+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: WordPress 4.9.6 Beta 1 Adds Tools for GDPR Compliance

WPTavern: WordPress 4.9.6 Beta 1 Adds Tools for GDPR Compliance

WordPress 4.9.6 Beta 1 is available for testing. It’s the first step in bringing GDPR (Global Data Protection Regulation) tools to WordPress. In addition to 10 bugs being fixed, this release heavily focuses on privacy enhancements.

One of the first changes is the addition of a Privacy tab on the successful update screen. The message informs users that their sites may send data to WordPress.org for plugin and theme updates with a link to the WordPress.org privacy policy.


WordPress 4.9.6 Privacy Information

Privacy Policy Page Creation and Template

WordPress 4.9.6 includes the ability to create a Privacy Policy page from the backend. Simply browse to Settings > Privacy and select an existing page or create a new one where the policy will be displayed.


Privacy Policy Page Settings

Privacy policy pages will likely become as ubiquitous as About Us pages thanks to the GDPR, but the information that’s displayed is unique to individual sites. WordPress helps out by providing a template with suggestions on what information to display.


Privacy Policy Template

Personal Data Export and Removal Tools

To comply with the GDPR, sites need to provide a way for users to obtain their personal data and request that it be removed. WordPress 4.9.6 does not give users a button to make these requests. Instead, a site’s privacy policy needs to  include information on where to send such requests.

Once a request for a data export or removal is received, site administrators or the Data Protection Officer can browse to Tools > Export Personal Data or Tools > Remove Personal Data and send that user a verification request.


Export Personal Data Verification UI


Data Removal Request Verification UI

When an admin enters a username or email address into the send request field, they’ll receive an email with a confirmation link. Once clicked, the site will display an Action Confirmed notice and that the site administrator has been notified and will fulfill the request as soon as possible.

Here’s what a confirmed notice looks like in the backend.


Confirmed Data Export Request

One thing I noticed is that after a user confirms the request, the site administrator has no way of knowing that they confirmed unless they visit the Data Export or Removal page.

Perhaps a new notification bubble can be created, similar to pending comments and updates that takes admins to the appropriate place for confirmed requests.

When WordPress finishes creating the zip file, a link is sent to the user. For security purposes, the file will automatically be deleted after 72 hours.


My Personal Data Export

To test this feature, I exported my personal data from WP Tavern. My data export arrived in a zip file as one Index.html file. This file contains my comments, user meta data, links to attachments, and more. The data provides me with an opportunity to see what data the site has and what would be deleted if I requested full data removal.

Commenter Cookie Notification and Opt-in

Cookies save data so that visitors don’t have to fill in the Author, URL, and Email fields each time they want to leave a comment. In 4.9.6, visitors will be informed of this data storage and will need to check mark a box to opt-in.


Checkbox For Consenting to Data Storage

WordPress 4.9.6 isn’t your typical minor release. It introduces new UI, options, and a bunch of privacy related enhancements. The development team is aiming to officially release 4.9.6 before GDPR goes into effect later this month, but these features need battle tested now, especially on multi-site configurations.

I encourage you to check out 4.9.6 on a staging site and go through the process of requesting, confirming, and obtaining user data. Now is a good time to experience what users will be going through.

You can download WordPress 4.9.6 beta 1 here or obtain it by using the WordPress Beta Tester plugin. If you encounter any issues, please report them on the Alpha/Beta section of the support forums.



Source: WordPress

Related Post
WPTavern: AMP Plugin for WordPress Version 1.0 Introduces Gutenberg-Integrated AMP Validation

WPTavern: AMP Plugin for WordPress Version 1.0 Introduces Gutenberg-Integrated AMP Validation Version 1.0 of the official AMP plugin for WordPress was released on the eve of WordCamp US, after two years in development by contributors from Automattic, XWP, and Google. This first stable version has a massive changelog with 30 people credited for their contributions. […]

Read more
WPTavern: WordPress 5.0 “Bebo” Released, Lays A Foundation for the Platform’s Future

WPTavern: WordPress 5.0 “Bebo” Released, Lays A Foundation for the Platform’s Future In 2016 at WordCamp US in Philadelphia, PA, Matt Mullenweg announced to the world that a new post and page editor would be coming to WordPress. “The editor does not represent the core of WordPress publishing,” Mullenweg said. His vision of the editor […]

Read more
Dev Blog: WordPress 5.0 “Bebo”

Dev Blog: WordPress 5.0 “Bebo” Say Hello to the New Editor We’ve made some big upgrades to the editor. Our new block-based editor is the first step toward an exciting new future with a streamlined editing experience across your site. You’ll have more flexibility with how content is displayed, whether you are building your first […]

Read more