+44 0330 223 3428
Call Us
+44 0330 223 3428

Dev Blog: GDPR Compliance Tools in WordPress

Dev Blog: GDPR Compliance Tools in WordPress

GDPR compliance is an important consideration for all WordPress websites. The GDPR Compliance team is looking for help to test the privacy tools that are currently being developed in core.

What is GDPR?

GDPR stands for General Data Protection Regulation and is intended to strengthen and unify data protection for all individuals within the European Union. Its primary aim is to give control back to the EU residents over their personal data.

Why the urgency? Although the GDPR was introduced two years ago, it becomes  enforceable starting May 25, 2018.

Make WordPress GDPR Compliance Team

Currently, the GDPR Compliance Team understands that helping WordPress-based sites become compliant is a large and ongoing task. The team is focusing on creating a comprehensive core policy, plugin guidelines, privacy tools and documentation. All of this requires your help.

The GDPR Compliance Team is focusing on four main areas:

  • Add functionality to assist site owners in creating comprehensive privacy policies for their websites.
  • Create guidelines for plugins to become GDPR ready.
  • Add administration tools to facilitate compliance and encourage user privacy in general.
  • Add documentation to educate site owners on privacy, the main GDPR compliance requirements, and on how to use the new privacy tools.

Don’t we already have a privacy policy?

Yes and no. That said, The GDPR puts tighter guidelines and restrictions. Though we have many plugins that create privacy pages, we need means to generate a unified, comprehensive privacy policy. We will need tools for users to easily come into compliance.

Site owners will be able to create GDPR compliant privacy policy in three steps:

  1. Adding a dedicated page for the policy.
  2. Adding privacy information from plugins.
  3. Reviewing and publishing the policy.

A new “postbox” will be added to the Edit Page screen when editing the policy. All plugins that collect or store user data will be able to add privacy information there. In addition it will alert the site owners when any privacy information changes after a plugin is activated, deactivated, or updated.

There is a new functionality to confirm user requests by email address. It is intended for site owners to be able to verify requests from users for displaying, downloading, or anonymizing of personal data.

A new “Privacy” page is added under the “Tools” menu. It will display new, confirmed requests from users, as well as already fulfilled requests. It will also contain the tools for exporting and anonymizing of personal data and for requesting email confirmation to avoid abuse attempts.

New section on privacy will be added to the Plugin Handbook. It will contain some general information on user privacy, what a plugin should do to be compliant, and also tips and examples on how to use the new privacy related functionality in WordPress.

The new privacy tools are scheduled for release at the end of April or beginning of May 2018.

How can you get involved?

We would love to have your help. The first step is awareness and education. For more information about the upcoming privacy tools see the roadmap.

If you would like to get involved in building WordPress Core and testing the new privacy tools, please join the #gdpr-compliance channel in the Make WordPress Slack group.



Source: WordPress

Related Post
WPTavern: Matt Mullenweg Publishes TED Talk on the Future of Work, Prepares to Launch New Distributed.blog Website

WPTavern: Matt Mullenweg Publishes TED Talk on the Future of Work, Prepares to Launch New Distributed.blog Website Matt Mullenweg is teasing out a new website at distributed.blog with the tagline “The future of work is here.” It’s not clear yet whether subscribers to the mystery blog will be on board for blog posts, a new […]

Read more
WPTavern: WPBrigade Patches Critical Vulnerability in Simple Social Buttons Plugin

WPTavern: WPBrigade Patches Critical Vulnerability in Simple Social Buttons Plugin WPBrigade, the developers behind the Simple Social Buttons plugin, have patched a critical privilege escalation vulnerability. The security issue was discovered by the team at WebARX. Developer and researcher Luka Šikić summarized the vulnerability in a post published this week: Improper application design flow, chained […]

Read more
WPTavern: WPWeekly Episode 345 – The Relationship Between Corporate Cash and Open Source Software

WPTavern: WPWeekly Episode 345 – The Relationship Between Corporate Cash and Open Source Software In this episode, John James Jacoby and I discuss a thought-provoking post published by Morten Rand-Hendriksen that takes a deep look at equity in open source software. Morten suggests that the mantra of decisions are made by those who show up […]

Read more