[wp-trac] [WordPress Trac] #16778: wordpress is leaking user/blog information during wp_version_check()
WordPress Trac
noreply at wordpress.org
Wed Dec 7 18:08:25 UTC 2016
#16778: wordpress is leaking user/blog information during wp_version_check()
----------------------------+-----------------------
Reporter: investici | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone:
Component: Administration | Version:
Severity: minor | Resolution:
Keywords: has-patch | Focuses:
----------------------------+-----------------------
Comment (by idea15):
When we're talking about the data being passed it's important to clarify
whether it contains personal information or identifiers. Aggregated and
de-identified data is not in violation of European laws or directives,
although users should still have a right to opt out of it.
GDPR is a fresh opportunity to build in better privacy structures and
legal certainty. Although it is a European law, it creates a very healthy
baseline for all users (see, for example, yesterday's piece on tracking
data which European Uber users have a legal right to see but US users
don't.) Everyone needs to be working in implementations for their own
businesses and sites in any case ahead of deadline day, in addition to any
changes that need to be made in the WP code. Start there by working
towards specific requirements for GDPR compliance, rather than being
sidetracked by a general discussion of ethics.
Suggest we loop in the A8c legal team on further discussions of this as
they'll be needing to appoint a DPO as part of GDPR, and these questions
will be part of that person's job.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/16778#comment:74>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list