[wp-trac] [WordPress Trac] #44068: Provide a way to check whether a user's data has been erased

WordPress Trac noreply at wordpress.org
Thu Jan 17 22:59:37 UTC 2019 

#44068: Provide a way to check whether a user's data has been erased
-------------------------+----------------------
 Reporter:  dennis_f     |       Owner:  (none)
     Type:  enhancement  |      Status:  closed
 Priority:  normal       |   Milestone:
Component:  Privacy      |     Version:  4.9.6
 Severity:  normal       |  Resolution:  invalid
 Keywords:               |     Focuses:
-------------------------+----------------------
Changes (by garrett-eclipse):

 * keywords:  Logging =>
 * status:  new => closed
 * version:  trunk => 4.9.6
 * resolution:   => invalid
 * milestone:  Future Release =>


Comment:

 Thanks @dennis_f I appreciate you sparking a lively discussion here. I've
 closed this ticket as invalid which I'll elaborate on, if you feel there's
 outstanding requirements that need to be addressed in core feel free to
 re-open with additional information.

 I'm specifically closing this ticket as the right to be ignored isn't
 actually part of any existing or proposed laws.

 The right to be forgotten on the other hand is part of the GDPR
 legislation ([Article # 17](https://gdpr-info.eu/art-17-gdpr/)) and covers
 erasure and archive retention. WP core provides the erasure request
 interface to Admins to assist in erasure requests from site users.

 While core wouldn't implement an ignore list as it's not part of
 regulations and could pose issues with user experience especially in cases
 where an IP is shared (such as an networked office) I would lean towards
 more that this type of feature would land in plugin territory if anywhere.
 That being said in core there will be logging implementations specifically
 for auditing so the functionality they provide may be useful for a ignore
 list plugin.  [[BR]]
 Logging Tickets; #43797, #44043 [[BR]]

 As well I agree with your points on the requests shouldn't be removable
 for audit/security reasons and the good news is that there is already
 tickets to cover that; [[BR]]
 Archive Tickets; #44222, #43912 [[BR]]
 So potentially, with them being retained you could build a plugin for your
 desire to create an ignore list.

 With all that being said I would caution that implementing such an ignore
 list will essentially block users from returning to consent to the
 collection of their data if they change their minds. Also if IPs are used
 for the ignore list you would also be blocking any other users residing at
 that IP location, this would be without their previous knowledge which
 could leave them confused.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/44068#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list