Our open source GDPR Interface has finally seen its first release
If you can’t wait to get your hands on it, go check it out on our GitHub account where the magic happens. https://github.com/GDPRWP/standard
114 days to go, and still lots to do
It’s early days still, but we managed to settle on two main functions on this first release, and a couple of helper functions.
The main functions
Main functions are the foundation for the functionality, website owners will need to comply with GDPR when a user of a website want to request, obtain or transfer data.
The two main functions are read and anonymize.
The General Data Protection Regulation states that users have the right to request, obtain and transfer data. That means we need to find and list any Personal Identifiable Information that our collected WordPress installation holds – across plugins!
read_userdata requires an e-mail. We know this might not be ideal in the long run, but e-mails are unique in standard WordPress user behaviour, and something you will get from a user, requesting the data you hold on them – A userID isn’t usually something a user has knowledge about, and thus we need to go with data the user can actually provide.
It’s up to you – as a plugin developer, to return any Personal Identifiable Information (PII) that your plugin stores on the provided e-mail. The format of the returned data should be in the form of an array. We will offer code examples shortly!
Although you do also find a delete_userdata(); function, we believe that the correct term should be “anonymize”.
With this function, you directly tie into the GDPR compliance of “The Right To Be Forgotten” (TRTBF).
We can’t view deleting of data only from the point of view, of one single plugin, but need to consider the ramifications of a deletion across multiple plugins, and in WP core. Our belief is that some plugins might be able to delete all PII when asked to anonymize, and they should do so if it does not affect the functionality of the plugin.
For others, deleting data is not an option, since statistics or other data can be tied into the PII data. Example: If my website keeps statistics on how many male users we have, living in northern Europe. I can’t simply delete the fields where I store the PII male and location. I would need to anonymize it so that it isn’t tied to any specific e-mail (or other PII).
The helper functions
To allow GDPR plugins to use the information you provide by implementing the GDPR Interface into your plugin, we need to set some metadata on that PII. For this, version 1.0.0 of the GDPR interface has two helper functions.
We know that we won’t get everything right on the first try, and for that, you shouldn’t be punished for implementing an early version of the interface, to start complying with the “simplest” elements of the regulation. Therefore we need a version number, to know which elements you DO comply with. Plugins that are yet to be created by the community at large, will be able to use the version number, to know which functions you have implemented.
Another GDPR compliance issue is that you need to provide a clear text description of how the data is used. We figure you would need some place to detail this in a plain and easily understandable text. As it’s you, as a plugin developer who knows why for how long and for what purpose you collect this data, this is where you can detail this for each of the PII you collect.
Check out the Interface on GitHub
Thank you so much for supporting this project. I’d be happy to hook up on WordPress.slack.com to discuss any issues or ideas you might have.