[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information

WordPress Trac noreply at wordpress.org
Fri Sep 20 21:10:15 UTC 2019


#14682: Privacy leakage: gravatars leak identity information
-----------------------------+------------------------------
 Reporter:  jmdh             |       Owner:  (none)
     Type:  defect (bug)     |      Status:  reopened
 Priority:  normal           |   Milestone:  Awaiting Review
Component:  Privacy          |     Version:  3.0
 Severity:  normal           |  Resolution:
 Keywords:  privacy-roadmap  |     Focuses:
-----------------------------+------------------------------

Comment (by fawp):

 I have just come across this. I am appalled that some WP devs consider
 this an a non-issue. Unfortunately this may be the case in some regions /
 jurisdictions but it is certainly **not** the case in others. For example
 in the European Union a recent privacy directive states :

 "Organizations in breach of GDPR can be fined up to 4% of annual global
 turnover or €20 Million (whichever is greater). This is the maximum fine
 that can be imposed for the most serious infringements e.g.not having
 sufficient customer consent to process data or violating the core of
 Privacy by Design concepts."

 This is a feature provided by core and ''it is clearly flawed'', fullstop.

 So far I have been considering WP for some projects but this is not a
 point in its favor.

 Site owners/admins can't be burdened with liabilities such as this. That
 some WP devs show a cavalier attitude towards privacy is simply not good
 enough in 2019.

 This needs to be fixed, and fast.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/14682#comment:48>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list