Make WordPress Core

Opened 21 months ago

Last modified 4 months ago

#44078 new enhancement

Add an email pseudonymization function that preserves first letter and TLD

Reported by: allendav Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version:
Component: Privacy Keywords: needs-patch
Focuses: Cc:
PR Number:

Description (last modified by allendav)

In addition to the existing behavior of wp_privacy_anonymize_data( 'email', $email_address) which returns deleted@…, it would be useful, e.g. for debug logging to have another type that would return pseudonymized email addresses that retain a little bit of the original address, e.g.


could become something like


Where the number of * corresponds to the letters removed, and only the first letter of the email address and the TLD are retained.

See also https://iapp.org/news/a/top-10-operational-impacts-of-the-gdpr-part-8-pseudonymization/

Change History (6)

#1 @allendav
21 months ago

  • Description modified (diff)

#2 @lakenh
21 months ago

I'm not sure if I would consider this pseudonymous with my email, especially for users with custom email domains (like myself). For example, an email I use on several WordPress installs would spit out the following out of this function:

That's still rather unique, imo.

I think a better way would be to either standardize or randomize character lengths. We could still keep the TLD for debugging purposes though, if really necessary. So let's say the standard could be 8 chars for the address and 6 chars for the domain everytime, plus the TLD:

********@******.me is much more anonymous, without losing much debug value.

Perhaps we could look into rounding up to standard characters too, say maybe in tiers of 8 chars (that would preserve even more debug value)

#3 @desrosj
21 months ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

#4 @desrosj
20 months ago

Related: #43175.

#5 @desrosj
19 months ago

  • Keywords gdpr removed

Removing the GDPR keyword. This has been replaced by the new Privacy component and privacy focuses in Trac.

#6 @garrett-eclipse
4 months ago

  • Milestone changed from Awaiting Review to Future Release
Note: See TracTickets for help on using tickets.