Skip to:
Content

BuddyPress.org

Opened 4 months ago

Last modified 3 months ago

#8266 new task

Export Data changes in WordPress 5.4

Reported by: r-a-y Owned by:
Milestone: Under Consideration Priority: normal
Severity: normal Version:
Component: Settings Keywords: dev-feedback
Cc:

Description

So I'm reading the new changes to WordPress 5.4 with regards to exporting user data:
https://make.wordpress.org/core/2020/03/02/privacy-updates-in-5-4/

And a few things jump out.

We will not need the WordPress Community Events block since that isn't applicable to BuddyPress sites. I'm thinking we should remove that.

About the session tokens part, what does everyone think about that? Here's the core WP ticket - #WP45889, appears to stem from GDPR. Do you see value in including that info? When a user logs out, that info is erased. The only thing I can think of is if that user is logged into multiple devices at the same time without logging out...

Change History (6)

#1 @imath
4 months ago

imho If we were giving the possibility to members to export from the front end any WordPress data, we should probably also include these new ones.

#2 @r-a-y
4 months ago

Yeah, but most sites white-label WordPress and don't want people knowing that their sites are even powered by it.

I can understand WP's perspective that they estimate your location to show WP events that are nearby and that they should disclose that info. Maybe it would make more sense for us if the block was renamed to "Current Location" even though we don't make use of it in BuddyPress (might be interesting to use this data in a future version of BP!).

The user session info would be more useful if it recorded logins across a longer period of time, but current sessions are not that useful in my eyes. I'm less worried about this block than the Community Events one.

Last edited 4 months ago by r-a-y (previous) (diff)

This ticket was mentioned in Slack in #buddypress by imath. View the logs.


3 months ago

#4 @imath
3 months ago

  • Milestone changed from 6.0.0 to Under Consideration

@r-a-y

So I've looked more deeply into this issue. Correct me if I missed something, but removing these particular data types means we'd need to do remove_filter( 'wp_privacy_personal_data_exporters', 'wp_register_user_personal_data_exporter', 1 ); to add a specific BuddyPress function that redo what is doing wp_user_personal_data_exporter() before removing the 2 new data types. There's no filter into wp_user_personal_data_exporter() to whitelist/blacklist these 2 specific user meta.

For you information, I made some tests and, as a user :

  1. as long as I don't go into the WP Admin Dashboard the Community Events Dashboard widget data it is not included into the exported data.
  2. If I go once or more without setting my location: then only my IP is listed into the exported data.
  3. If I choose a city, I get the City, Country, Latitude & Longitude into this exported data.

After more thoughts. Disabling the Community Events data should only be done for case 2. But I believe this should be reported upstream.

GDPR is a sensible topic in Europe, I believe BuddyPress shouldn't remove WordPress or any other plugins data because we don't know what could be the implication, the risk is too high imho. If the site's owner wants to whitelist data, I think we shouldn't help him.

So I'm going to move this ticket out of 6.0.0 milestone to give us more time to think about it, but I'm not in favor of removing anything there. I believe, we should at the contrary try to take advantage of the WP 5.4 new filter wp_privacy_additional_user_profile_data and:

  • check if we have personal data into User Meta that we are not exporting yet,
  • eventually add them using the filter, if there are some.

#5 @imath
3 months ago

Finally I think the right way to handle the Community Events Dashboard Widget thing is to disable the widget completely from the dashboard for regular users. ;)

#6 @r-a-y
3 months ago

Correct me if I missed something, but removing these particular data types means we'd need to do remove_filter( 'wp_privacy_personal_data_exporters', 'wp_register_user_personal_data_exporter', 1 ); to add a specific BuddyPress function that redo what is doing wp_user_personal_data_exporter() before removing the 2 new data types. There's no filter into wp_user_personal_data_exporter() to whitelist/blacklist these 2 specific user meta.

You're correct, imath. It would be cumbersome to override because of a lack of filters.

Finally I think the right way to handle the Community Events Dashboard Widget thing is to disable the widget completely from the dashboard for regular users. ;)

I like this simple solution the most. If other devs like this idea, let's do it!

Note: See TracTickets for help on using tickets.