[wp-trac] [WordPress Trac] #44043: Framework for logging/retrieving a users consent state
WordPress Trac
noreply at wordpress.org
Sun May 20 06:43:49 UTC 2018
#44043: Framework for logging/retrieving a users consent state
------------------------------------+------------------------------
Reporter: cookiebot | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Privacy | Version: trunk
Severity: normal | Resolution:
Keywords: gdpr 2nd-opinion close | Focuses:
------------------------------------+------------------------------
Changes (by gisle):
* type: feature request => defect (bug)
Comment:
This ticked seems to confuse granular consent (as required by the GDPR)
and cookie compliance (as required by Directive 2002/58/EC, aka. "the
cookie directive"). I think they need to be kept separate.
A cookie is a rather special type a personal data, because ''you'' do not
store it or control it. The cookie is ''always'' stored on the user's hard
drive, and is at all times fully under the user's control. You can only
access it and the information it contains as long as the user let you. If
the user wants to withdraw consent to you having access to this data, the
user deletes the cookie. End of story. This is why cookie compliance need
to be treated different from consent to process personal data where you
(or a third party acting as a processor for you) control access to the
data.
I simply do not see the need for using an external service (such
''CopyBot'') to handle my users' cookies, or to handle these permissions
myself. What is proposed here is to take some data where the user is
''fully'' in control, and turn into something where the user is only
''partial'' in control. As a controller who cares for my users' privacy, I
think this is a horrible idea.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44043#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list