Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 4 years ago

#44373 closed enhancement (fixed)

Add a privacy setting to disable comment cookie consent

Reported by: mirkoschubert's profile mirkoschubert Owned by: azaozz's profile azaozz
Milestone: 4.9.8 Priority: normal
Severity: blocker Version: 4.9.6
Component: Privacy Keywords: has-patch
Focuses: ui, administration Cc:

Description

The administrator of the WordPress site should have a way to disable saving commenter cookies and the comment cookie consent checkbox for non-logged-in users completely.

Explanation: Storing Cookies to remember some fields of the comment form isn't particularly necessary. Since the GDPR has a concept of data reduction and data economy, many administrators may decide to pass on this feature in order to save less cookies.

Attachments (1)

44373.patch (5.3 KB) - added by azaozz 6 years ago.

Download all attachments as: .zip

Change History (36)

#1 @desrosj
6 years ago

  • Summary changed from GDPR: Add a privacy setting to disable comment cookie consent to Add a privacy setting to disable comment cookie consent

#2 @azaozz
6 years ago

Actually at the moment there doesn't seem to be a requirement to have cookies consent for non-tracking cookies. In that terms I agree that showing the "comment cookies opt-in checkbox" in the comments form should be optional.

This is also somewhat related to #43857. Commenter cookies are sometimes used to give feedback to the commenter, usually showing the comment only to the commenter when it is still awaiting moderation. After #43857 gets is, they will not be needed for that any more.

Last edited 6 years ago by azaozz (previous) (diff)

@azaozz
6 years ago

#3 @azaozz
6 years ago

  • Milestone changed from Awaiting Review to 4.9.7

In 44373.patch: add a checkbox to the Settings -> Discussion screen for disabling/enabling of showing the commenter cookies opt-in checkbox in the comment form.

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


6 years ago

#5 @desrosj
6 years ago

  • Keywords has-patch added

#6 @ocean90
6 years ago

  • Milestone changed from 4.9.7 to 4.9.8

4.9.7 has been released, moving to next milestone.

This ticket was mentioned in Slack in #core by jon_bossenger. View the logs.


6 years ago

#8 @pbiron
6 years ago

  • Keywords needs-testing reporter-feedback added

This ticket was mentioned in Slack in #core by joshuawold. View the logs.


6 years ago

#10 @azaozz
6 years ago

  • Owner set to azaozz
  • Resolution set to fixed
  • Status changed from new to closed

In 43469:

Privacy: Add a setting to disable comment cookie consent.

Fixes #44373.

#11 @azaozz
6 years ago

  • Keywords fixed-major added; needs-testing reporter-feedback removed
  • Resolution fixed deleted
  • Status changed from closed to reopened

Reopen for 4.9.8.

#12 @azaozz
6 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 43470:

Privacy: Add a setting to disable comment cookie consent.

Merges [43469] to the 4.9 branch.
Fixes #44373.

#13 follow-up: @ocean90
6 years ago

Unless I'm missing something, that commit message should have been "Add a setting to enable comment cookie consent." as it's now off by default, even for existing installs which will update to the next version.

When people updated to 4.9.6 they suddenly had the checkbox. Some of them were probably happy about it, now, after updating to 4.9.8, the checkbox will disappear without further notice. Is that really the expected behaviour?
If something is off by default, don't we have to question ourselves why it's still part of core?

#14 @SergeyBiryukov
6 years ago

  • Keywords 2nd-opinion added
  • Resolution fixed deleted
  • Status changed from closed to reopened

Reopening to address comment:13.

Seems like the show_comments_cookies_opt_in option introduced in [43469] should be enabled by default.

#15 @SergeyBiryukov
6 years ago

This also affects the unit test in #44126.

#16 follow-up: @johnbillion
6 years ago

  • Keywords needs-patch added; has-patch fixed-major 2nd-opinion removed

This commit didn't address the original report in this ticket either.

The administrator of the WordPress site should have a way to disable saving commenter cookies and the comment cookie consent checkbox for non-logged-in users completely.

This ticket was mentioned in Slack in #core by jon_bossenger. View the logs.


6 years ago

#18 @SergeyBiryukov
6 years ago

comment:2 makes sense, however introducing a new option that's disabled by default is less than ideal and seems to go against the WordPress philosophies.

At the latest bug scrub the consensus was to revert [43469] and try again in a future release. Once #43857 gets in, maybe the option won't be needed any more.

#19 @SergeyBiryukov
6 years ago

In 43525:

Privacy: Remove the setting to enable comment cookies consent added in [43469].

This needs some more work to ensure expected behaviour.

See #44373.

#20 @SergeyBiryukov
6 years ago

In 43526:

Privacy: Remove the setting to enable comment cookies consent added in [43469].

This needs some more work to ensure expected behaviour.

Merges [43525] to the 4.9 branch.
See #44373.

#21 @SergeyBiryukov
6 years ago

  • Milestone changed from 4.9.8 to 4.9.9

#22 follow-ups: @azaozz
6 years ago

  • Keywords has-patch added; needs-patch removed
  • Milestone changed from 4.9.9 to 4.9.8
  • Severity changed from normal to blocker

Who decided to revert this fix? Could you please post the reasoning here?

In 4.9.6 comment consent checkbox was "forced" on by default without being needed (lawfully). If the option to disable it is removed, I think we should remove the actual "comment consent" checkbox too.

I'd consider this fix a blocker for 4.9.8.

Last edited 6 years ago by azaozz (previous) (diff)

#23 in reply to: ↑ 13 @azaozz
6 years ago

Replying to ocean90:

When people updated to 4.9.6 they suddenly had the checkbox. Some of them were probably happy about it...
If something is off by default, don't we have to question ourselves why it's still part of core?

