[theme-reviewers] Hidden IP field in theme contact form

Sun May 12 01:46:04 UTC 2013

Let's just layout all the facts.

1. It's common practice for forms to collect IP addresses without
disclosing that info *inline*, whether that be Google, Facebook, Gmail,
WordPress or 90% of the other places/things you can do online. This is
common, normal and not illegal whatsoever.

2. It is solely up to the company whether they disclose specifics in any
sort of privacy policy. Generally this is only to cover their ass in the
first place, not because it's mandatory.

3. It's at the sole discretion of every person on which websites, services,
software, plugins etc they CHOOSE to use and the research time they put in
to understand their own privacy/security.

Now, it would absolutely be nice if every company/person in the world was
fully transparent about everything they did and wrote in-depth
documentation for it. That would be ideal, but it's not the law or anyone's
right to dictate.

This isn't a discussion of ethics. That's subjective and not tangible in
this sense. Just because you don't like that a plugin does something and
doesn't "disclose" or "document" it doesn't mean they should be forced to
or stopped from contributing.

While it would be ideal to do everything in one's power to make their users
happy, safe and warm and fuzzy, someone could simply create a theme or
plugin "as-is" as long as it's GPL, upload it, pass the reviews and then
never update it, support it or provide documentation for it. Again, not
ideal, but that seems like a basic right that shouldn't be messed with.

I think that's what we really need to consider. Just because we might feel
"Hey man, your plugin does this or that, that I don't like." does that mean
that WP.org should dictate how someone supports their work?

Too subjective all around. I feel this is something that can only ever fall
under recommended, not required, because where does it end? Should a web
designer/programmer add instructions, programmer's comments etc for every
single line of code in which someone might find to be a privacy/security
flaw or something that could make your site go boom if they tinkered with
it? Should they hire a lawyer? Insanity, no one would ever get these things
out so that we could use them in the first place.

I think theme and plugin authors (especially for free stuff) and even
WP.org itself can only do so much. At the end of the day, it's 100% the
end-users responsibility to handle their website inside and out.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20130511/43e202c6/attachment.html>