[wp-trac] [WordPress Trac] #43809: Add personal data from posts to personal data export
WordPress Trac
noreply at wordpress.org
Tue May 1 10:25:11 UTC 2018
#43809: Add personal data from posts to personal data export
-------------------------------------------------+-------------------------
Reporter: TZ Media | Owner: tz-media
Type: enhancement | Status: assigned
Priority: normal | Milestone: Future
| Release
Component: General | Version:
Severity: normal | Resolution:
Keywords: gdpr has-patch needs-testing has- | Focuses:
unit-tests |
-------------------------------------------------+-------------------------
Changes (by azaozz):
* milestone: 4.9.6 => Future Release
Comment:
Replying to [comment:15 mnelson4]:
I think we already discussed this a month ago and decided that posts are
**NOT** personal data that needs to be exported.
> > Looking more at this: don't think there is any personal data in
posts... We are trying to export parts of the post instead of any user
data as there is no user data in there :)
>
> Right, there usually isn't any user data in posts. But the text of the
GDPR says "‘personal data’ means any information relating to an identified
or identifiable natural person" (https://gdpr-info.eu/art-4-gdpr/) That
sounds like its a bit more extensive than JUST personally-identifiable
data.
Right, but that doesn't mean we should export post content. If we follow
that logic, attachments to the post are also associated with the post
author, right? But someone else may have uploaded an image and the post
author just used it. So why are we giving another person's data to the
post author? What about comments? They are also associated with the post,
do we include them too?
Another relatively common case is that posts are authored by more than one
person. Again, do we want to give someone else's "personal data" to the
post author? What about copyright laws, do we have to break them? :)
Also: which exact part of the GDPR is this complying with?
- The right to see your data? Nope, any registered user can see all of
their posts at any time in (at least) couple of ways: as an archive on the
front-end, and in a list-table in the admin. Please keep in mind that
registered users are "controllers" of their own data.
- The right to reuse your data? Nope, that export cannot be reused as the
post content is not complete. It misses any changes that may have happened
on different actions and filters. The user will be able to get much better
content if copying from an author archive view on the front-end.
IMHO the right thing to do here is punt this for now and eventually come
back to it when it is proven that we **MUST** introduce yet another
(forth?) method of exporting posts.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43809#comment:25>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list