[wp-trac] [WordPress Trac] #52903: Consent Management within WordPress Core

WordPress Trac noreply at wordpress.org
Wed Mar 24 18:03:28 UTC 2021


#52903: Consent Management within WordPress Core
-------------------------+-------------------------------------------------
 Reporter:  carike       |       Owner:  (none)
     Type:  feature      |      Status:  new
  request                |
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Privacy      |     Version:
 Severity:  normal       |  Resolution:
 Keywords:  needs-patch  |     Focuses:  ui, accessibility, javascript,
                         |  administration, rest-api
-------------------------+-------------------------------------------------
Description changed by carike:

Old description:

> **Website visitor / user Privacy choices:**
>
> a. Users who are not registered on a site, or who choose not to log in
> when prompted, can set their consent preferences via a simple banner
> (Gutenberg block) on the front end, which will set a (functional) cookie
> value for consent.
> It should be possible for plugins to filter the banner contents and to
> change the appearance.
>
> b. Registered users can set their consent preferences via an interface in
> wp-admin, after logging in.
> The interface should extend the "Edit Profile" page.
>
> Once a registered user logs out, the consent cookie value should be
> updated to reflect their preferences as per the database (sync).
>
> **(Sane) Defaults:**
>
> Five default consent categories have been proposed: Functional;
> Preferences; Anonymous Analytics; Analytics and Marketing.
>
> Website owners / admins should be able to set site-wide defaults by
> setting a site option value, or by using a plugin to do so.
> [An alternative would be to allow them to do so via filter.]
>
> It should be possible for site owners / admins to add additional consent
> categories, or to add nested sub-categories, or to allow a plugin to do
> so.
>
> As privacy legislation varies across the globe, I believe that WordPress
> should default to TRUE for each category, if not overridden, to maintain
> backwards compatibility and avoid unexpected behaviour.
>
> **Proposed Consent Management hierarchy:**
>
> 1. If the user is logged in and has set consent preferences, obtain their
> preferences via an extension of the REST API.
> Using the REST API will allow us to cater for cookies that are set in
> JavaScript, rather than in PHP.
>
> The basic logic:
> {{{#!php
> <?php
> $user_id = get_current_user_id();
> if (is_user_logged_in() === TRUE) { $consent = get_user_meta($user_id,
> 'consent_preferences', FALSE); }
> if ( $consent !== NULL ) { return $consent; }
> }}}
>
> 2. If the user is logged out and has set consent preferences in a
> (functional) cookie, obtain the (functional) cookie consent value.
>
> The basic logic:
> {{{#!php
> <?php
> if ( isset($_COOKIE['consent_cookie']) ) { return
> $_COOKIE['consent_cookie']; }
> }}}
>

> 3. If the user has not set consent preferences, obtain the site privacy
> defaults from a site option value.
>
> The basic logic:
> {{{#!php
> <?php
> $consent = get_option('site_consent_preferences');
> if ($consent !== FALSE) { return $consent; }
> }}}
>
> 4. Otherwise, return WordPress defaults - i.e. an associative array where
> the default values are TRUE.
>
> The basic logic:
> {{{#!php
> <?php
> $consent = array("functional" => TRUE, "preferences" => TRUE,
> "anon_stats" => TRUE, "stats" => TRUE, "marketing" => TRUE);
> return $consent;
> }}}
>

> **Related tickets:**
>
> I will be closing #51188 in favour of this ticket to make it easier for
> new contributors to get involved. Please do feel welcome to read the
> closed ticket if you need / want background.
> #51110 deals with the design of a wp-admin interface.
> There is not a ticket for the design of a Gutenberg block (as a front end
> "interface") yet.

New description:

 **Website visitor / user Privacy choices:**

 a. Users who are not registered on a site, or who choose not to log in
 when prompted, can set their consent preferences via a simple banner
 (Gutenberg block) on the front end, which will set a (functional) cookie
 value for consent.
 It should be possible for plugins to filter the banner contents and to
 change the appearance.

 b. Registered users can set their consent preferences via an interface in
 wp-admin, after logging in.
 The interface should extend the "Edit Profile" page.

 Once a registered user logs out, the consent cookie value should be
 updated to reflect their preferences as per the database (sync).

 **(Sane) Defaults:**

 Five default consent categories have been proposed: Functional;
 Preferences; Anonymous Analytics; Analytics and Marketing.

 Website owners / admins should be able to set site-wide defaults by
 setting a site option value, or by using a plugin to do so.
 [An alternative would be to allow them to do so via filter.]

 It should be possible for site owners / admins to add additional consent
 categories, or to add nested sub-categories, or to allow a plugin to do
 so.

 As privacy legislation varies across the globe, I believe that WordPress
 should default to TRUE for each category, if not overridden, to maintain
 backwards compatibility and avoid unexpected behaviour.

 **Proposed Consent Management hierarchy:**

 1. If the user is logged in and has set consent preferences, obtain their
 preferences via an extension of the REST API.
 Using the REST API will allow us to cater for cookies that are set in
 JavaScript, rather than in PHP.

 The basic logic:
 {{{#!php
 <?php
 $user_id = get_current_user_id();
 if (is_user_logged_in() === TRUE) { $consent = get_user_meta($user_id,
 'consent_preferences', FALSE); }
 if ( $consent !== NULL ) { return $consent; }
 }}}

 2. If the user is logged out and has set consent preferences in a
 (functional) cookie, obtain the (functional) cookie consent value.

 The basic logic:
 {{{#!php
 <?php
 if ( isset($_COOKIE['consent_cookie']) ) { return
 $_COOKIE['consent_cookie']; }
 }}}


 3. If the user has not set consent preferences, obtain the site privacy
 defaults from a site option value.

 The basic logic:
 {{{#!php
 <?php
 $consent = get_option('site_consent_preferences');
 if ($consent !== FALSE) { return $consent; }
 }}}

 4. Otherwise, return WordPress defaults - i.e. an associative array where
 the default values are TRUE.

 The basic logic:
 {{{#!php
 <?php
 $consent = array("functional" => TRUE, "preferences" => TRUE, "anon_stats"
 => TRUE, "stats" => TRUE, "marketing" => TRUE);
 return $consent;
 }}}

 **How to integrate all of this into the Developer community:**

 This would require a number of approaches and mechanisms, including:

 New functions:

 Creating a wp_setcookie(); function in PHP and a corresponding function in
 JavaScript that checks for consent before placing a cookie;
 Use of wp_setcookie(); can then be required for new plugin submissions to
 the WordPress.org repository.

 Updating existing functions:

 Updating other functions like wp_mail(); and the HTTP and REST APIs to
 check for the appropriate consent.
 In the case of wp_mail(); for example, this can be done by adding a new
 parameter variable for $consent_purpose.
 We can add a _doing_it_wrong(); if this variable is not present.
 In the case of the REST API, consent could possibly be integrated into a
 permission callback, but that is something we'd need Timothy's (and
 others) input on.

 Education drive:

 Voluntary compliance is preferred. By providing documentation, resources
 and discussing with as many stakeholders as we can (primarily on Slack),
 we can encourage adoption through education.

 **Related tickets:**

 I will be closing #51188 in favour of this ticket to make it easier for
 new contributors to get involved. Please do feel welcome to read the
 closed ticket if you need / want background.
 #51110 deals with the design of a wp-admin interface.
 There is not a ticket for the design of a Gutenberg block (as a front end
 "interface") yet.

--

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/52903#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list