nd-opinion
Focuses: Cc:

Description

This is a follow up from #43473.

It became apparent that the suggested privacy policy content is quite long after we added the tutorial to the default WordPress text. It is too long to display inside of a postbox and be readable and easy to use.

We should explore the alternative to having a postbox. Can output all suggested content to another page in wp-admin and add a link to it when editing the policy page. That way the suggested text will be much more accessible and easier to see and read, no matter how long it becomes after content from plugins and themes is added.

Attachments (5)

suggested-content-screen.png (79.4 KB) - added by azaozz 2 weeks ago.
Privacy Policy: External: Guide.png (2.5 MB) - added by melchoyce 2 weeks ago.
For reference, here's the mockup.
Privacy Policy: External.png (370.3 KB) - added by melchoyce 2 weeks ago.
And how it would look on your Privacy Policy page.
Privacy Policy: External: Guide: TOC.png (35.4 KB) - added by melchoyce 2 weeks ago.
Copy is 11px, #6C7781.
privacy-guide.png (94.2 KB) - added by azaozz 2 weeks ago.

Change History (27)

#1 @xkon
2 weeks ago

If you gather everything in 1 page and have 15+ plugins with incoming policies that page will be one serious mountain to scroll and really hard to easily find what you want imho.

As a reminder: This is the reason why I had tabs on my first UI iterations ( 1 of the examples: lower part of https://core.trac.wordpress.org/attachment/ticket/43481/43481.6.jpg ).

There are plenty of iterations in #43481 if you want a refresh or find ideas that got turned down and I'm still not sure 'why' even though I was already solving these kinds of issues with imho the best flow even if everything was in 1 page.

@melchoyce
2 weeks ago

For reference, here's the mockup.

@melchoyce
2 weeks ago

And how it would look on your Privacy Policy page.

#2 @allendav
2 weeks ago

How do I get the text from the snippets page to the page editor?

This ticket was mentioned in Slack in #core by desrosj. View the logs.


2 weeks ago

This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.


2 weeks ago

#5 @allendav
2 weeks ago

From https://wordpress.slack.com/archives/C9695RJBW/p1525710452000791

An idea: perhaps we could have the wall as shown above but also have a SELECT at the top with an option for each plugin - that way the page could be filtered (e.g. have the SELECT drive a query param) to focus on a particular plugin at a time - and thus make working with this page a little easier.

(Note: An accordion was also discussed briefly, but accordions (like tabs) are not great for accessibility.)

This also opens up the possibility of "deeplinking" from the page editor prompt just to the individual plugins (or core) that have updated content.

#6 @azaozz
2 weeks ago

@melchoyce the mockups look great! Starting on them. One problem we may have is copying only the suggested text without the tutorial bits. The browsers have bigger limitations when copying text programmatically (for security purposes). It may not be trivial to bypass some of the text.

@allendav by SELECT you mean a (standard) drop-down or the TOC (table of content) at the top-right? A drop-down is usually pretty bad idea for navigation, same as accordions. It's not only bad for accessibility but hides most of the content and disorients the user.

If you mean to extend the TOC by listing the plugin names, sure, thinking that is a great idea. Going to make it that way, also perhaps add highlighting to new and deleted items with in the TOC.

Yeah, I wasn't expecting this text to be so long either. We were talking about "translating" this into more understandable and most importantly readable piece of content. Unfortunately it seems we can't do that. The needed privacy policy and the suggested privacy policy content turned out to be very long.

I'm frankly not sure how many people will ever read these policies. Probably yet another completely futile content that websites are required to have, just like all the cookies warnings popups you can see everywhere :(

#7 @melchoyce
2 weeks ago

One problem we may have is copying only the suggested text without the tutorial bits. The browsers have bigger limitations when copying text programmatically (for security purposes). It may not be trivial to bypass some of the text.

Okay — maybe we should drop the copy button and expect folks just to review and manually copy over the suggested text if they need it.

If you mean to extend the TOC by listing the plugin names, sure, thinking that is a great idea. Going to make it that way, also perhaps add highlighting to new and deleted items with in the TOC.

Yeah, this is a good idea. Let me quickly mock something up for this.

I'm frankly not sure how many people will ever read these policies. Probably yet another completely futile content that websites are required to have, just like all the cookies warnings popups you can see everywhere :(

☝️☝️☝️

@melchoyce
2 weeks ago

Copy is 11px, #6C7781.

#8 @allendav
2 weeks ago

I love the TOC idea! Go to know SELECTs are poor for accessibility.

#9 @azaozz
2 weeks ago

#43981 was marked as a duplicate.

