WordPress.org

Make WordPress Core

Opened 12 months ago

Closed 2 months ago

Last modified 2 weeks ago

#46424 closed enhancement (wontfix)

GDPR Enhancements

Reported by: welswebmaster Owned by:
Milestone: Priority: normal
Severity: normal Version: 5.1
Component: Privacy Keywords:
Focuses: privacy Cc:
PR Number:

Description

1- Personalize new email-based method used to confirm personal data requests. For starters, allow custom greeting (HOWDY) and signature (Regards, Site Title) to a more business custom text supplied by admin.

2- GDPR Article 20 https://gdpr-info.eu/art-20-gdpr/ states "right to data protability". New feature to provide method to export in JSON or CSV.

3- Add feature to list GDPR data source either title or URL to be included in data reporting output. Output doesn't say "where" in other plugins that data has been found.Examples: a- User's data request reports 3 entries from Gravity Forms but doesn't state which of the 100+ forms on our site. b- User's data request reports 2 subscriptions for Mailpoet but doesn't state campaign list.

4- Set dashboard widget reminder of open requests with status and days to fullfill each request. That way emailed requests tagged as spam won't be lost.

Thank you for the opportunity to submit enhancements!

Change History (6)

#1 @nobnob
9 months ago

I think this enhancement is necessary not only for the GDPR, but in the whole WordPress core, because if you want to have a formal and serious website, the "Howdy" treatment is not the most appropriate.

Sincerely I hope developers take this improvement into consideration and make it effective in future updates.

Regards.

This ticket was mentioned in Slack in #core-privacy by xkon. View the logs.


2 months ago

#3 @xkon
2 months ago

Hey @welswebmaster & @nobnob!

Let me try to answer to everything :).

No 1 (email personalization): There are already filters in place for changing the text of the emails. You can find out more at:

https://developer.wordpress.org/reference/hooks/user_request_action_email_content/
https://developer.wordpress.org/reference/hooks/user_confirmed_action_email_content/
https://developer.wordpress.org/reference/hooks/wp_privacy_personal_data_email_content/

Essentially altering the text can be easily done by plugins to avoid writing code (there might be some that are already doing it as well).

No 2 (JSON): This was split into #49029 to introduce a JSON as well as it had been discussed earlier as well.

No 3 (identifying where the data came from): Plugins already have the freedom to report their own data to Core so that's up to them to report on which form/campaign and other information is needed that the data have been gathered from. The tools are there but it's up to the plugin authors to utilize them as much as possible.

And finally No 4 (widget): It's not a bad idea at all in my opinion and we can discuss that on our weekly meetings to see what we can come up with!

This ticket was mentioned in Slack in #core-privacy by xkon. View the logs.


2 months ago

#5 @xkon
2 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to wontfix
  • Status changed from new to closed

As a follow-up, I've also split the dashboard related information to #49035.

I'll close this for now as a "wontfix" since everything has been answered & split into other tickets as needed but feel free to reply if there's anything that I've missed!

#6 @SergeyBiryukov
2 weeks ago

In 47146:

Privacy: Introduce a JSON file into the personal data export.

The produced ZIP archive will now include an export.json file along with the current index.html.

Props xkon.
Fixes #49029. See #46424.

Note: See TracTickets for help on using tickets.