[wp-trac] [WordPress Trac] #16778: wordpress is leaking user/blog information during wp_version_check()
WordPress Trac
noreply at wordpress.org
Mon Mar 13 21:40:44 UTC 2017
#16778: wordpress is leaking user/blog information during wp_version_check()
----------------------------+------------------------------
Reporter: investici | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version:
Severity: minor | Resolution:
Keywords: has-patch | Focuses:
----------------------------+------------------------------
Comment (by idea15):
Replying to [comment:93 MattyRob]:
> Replying to [comment:92 WraithKenny]:
Under the current directive and the 2018 regulation, personal data
includes information about a device that an individual uses such as a IP
address, MAC address, browser fingerprint, etc. (This is why analytics are
constantly in regulators' sights.) You do not even have to have the
individual's name, address, billing information, etc to constitute a
personal data record - an IP address attached to a dataset is personal
data.
What I would like to know is - is whatever data is being collected and
passed being pseudonymised. Pseudonymised data (information separated from
personal identifiers which could be put back together as required) is a
special category. It has less stringent requirements and ticks the PBD box
required under GDPR. It is a good place to start where this issue is
concerned.
I would also highly recommend you take a look at Recitals 19, 20 and 21
(pages 16-17) of the draft ePrivacy Directive refresh, which dovetails
with GDPR. http://ec.europa.eu/newsroom/dae/document.cfm?doc_id=41241 It
underlies the need to be absolutely clear about what data is essential for
technical purposes (e.g. version and security updates) and what data is
for non-essential purposes, e.g. telemetry.
Will be at the WCLDN contributor day on Friday if anyone wants to dive
into this.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/16778#comment:94>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list