#10 @azaozz
2 weeks ago

In 43184:

Privacy: outputting the privacy policy guide and suggested content to a new page instead of a postbox.

Props melchoyce, azaozz.
See #43980.

#11 @azaozz
2 weeks ago

Okay — maybe we should drop the copy button...

Was able to get it to work. Used the fact that "hidden" content cannot be copied (programmatically) from a webpage :)

Added the plugins and theme names to the TOC. "Introduction" and "WordPress" will always be at the top. It's actually pretty hard to split on core, plugins, theme as we only get name and text, not type. Can probably patch it if absolutely necessary but need to change what data we get from plugins and themes. Can also show "Plugins and theme" as one item, but not really sure it makes a difference whether the suggested content comes from a plugin or the theme, as long as we show the name.

TBD: do we keep the left green/red borders and backgrounds for text that has been updated or removed?

#12 @xkon
2 weeks ago

Since we're adding all these into a new page that is basically 'hidden' as it uses the Settings-> Privacy page at least for now.

Can we add a link to the actual Settings -> Privacy page somewhere as well for ease of access (if not creating an extra menu item for straight access)?

If I want to quickly check something on the whole suggested text it's easier to go Privacy -> Check out the guide than Pages -> Edit Page -> Check out the guide -> popup new tab.

@azaozz
2 weeks ago

#13 @azaozz
2 weeks ago

Another TBD: I'm assuming we want the TOC position: fixed when the screen is wide enough.

Can we add a link to the actual Settings -> Privacy page somewhere...

Yeah, perhaps we should have an easier way to access the Privacy Policy Guide screen, but then it's going to be used almost always when editing the policy... :)

This actually doesn't belong in the Settings menu item. Will have to try some tricks so that menu doesn't expand when accessing the guide, perhaps move under Tools somewhere...

This ticket was mentioned in Slack in #gdpr-compliance by azaozz. View the logs.


2 weeks ago

#15 @melchoyce
2 weeks ago

@azaozz:

Was able to get [copy] to work. Used the fact that "hidden" content cannot be copied (programmatically) from a webpage :)

👍

Another TBD: I'm assuming we want the TOC position: fixed when the screen is wide enough.

Yeah. Let's unfix it at 1024px to avoid mobile compatibility issues with position: fixed.

TBD: do we keep the left green/red borders and backgrounds for text that has been updated or removed?

Let's nix them from this version. Only thing I think could be worth keeping is if a third party deletes their privacy policy entirely — then maybe underneath their section, we have a warning notice that says:

This [plugin/theme] deleted their privacy policy on [date]. Please get in touch with them directly if you have any concerns.

Or something ¯\_(ツ)_/¯

@xkon:

Can we add a link to the actual Settings -> Privacy page somewhere as well for ease of access (if not creating an extra menu item for straight access)?

Yeah, can we add another line of text here once you've selected a page for your guide? Maybe:

[Edit] or [view] your privacy policy page content.

Need help putting together your new Privacy Policy page? [Check out our guide] for recommendations on what content to include, along with policies suggested by your plugins and theme.

#16 @azaozz
2 weeks ago

In 43203:

Privacy: fixes for the privacy policy guide and suggested content:

  • Separate the guide text form the suggested policy text.
  • Add table of content for easier navigation.
  • Move the content to tools.php (prevents the settings menu of being open).
  • Add a link to the guide from the Privacy settings screen.

Props melchoyce, azaozz.
See #43980.

#17 @azaozz
2 weeks ago

  • Owner set to azaozz
  • Resolution set to fixed
  • Status changed from new to closed

In 43204:

Privacy: show the privacy policy guide and suggested content on a new page instead of a postbox. Then:

  • Separate the guide text form the suggested policy text.
  • Add table of content for easier navigation.
  • Move the content to tools.php (prevents the settings menu of being open).
  • Add a link to the guide from the Privacy settings screen.

Props melchoyce, azaozz.
Merges [43184] and [43203] to the 4.9 branch.
Fixes #43980.

#18 @SergeyBiryukov
2 weeks ago

In 43206:

Privacy: Make the help hint for Privacy Policy page more translatable and accessible.

Props tobifjellner.
See #43980.

#19 @SergeyBiryukov
2 weeks ago

In 43207:

Privacy: Make the help hint for Privacy Policy page more translatable and accessible.

Props tobifjellner.
Merges [43206] to the 4.9 branch.
See #43980.

#20 @Presskopp
13 days ago

@SergeyBiryukov Don't we want to add rel="noopener noreferrer" here? see #37941

This ticket was mentioned in Slack in #core by desrosj. View the logs.


13 days ago

#22 @desrosj
7 days ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

Note: See TracTickets for help on using tickets.