[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information
WordPress Trac
noreply at wordpress.org
Tue Sep 10 14:57:02 UTC 2019
#14682: Privacy leakage: gravatars leak identity information
-----------------------------+------------------------------
Reporter: jmdh | Owner: (none)
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Privacy | Version: 3.0
Severity: normal | Resolution:
Keywords: privacy-roadmap | Focuses:
-----------------------------+------------------------------
Comment (by flimm):
At the very least, the text displayed to users "Your email address will
not be published." should be changed to "Your email address may be
published." (The text should not be merely deleted!) Some of the years old
comments argue that users do not care or need their email address to stay
private. If that is the case, then it should be a no-brainer to change the
text as I suggested, and users will be well-informed and will choose not
to care.
We shouldn't merely think about website users, we also need to think about
website builders who are choosing to use WordPress to build their
websites. Are we putting them in legal jeopardy? Some of them are making
legal promises to their users about their privacy, and these website
builders may be misled by WordPress' promise that commenters' emails will
not be published. I assume that there are implications under the EU's GDPR
law as well, as well as laws in other places. I'm confident that an email
address is considered personal data under such laws, although IANAL.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/14682#comment:47>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list