Yeah, the "commenter cookies checkbox" was forced on all users without them being able to do anything about it. That was "overdoing it" (as we see now), there is no legal requirement for such consent. In that terms forcing the "commenter cookies checkbox" on by default should be treated as a bug. This ticket/patch simply fixed that bug.

#24 in reply to: ↑ 16 @azaozz
6 years ago

Replying to johnbillion:

This commit didn't address the original report in this ticket either.

Right. Disabling commenter cookies also disables some functionality (see a comment held for moderation). There is #43857 to implement that functionality independently of commenter cookies. I'd consider the second part of this ticket possible once #43857 is fixed/implemented.

#25 in reply to: ↑ 22 ; follow-up: @pbiron
6 years ago

Replying to azaozz:

Who decided to revert this fix? Could you please post the reasoning here?

In 4.9.6 comment consent checkbox was "forced" on by default without being needed (lawfully). If the option to disable it is removed, I think we should remove the actual "comment consent" checkbox too.

I'd consider this fix a blocker for 4.9.8.

This ticket was discussed during yesterday's bug scrub, starting here.

The reason for punting was because of comment 13 and comment 16. Those present during the bug scrub didn't feel well versed in the subject matter to make the call that we should ignore those comments.

#26 in reply to: ↑ 22 ; follow-up: @SergeyBiryukov
6 years ago

Replying to azaozz:

Who decided to revert this fix? Could you please post the reasoning here?

My reasoning for supporting the release leads' decision is stated above: introducing a new option that's disabled by default is less than ideal and seems to go against the WordPress philosophies.

In 4.9.6 comment consent checkbox was "forced" on by default without being needed (lawfully). If the option to disable it is removed, I think we should remove the actual "comment consent" checkbox too.

I agree, If the comment consent checkbox is not legally required, I think it's better to remove it altogether instead of introducing an option. Someone could write a plugin to re-add it.

#27 in reply to: ↑ 25 @azaozz
6 years ago

Replying to pbiron:

This ticket was discussed during yesterday's bug scrub, starting here.

Yeah, sorry I wasn't present. I'm having some health issues and am currently off (or trying to be..).

The reason for punting was because of comment 13 and comment 16.

Hmm, the reasons to remove this bugfix right before RC are:

  • "May have had a better commit message.."
  • A question what is the expected behaviour.
  • A question "If something is off by default, don't we have to question ourselves why it's still part of core?" (There are quite a few options/checkboxes that are off by default so this is rather a rhetorical question).

None of these look like a good, valid reason to revert something... :)

I also don't consider comment 16 to be a reason for reverting a bugfix (it's a technicality). If you really really want, we can open another ticket and repurpose this one, although this will be more confusing.

#28 in reply to: ↑ 26 ; follow-up: @azaozz
6 years ago

Replying to SergeyBiryukov:

If the comment consent checkbox is not legally required, I think it's better to remove it altogether...

That's a viable option too, although I think it is too late to make this choice / this change right before RC.

This option/checkbox is pretty much the same as the other comment options / checkboxes. WordPress has a feature to show a commenter cookies consent checkbox in the comments form, pretty much like it has a feature to make commenter name and email mandatory. I really don't see why this is becoming a problem now and not a month ago when it was committed :)

#29 @mirkoschubert
6 years ago

I think, I need to clarify something...

My intent to open this ticked was not only to have the ability to remove the checkbox. Users should also have the ability not to save a cookie with the commenter's credentials at all.

You're right, there is no legal requirement to opt-in this kind of cookie, but commenters should be informed that a cookie will be saved.

Last edited 6 years ago by mirkoschubert (previous) (diff)

#30 in reply to: ↑ 28 @SergeyBiryukov
6 years ago

Replying to azaozz:

That's a viable option too, although I think it is too late to make this choice / this change right before RC.

This option/checkbox is pretty much the same as the other comment options / checkboxes. WordPress has a feature to show a commenter cookies consent checkbox in the comments form, pretty much like it has a feature to make commenter name and email mandatory. I really don't see why this is becoming a problem now and not a month ago when it was committed :)

Fair enough, I guess it's too late to make last-minute changes here. We can revert the revert :) and create a new ticket for removing the checkbox and the option in a future release.

Introducing an option that's going to be removed doesn't seem ideal, but probably won't make a huge difference if the checkbox is also going to be removed.

Replying to mirkoschubert:

My intent to open this ticked was not only to have the ability to remove the checkbox. Users should also have the ability not to save a cookie with the commenter's credentials at all.

Per comment:2, the cookie can be removed once #43857 gets in.

#31 @SergeyBiryukov
6 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 43531:

Privacy: Revert [43525].

The commenter cookies checkbox is not legally required, so should be disabled by default.

Fixes #44373.

#32 @SergeyBiryukov
6 years ago

In 43532:

Privacy: Revert [43525].

The commenter cookies checkbox is not legally required, so should be disabled by default.

Merges [43531] to the 4.9 branch.
Fixes #44373.

#33 @pputzer
6 years ago

Unfortunately, the patch introduced in this ticket does not work as expected. When the checkbox is disabled, no cookies are set. This is what @mirkoschubert wanted to achieve originally, but it is not expected behavior from the wording of the new setting in options-discussion.php (which is why I've opened #44736).

Version 0, edited 6 years ago by pputzer (next)

#34 @superpoincare
6 years ago

There are 3 things.

  1. no comment cookies whatsover, which doesn't require user consent
  2. comment cookies or no cookies based on user consent.
  3. comment cookies always with no need for the consent.

This ticket/fix however has mixed option 1 and 3.

Wordpress admins might want 3 and end up choosing 1.

#35 @garrett-eclipse
4 years ago

  • Focuses privacy removed

Dropping privacy focus as it's already in the Privacy component.

Note: See TracTickets for help on using tickets.