[wp-trac] [WordPress Trac] #49357: Admin intervention for personal data export really needed?

WordPress Trac noreply at wordpress.org
Thu Feb 6 11:50:54 UTC 2020


#49357: Admin intervention for personal data export really needed?
-------------------------+--------------------------------------
 Reporter:  rconde       |       Owner:  xkon
     Type:  enhancement  |      Status:  accepted
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Privacy      |     Version:  trunk
 Severity:  normal       |  Resolution:
 Keywords:               |     Focuses:  administration, privacy
-------------------------+--------------------------------------
Changes (by xkon):

 * owner:  (none) => xkon
 * status:  new => accepted
 * focuses:   => administration, privacy


Comment:

 Replying to [comment:5 rconde]:
 > For the "As far as 3/4 goes" and "a higher level of automation may be
 highly desirable.", do you think a medium to large organizations, say a WP
 installation with 100.000 users where 5% of them request their data
 download out of curiosity, a DPO is checking manually 5.000 request just
 in case something is missing? I don't really think that. 5.000 manual
 clicks for sending the export link to each user? Nah.

 I'm not disagreeing with this, that's why as mentioned we already talked
 about it during our weekly meetings and we agreed that we will be looking
 into this as it will surely help take some load of plenty of Admins or
 DPOs that don't have any extra source of data to check & gather.

 Not all exports require manual inspections and cross-checking external
 sources so we can adjust the code and provide this functionality to any
 website that might need it.

 ----

 > And about multiple sources of personal data. Why would something be
 missing? This would means that the plugin is poorly written/developed.
 >
 > A DPO inserting/modifying personal data into a zip file puts in danger
 the data itself. A DPO is a human and can mix personal data from another
 users maybe, where a well structured SQL query and code don't.

 That's not entirely correct. And we have to define what "Export Request"
 really means here as I think there was a misunderstanding.

 On one side we have the implemented WordPress Export Personal Data
 functionality and on the other we also have the actual "Export Request"
 that any of your members/clients are sending.

 I'm pretty sure that @carike was mentioning the latter and in that case
 data would/could be missing from an "Export Request" exactly because there
 might be "multiple sources" and that means sources outside of WordPress
 that we can't handle or know about in Core.

 This is why we also gave the option to Download the packaged export .zip
 for cases that there might be a need to gather data from other sources as
 well and bundle them all together in a file to send an e-mail manually by
 a DPO or Admin etc.

 As an example:
 I am using WordPress as my website so my clients can send me their export
 requests there (this takes care of the "request" action itself and all the
 data that are kept within WordPress.

 But I also have 10 extra software running in parallel that are not
 connected with WordPress and I keep data for these clients there also.

 I would prefer to manually send 1 email that contains 10 different
 packaged export files from various sources than send 10 different emails
 to a user per source.

 Still I'm not editing anything here, I'm just gathering the exports from
 all the various software that I have :-).

 Does this make sense in this context?

 ----

 > As I've said, **I think we are creating an artificial and avoidable
 workload in most cases.**
 >
 > I think that by adding **at least** a bulk "Send Export Link" to all
 user-confirmed requests is the minimum implementation to facilitate the
 task of the administrator in this case.

 A bulk send can be discussed as well to see it's pros and cons.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/49357#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list