You’ll know from our previous post that the General Data Protection Regulation (GDPR) from the European Union is going to take effect on 25th May 2018. The GDPR applies to organisations located inside and those outside EU countries who interact with the EU residents in any way.
A huge number of websites are powered by WordPress -including those of many of Code clinic KreativAgentur’s clients-, so today’s release of WordPress 4.9.6 is great news with there being just days left until the compliance deadline. This latest release means that there is no longer a need to use a bunch of different plugins to get at best; a poor solution to the GDPR headache.
WordPress 4.9.6 addresses these issue in the following ways:
- Cookie control in comments
- Data handling (export and removal tools)
- Email notification for data request confirmation
Cookies & Comments
Unregistered users or logged-out users will now have a choice to decide if their name, email and website address will be saved in their browser cookie while commenting on a site. This facilitates a greater control over the users’ private data.
Personal Data Tools
As an admin of a WordPress site, you can now easily export any user’s personal data to a ZIP file using the Data Export Tool. You also have the ability to erase any user’s personal data permanently. All of these are possible with WordPress 4.9.6.
Along with privacy, this release includes 37 enhancements, 51 bug fixes, and 2 tasks.
- “Mine” filter added to the media library to let individuals sort their uploads.
- Upon viewing a plugin in the admin, required PHP version will be shown from now on.
- PHP polyfills for forwards-compatibility and variable validation added.
- TinyMCE updated to latest version (4.7.11)
An update guideline has been published by the WordPress development team that provides technical information regarding this update (v4.9.6). You can download and install the update right from the Dashboard > Updates menu in your admin area or browse the release archive.
Important: It’s advised to make your website GDPR compliant before 25th May 2018. In case of a breach, if any platform is not GDPR compliant, the platform owner might be charged a fine up to 4% of annual turnover or 20 million euros.
GDPR is viewed by many as a long over-due rebalancing of the interests of the individual to control their personal data versus those of companies which up to now have seen any data they can harvest and leverage in their own interests as fair game and little obligation to protect it. But naturally, any new regulation brings with it the fear that unnecessary burdens or obstacles are being introduced that will fundamentally change the way we are able to do business.
For most businesses whose activities aren’t centred around processing sensitive personal data achieving compliance should be straightforward. Yes, there will be some up-front work to get your paperwork and practices in order but the main change will be in the way we think about data protection, which ultimately should benefit everyone. Thankfully, the WordPress team have made things a little bit easier for the many website owners using the World’s most popular CMS.
We think GDPR is a good idea, however, compliance before the deadline of 25 May 2018 is causing a lot of stress for many businesses. If this includes you, give Code Clinic KreativAgentur a call today on +49 (0)9181-8833-897 (de) or +44 (0)161-408-4759 (en) today.