[wp-trac] [WordPress Trac] #51188: Create a structure for consent-related user meta value

WordPress Trac noreply at wordpress.org
Fri Sep 4 16:48:52 UTC 2020 

#51188: Create a structure for consent-related user meta value
-----------------------------+---------------------
 Reporter:  carike           |       Owner:  (none)
     Type:  feature request  |      Status:  new
 Priority:  normal           |   Milestone:  5.6
Component:  Privacy          |     Version:
 Severity:  normal           |  Resolution:
 Keywords:  close            |     Focuses:
-----------------------------+---------------------

Comment (by azaozz):

 Replying to [comment:12 carike]:
 > Replying to [comment:11 azaozz]:
 >
 > > > Users who need to give consent can be registered users who are
 logged in, registered users who are not logged in, or website visitors who
 are not registered.
 > >
 > > Think this doesn't sound right. In WP (and on most websites) there are
 no "registered users who are not logged in". These people are treated as
 "visitors" to the site, have no access to any special areas, and are not
 exposed to anything more that "standard" visitors.
 >
 > Consent preferences for registered users should be saved in the DB, as
 per our P2 discussion and the preceding #core-privacy discussions.
 > Consent preferences for users who are not registered cannot be saved in
 the DB, so these need to be saved in cookies, which are inherently
 transient in nature.

 Right, exactly (just wanted to make this 100% clear). For non-logged-in
 users the preferences should probably be saved in "session storage" which
 is transient by default. It's deleted as soon as the "session" (current
 browser tab) is closed. Cookies aren't really "transient", can last up to
 10 years...

 > **However**, registered users should be able to set their consent
 preferences for when they are logged out in the same /wp-admin/ UI that
 they are able to set their consent preferences for while they are logged
 in.
 >
 > This is why they constitute a third group - because something "extra" is
 needed for their UI.
 > The distinction is simply a matter of convenience.

 Not sure if that's technically possible. There is no way to "recognize"
 the users when they are logged out (the WP logged-in cookies are deleted).

 In addition, if any consent settings are stored in the DB, there must be a
 way to change them on every visit to the site. In WP that would probably
 be on the User Profile screen. When a user is logged-out their profile is
 not reachable, so they will not be able to withdraw their consent, etc.

 > Users who are logged in to your membership site (for example, this
 applies to any site, including e-commerce) still need to be asked for
 their consent to track them, for statistical or marketing purposes.
 > e-Commerce stores should, as a matter of best practice, ask their users
 to accept their product terms, but that does not affect the fact that the
 above still applies.

 Right. So the Consent API would only apply to sites that offer some form
 of "memberships" and web stores.

 > Here I am referring to the WP plugin repository and theme directory.

 Right. There is another tarc for this kind of tickets/changes:
 https://meta.trac.wordpress.org/timeline. We can open tickets there once
 the WP core implementation is ready (and we know exactly what is needed).

 > Yes, the site owners are the ones who are responsible.
 > But they are not the ones actually writing the code.
 > So, the plugin authors are the ones that need to make use of
 wp_setcookie() [or its yet-to-be-determined JavaScript equivalent]. So
 effectively / in practice, their code is asking consent **on behalf of**
 the site owner.

 Right, one way would be for plugins to "trigger" consent settings for a
 particular case. Another would be for core to ask for "general consent"
 for most common cases (whether or not it is currently needed) and plugins
 can check if consent was given. But that's a question of the
 implementation design, it will be figured out.

 > The tickets have been split into smaller (perhaps hyper-focused) ones
 because this has resulted in more actionable input from the privacy team
 thus far.

 Yeah, I understand. The point is that once we "know" exactly how this new
 feature will work, any data formats can easily be determined (it will most
 likely be a "map" or associative array of some sort). There's probably no
 need for a separate ticket and discussion about it, it's just an
 implementation detail :)

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/51188#comment:13>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list