[wp-trac] [WordPress Trac] #44068: Provide a way to check whether a user's data has been erased
WordPress Trac
noreply at wordpress.org
Thu Jan 17 22:59:37 UTC 2019
#44068: Provide a way to check whether a user's data has been erased
-------------------------+----------------------
Reporter: dennis_f | Owner: (none)
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: Privacy | Version: 4.9.6
Severity: normal | Resolution: invalid
Keywords: | Focuses:
-------------------------+----------------------
Changes (by garrett-eclipse):
* keywords: Logging =>
* status: new => closed
* version: trunk => 4.9.6
* resolution: => invalid
* milestone: Future Release =>
Comment:
Thanks @dennis_f I appreciate you sparking a lively discussion here. I've
closed this ticket as invalid which I'll elaborate on, if you feel there's
outstanding requirements that need to be addressed in core feel free to
re-open with additional information.
I'm specifically closing this ticket as the right to be ignored isn't
actually part of any existing or proposed laws.
The right to be forgotten on the other hand is part of the GDPR
legislation ([Article # 17](https://gdpr-info.eu/art-17-gdpr/)) and covers
erasure and archive retention. WP core provides the erasure request
interface to Admins to assist in erasure requests from site users.
While core wouldn't implement an ignore list as it's not part of
regulations and could pose issues with user experience especially in cases
where an IP is shared (such as an networked office) I would lean towards
more that this type of feature would land in plugin territory if anywhere.
That being said in core there will be logging implementations specifically
for auditing so the functionality they provide may be useful for a ignore
list plugin. [[BR]]
Logging Tickets; #43797, #44043 [[BR]]
As well I agree with your points on the requests shouldn't be removable
for audit/security reasons and the good news is that there is already
tickets to cover that; [[BR]]
Archive Tickets; #44222, #43912 [[BR]]
So potentially, with them being retained you could build a plugin for your
desire to create an ignore list.
With all that being said I would caution that implementing such an ignore
list will essentially block users from returning to consent to the
collection of their data if they change their minds. Also if IPs are used
for the ignore list you would also be blocking any other users residing at
that IP location, this would be without their previous knowledge which
could leave them confused.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44068#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list