[wp-trac] [WordPress Trac] #51156: Create developer documentation for disclosures.json

WordPress Trac noreply at wordpress.org
Fri Aug 28 10:09:33 UTC 2020


#51156: Create developer documentation for disclosures.json
----------------------------------+--------------------------------------
 Reporter:  carike                |       Owner:  (none)
     Type:  enhancement           |      Status:  new
 Priority:  normal                |   Milestone:  5.6
Component:  Privacy               |     Version:  trunk
 Severity:  normal                |  Resolution:
 Keywords:  needs-privacy-review  |     Focuses:  docs, template, privacy
----------------------------------+--------------------------------------
Description changed by carike:

Old description:

> **Background:**
>
> The Disclosures Tab is an initiative that is underway in the Core Privacy
> Team.
> The aim is to help site owners / admins better understand what
> information their site (plugins, themes and Core) collects, where the
> information is stored and where it is sent - and in particular, who it is
> shared with.
> We hope to help site owners / admins make more informed privacy choices
> (e.g. when choosing which plugin to install) and to better understand
> their risk profile when it comes to privacy.
> For the most part, the actual "controlling" is planned for a sibling
> plugin, the Permissions Tab, which is not currently intended to be merged
> into Core, as this will contain more advanced settings.
> You can read more about the various privacy initiatives here:
> https://make.wordpress.org/core/2020/08/19/minutes-core-privacy-
> meeting-19-august-2020/
>
> **The Challenge:**
>
> To make #51092 understandable for plugin, theme and core developers, by
> providing a template and illustrative examples.
>
> **Scope:**
>
> The following tickets represent milestones for the Disclosures Tab:
>
> #51092 proposes the schema.
> [] will be created for the validation of the schema by Core.
> [] will be created for internationalization.
> This ticket only deals with developer documentation.
> #51144 proposes a UI for site-level privacy disclosures and related
> settings.
>
> **The Solution:**
>
> Illustrative example: Compatibility
>
> In this example, a plugin author would like to disclose which Privacy
> Tools they, in good faith, believe that they are compatible with.
> The author would include the following in a file named disclosures.json
> in the plugin's main folder to indicate that:
> - The code is compatible with Core's tool to export Protected Personal
> Information;
> - The code is compatible with Core's tool to erase Protected Personal
> Information;
> - The code is compatible with the Consent API;
> - The code is compatible with the Disclosures Tab;
> - The code is not compatible with the Permissions Tab.
>
> {{{#!php
> <?php
> {
>    "compatibility": {
>       "ppiExport": [
>          TRUE
>       ],
>       "ppiErasure": [
>          TRUE
>       ],
>       "consentAPI": [
>          TRUE
>       ],
>       "disclosuresTab": [
>          TRUE
>       ],
>       "permissionsTab": [
>          FALSE
>       ]
>    }
> }
> }}}
>
> Illustrative example: Monetization
>
> In this example, a theme author would like to disclose their monetization
> practices.
> The theme author would include the following in a file named
> disclosures.json in the theme's main folder to indicate that:
> - The code contains or generates promotion for other products or services
> from the same author(s);
> - The code does not contain or generate requests for, or a mechanism to
> donate to the author(s);
> - The code contains or requests a backlink, in the form of a footer
> credit;
> - The code does not contain or generate affiliate links;
> - The code does not contain or generate paid promotion for products or
> services from others who are not the author(s).
>
> {{{#!php
> <?php
> {
>    "monetization": {
>       "upsells": [
>          TRUE, "https://example.com/ToS/devsite/"
>       ],
>       "donations": [
>          FALSE
>       ],
>       "backlinks": [
>          TRUE, "https://example.com/ToS/devsite/"
>       ],
>       "affiliates": [
>          FALSE
>       ],
>       "advertising": [
>          FALSE
>       ]
>    }
> }
> }}}

New description:

 **Background:**

 The Disclosures Tab is an initiative that is underway in the Core Privacy
 Team.
 The aim is to help site owners / admins better understand what information
 their site (plugins, themes and Core) collects, where the information is
 stored and where it is sent - and in particular, who it is shared with.
 We hope to help site owners / admins make more informed privacy choices
 (e.g. when choosing which plugin to install) and to better understand
 their risk profile when it comes to privacy.
 For the most part, the actual "controlling" is planned for a sibling
 plugin, the Permissions Tab, which is not currently intended to be merged
 into Core, as this will contain more advanced settings.
 You can read more about the various privacy initiatives here:
 https://make.wordpress.org/core/2020/08/19/minutes-core-privacy-
 meeting-19-august-2020/

 **The Challenge:**

 To make #51092 understandable for plugin, theme and core developers, by
 providing a template and illustrative examples.

 **Scope:**

 The following tickets represent milestones for the Disclosures Tab:

 #51092 proposes the schema.
 [] will be created for the validation of the schema by Core.
 [] will be created for internationalization.
 This ticket only deals with developer documentation.
 #51144 proposes a UI for site-level privacy disclosures and related
 settings.

 **The Solution:**

 Illustrative example: Licensing

 In this example, a theme author would like to disclose the licenses that
 apply to the theme and its assets.
 The author would include the following in a file named disclosures.json in
 the theme's main folder to indicate that:
 - Their theme itself is licensed under the General Public License version
 2;
 - They make use of images, which are locally included in the theme, all of
 which they found on the "My Stock Photos" site;
 - They make use of the Google Fonts CDN to serve the Andika, Cousine fonts
 and Ubuntu fonts.

 {{{#!php
 <?php
 {
    "licenses": {
       "code": [
          "https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html"
       ],
       "localAssets": [
          "https://creativecommons.org/publicdomain/zero/1.0/legalcode"
       ],
       "remoteAssets": [
          "https://scripts.sil.org/cms/scripts/page.php?item_id=OFL_web",
 "http://www.apache.org/licenses/LICENSE-2.0.html",
 "https://ubuntu.com/legal/font-licence"
       ]
    }
 }
 }}}

 Illustrative example: Compatibility

 In this example, a plugin author would like to disclose which Privacy
 Tools they, in good faith, believe that they are compatible with.
 The author would include the following in a file named disclosures.json in
 the plugin's main folder to indicate that:
 - The code is compatible with Core's tool to export Protected Personal
 Information;
 - The code is compatible with Core's tool to erase Protected Personal
 Information;
 - The code is compatible with the Consent API;
 - The code is compatible with the Disclosures Tab;
 - The code is not compatible with the Permissions Tab.

 {{{#!php
 <?php
 {
    "compatibility": {
       "ppiExport": [
          TRUE
       ],
       "ppiErasure": [
          TRUE
       ],
       "consentAPI": [
          TRUE
       ],
       "disclosuresTab": [
          TRUE
       ],
       "permissionsTab": [
          FALSE
       ]
    }
 }
 }}}

 Illustrative example: Monetization

 In this example, a theme author would like to disclose their monetization
 practices.
 The theme author would include the following in a file named
 disclosures.json in the theme's main folder to indicate that:
 - The code contains or generates promotion for other products or services
 from the same author(s);
 - The code does not contain or generate requests for, or a mechanism to
 donate to the author(s);
 - The code contains or requests a backlink, in the form of a footer
 credit;
 - The code does not contain or generate affiliate links;
 - The code does not contain or generate paid promotion for products or
 services from others who are not the author(s).

 {{{#!php
 <?php
 {
    "monetization": {
       "upsells": [
          TRUE, "https://example.com/ToS/devsite/"
       ],
       "donations": [
          FALSE
       ],
       "backlinks": [
          TRUE, "https://example.com/ToS/devsite/"
       ],
       "affiliates": [
          FALSE
       ],
       "advertising": [
          FALSE
       ]
    }
 }
 }}}

--

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/51156#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list