Make WordPress Core

Opened 17 months ago

Last modified 14 months ago

#44222 new enhancement

Add Archive state to data erasure requests

Reported by: garrett-eclipse Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Privacy Keywords: needs-patch
Focuses: administration Cc:
PR Number:



A suggestion for v2 of GDPR is to add an archive/trash state and list view to erasure requests.

Currently, the last state/phase in the erasure process is 'Completed' with the 'Next Steps' action being 'Remove request'.

This automatically prompts the admin to remove and clear the deck. In many if not most cases though the site holds backups which upon site failure will be used to restore the site/content and thus the users PII data. Under GDPR my understanding is the admin is required to re-remove the users data.

Backups are partially safe with GDPR because they are required for site security/integrity, but under retention can only be kept for a reasonable timeframe.

So I was thinking a way to safeguard admins would be to introduce a trash/archive which would have the action for Completed be 'Archive' instead of 'Remove'. This would place the request in the trash and remove from the 'All' view to reduce the clutter. On a new Trash view you're find these requests with the ability to delete permanently.

And I think I heard something about privacy settings at some point in slack which could allow a retention period setting for these archives be set and a cron to auto-remove. So admins would be able to have their database retention and erasure archive retention periods basically match. This would enable them to use the archive list, export it possible, and use it to re-remove users upon database restore.

Most of it is up to the admin to disclose their backup policy and how they'll re-remove users but would definitely help safeguard them from losing requests by running through the workflow too quickly.

Hope that mostly makes sense, mainly just wanted the idea out there.

All the best,
*Note: Most of this is to 'my understanding' so I defer to those more versed in the new regulations.

Change History (6)

This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.

17 months ago

#2 @desrosj
17 months ago

Possibly related: #43912.

#3 @desrosj
16 months ago

  • Keywords needs-patch added
  • Summary changed from GDPR - Add Archive state to erasure requests to Add Archive state to data erasure requests
  • Version trunk deleted

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.

14 months ago

#5 @desrosj
14 months ago

Related: #44707.

#6 @garrett-eclipse
14 months ago

As #44674 is being committed as just 'Delete' wanted to flag that if this moves forward then the verbiage mentioned in that ticket will need to be revisited if an Archive state is implemented.

Note: See TracTickets for help on using tickets.