The latest WordPress upgrade includes new GDPR-related privacy features
WordPress, the world’s most popular content management system, has announced a range of new privacy features in WordPress version 4.9.6, its latest upgrade.
The features have been released in advanced of the GDPR, the European Union’s new privacy laws, which comes into force on 25th May. Users are being notified of the new features by a tooltip in the dashboard of their admin panels.
The template policy contains information on how the CMS handles comments, media uploads, contact forms and cookies.
The latest upgrade also provides administrators with the capabilities to erase or export personal data from the database connected to the WordPress installation.
Under the “tools” menu it provides an “export personal data” menu option, which leads to a page that allows the administrator to search for a user by username or email address.
Once the administrator has submitted the search they are given an option to download the users data in a HTML document.
The data exported will correspond to the what data the CMS is configured to collect. In many cases, this will consist of the user’s registration date as well as his or her name, biography, email and user ID.
Under the “tools” menu, the CMS now also provides an “erase personal data” menu option which allows users with appropriate permissions to remove users from the CMS.
The new erasure tool will delete all personal data, including data collected by plugins.
Each erasure or export request is also accompanied by an autoresponder sent to the email address on record for each user.
Another important new feature is the inclusion of a checkbox at the bottom of the comment box that asks whether logged-out users wish to save their name, email and website in a cookie for the next time they decide to comment.