Make WordPress Core

Opened 12 months ago

Last modified 4 weeks ago

#46884 new enhancement

Add option to allow individual child-site Privacy Policy pages on multisite

Reported by: gserafini Owned by:
Milestone: 5.5 Priority: normal
Severity: normal Version:
Component: Privacy Keywords:
Focuses: administration, multisite, privacy Cc:


This is a follow-up to #43935.

I run a couple of multisite installations (all currently running the latest WordPress 5.1.1), none of which fall in the category of "we need only a single privacy policy page to cover all child sites". I just ran into a situation where I (as superadmin) was helping edit content on a child site, and selected the Privacy Policy / Terms page for that site as the official Privacy Policy page (if I remember, it was in response to a notice suggesting I select a Privacy Page). I don't remember seeing any warning / notification that by doing so I would be disabling editing that page for the regular site admins of the child site. In order to restore editing of this page for site admins, my choice was to either give them manage_network capabilities (not ideal), or unselect the page as the official Privacy Policy for the site, which is what I ended up doing (and also lose the useful functionality that the built-in Privacy Policy stuff gives, suggested inclusions from plugins etc).

I see from the discussion in #43935 that it's suggested to use a plugin to allow admins to assign (and then edit) indvidual privacy policy pages. My suggestion is to change the behavior to allow setting individual child site Privacy Policies (thereby increasing usage & adoption of this feature), or alternately add some UI / messaging if the behavior is going to stay the same to reduce confusion.

Preferred suggestion for improved functionality and adoption of Privacy Policy functionality:

Add a new Network > Settings option that toggles between a single selectable network-wide Privacy Policy page (this would address the use case envisioned in #43935 where it is desirable to have a single Privacy Policy), or (new behavior) allow individual child sites to set their own Privacy Policies (in which case, let normal page editing capabilities apply and keep it a regular page that has extra options / suggestions).

Proposed new Network > Settings option:

Network Privacy Policy:
[ x ] Allow child sites to specify their own Privacy Policy page (default)
[ ] Use a single network-wide Privacy Policy page <select site, then select page> << reveal if radio button is selected

If the first option is selected, disable Privacy Policy functions on child sites (maybe include in menus as an option though ("Network Privacy Policy" as a type of URL to include in a menu might be helpful).

If the behavior is not going to change in the short term, let's please improve the messaging:

On multisite, clearly state that selecting a page as a Privacy Policy page will then cause it to only be editable by superadmins, and if editing the selected Privacy Policy page, display a similar notice so that people aren't confused why regular site admins or editors can't edit the page.

Change History (1)

#1 @garrett-eclipse
4 weeks ago

  • Milestone changed from Awaiting Review to 5.5
Note: See TracTickets for help on using tickets.