WordPress.org
Get WordPress

Make WordPress Core

Changes between Version 7 and Version 18 of Ticket #51188


Ignore:
Timestamp:
09/06/2020 03:56:58 PM (5 years ago)
Author:
carike
Comment:

Changed from a milestone for the Consent API to a milestone for Website User Level Consent Management as per the request from @paapst in https://core.trac.wordpress.org/ticket/51188#comment:16

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #51188

    • Property Focuses privacy removed
    • Property Summary changed from Create a structure for consent-related user meta value to Website user level consent management framework (logged in users)
    • Property Version changed from trunk to
    • Property Keywords needs-privacy-review removed
    • Property Type changed from enhancement to feature request

  • Ticket #51188 – Description

    v7 v18  
    22
    33The Consent API is an initiative that is currently underway in the Privacy team.
    4 The code is available in the repository here: https://wordpress.org/plugins/wp-consent-api/
     4The code is available in the plugin repository here: https://wordpress.org/plugins/wp-consent-api/
     5The Feature Plugin proposal is here: https://make.wordpress.org/core/2020/04/01/feature-plugin-proposal-wp-consent-api/
     6While there has been a strong consensus for a long time that a consent management framework is necessary in Core, the Team is still building consensus on what the implementation should look like.
     7One of the disagreements with the proposed feature plugin implementation, is that consent choices made by website users are not going to be reliably available if they are saved in a cookie, because the cookie may expire, or more likely, be cleared.
     8While this is an inherent limitation for users who are not logged in, it is not necessary to subject registered users who are logged in to notice fatigue.
    59More information here: https://make.wordpress.org/core/2020/08/22/request-for-input-consent-preferences-for-logged-in-users-consent-api/
     10In short, it is possible to save the registered users' consent choices in the database.
    611
    712**The Challenge:**
     
    1217
    1318**The Scope:**
    14 This ticket represents a milestone for the Consent API.
     19This ticket represents a milestone for Website User Level Consent Management.
    1520
    1621List of milestones:
    1722
    18 This ticket deals only with the user meta value that is needed to save privacy choices for registered users. Users who are not logged in, or who are not registered, need to be dealt with differently and will be addressed in other tickets.
     23This ticket seeks to answer the following design questions:
     24{{{#!php
     25<?php
     261. Which consent categories should be available by default?
     272. Should plugins be able to add additional consent categories?
     283. If yes to the above, should these be new top-level consent categories,
     29or sub consent categories, or a nested hierarchy of both?
     30}}}
     31
     32It does this by dealing only with the user meta value that is needed to save privacy choices for registered users. Users who are not logged in, or who are not registered, need to be dealt with differently and will be addressed in other tickets.
    1933This ticket only proposes a nested hierarchy and does not explore the necessary validation / sanitization to add consent types, or escaping the output.
     34
    2035[] will be created to create a hook to allow for the logging of consent by plugins.
    2136#51110 proposes a registered website user-level privacy UI.
     
    2338**The Solution:**
    2439
    25 In its current form the Consent API allow for five consent categories:
     40In its current form the Consent API plugin (proposed feature plugin) allows for these five consent categories:
    26411. Functional;
    27422. Preferences;
     
    3247Adding too many consent types would make it unwieldy and unnecessarily complicated for website visitors.
    3348However, there are certainly use cases in which site owners / admins may need more granular control.
     49One of the WordPress Core Coding Philosophies is extendibility.
     50We should not limit the usefulness of this long anticipated Core feature / benefit only a handful of plugins.
    3451
    3552It seems that the best way to do this would be to provide a function in Core that would allow plugins to register **sub**-consent types.
     
    3855
    3956It does not seem desirable to create a consent meta value for the user as soon as the user is created - instead, a consent user meta value should only be created once the registered user has explicitly indicated their choice.
    40 It should be possible to create a hook that would allow for the logging of changes in consent.
     57This would avoid the need for expensive database upgrades.
     58The Website User Level Consent Manager would fall back to site defaults if no meta value exists for the user.
     59
     60It should be possible to create a hook that would allow for the logging of changes in consent (i.e. when the consent user_meta value is updated).
    4161
    4262It does not seem desirable to save multiple user_meta values relating to consent per user, for performance reasons.
     
    127147The above should be appropriately serialized before being saved to the database.
    128148
     149Example 3:
     150
     151This shows a use-case where the website owner needs to cater for legislative consent requirements from various jurisdictions.
     152
     153In this example, the website owner would still like to be able to send first party marketing to website users who choose to opt-out of the sale of their data i.t.o. the CCPA.
     154
     155{{{#!php
     156<?php
     157$consents = array(
     158   'functional' => array(
     159      'comprehensive' => true,
     160      'remainder' => true
     161   ),
     162   'preferences' => array(
     163      'comprehensive' => true,
     164      'remainder' => true
     165   ),
     166   'anon_stats' => array(
     167      'comprehensive' => true,
     168      'remainder' => true
     169   ),
     170   'stats' => array(
     171      'comprehensive' => true,
     172      'remainder' => true
     173   ),
     174   'marketing' => array(
     175      'comprehensive' => false,
     176      'sell_data' => false,
     177      'remainder' => true
     178   )
     179);
     180}}}
     181
    129182**Acknowledgements:**
    130183
    131184Thanks to Rogier for defining the initial 5 categories with input from the privacy team.
     185Thanks to Paapst for the heads-up that consent needs to be re-confirmed if new cookies are added.
    132186Thanks to Retrofitter for inquiring about additional consent categories on P2.
    133187Thanks to Jono for input on a nested structure for consent.