#62377 closed enhancement (duplicate)
Remove telemetry from update.php
Reported by: | ianatkins | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 6.6.2 |
Component: | Upgrade/Install | Keywords: | |
Focuses: | privacy | Cc: |
Description
Why is the install URL, user counts and additional information being sent to WordPress.org:
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/update.php#L199
I don't think it's obvious this behaviour happens and exposes what would have been considered private installs ( Intranets, non public sites, locally developed install's etc ).
I can't find any history as to why that is there, besides discussion of privacy concerns that were ignored on the ticket below regarding adding user counts:
https://core.trac.wordpress.org/ticket/12672
What purpose does it serve? If it serves a purpose where and how is the data logged, and what security measures are in place to keep the data secure?
Given GDPR, if this is to be retained, there should be an obvious consent checkbox when installing WordPress ( the site install URL could contain PIP and you have no way of knowing ).
It is also unclear who controls the data that is being sent. Presumably it is Matt in a personal capacity as the owner of wordpress.org and Matt is the DPO ( data protection officer )? If the wordpress.org server is located in the US, then for EU installs there is also a data transfer to consider.
I think this should be a process based on consent, if being retained, or the data anonymised if it's being used for internal metrics.
Would appreciate some clarity on the purpose and usage.
Change History (2)
#1
@
2 months ago
- Milestone Awaiting Review deleted
- Resolution set to duplicate
- Status changed from new to closed
#2
@
2 months ago
Interesting reading, especially the brevity of Matt's reply on a meeting note:
https://make.wordpress.org/core/2009/12/10/suggest-agenda-items-for-dec-17th-dev-ch/#comment-1042
Seems no one in that ticket is quite sure who actually controls the data. There is some suggestion it's Automattic Inc?
There is this, now archived GIST, listing what is logged - whether that remains current.
https://github.com/wordpress-privacy/info/blob/master/v1archive/Synched-info.md
Seem's whomever controls api.wordpress.org is non-compliant in terms of GDPR ( and probably other privacy frameworks ) and will remain at risk of enforcement.
Further clarity would be appreciated.
This is pretty closely related to #43492, which also has some context around how these values are used.