Request regarding cookies and embedded content
-
I’m not sure what would be the most appropriate forum for this post, since it ultimately pertains to www.ads-software.com policies rather than to any specific technical issue or feature request.
It would be great if www.ads-software.com could start moving toward requiring plugin and theme developers in the repository to disclose onthe applicable plugin or theme page what cookies they set, if any (including what those cookies do and their normal duration), and what embedded content they use, if any (including stuff like Google Fonts or embedded video players, even if just on the dashboard).
In a growing number of jurisdictions, website owners are legally responsible for knowing and disclosing that information to end users. For those of us who are not developers, this is a major pain, requiring constant detective work to identify different cookies and figure out what’s setting them and why. (There are some automatic cookie detection tools, but they are not 100 percent reliable, especially if certain cookies are only set in certain circumstances.) That means adding a new plugin or switching themes might also leave a website owner technically in violation of cookie disclosure or other privacy laws while trying to figure it out.
Even in areas with less stringent online privacy rules, embedded content is not necessarily desirable. The widespread use of Google Fonts and Google Hosted Libraries, for instance, may provide certain performance advantages, but it also comes at a cost to user privacy and can create technical issues in regions where those services are blocked.
For these reasons, it would be enormously helpful if when I was browsing plugins or browsing themes on www.ads-software.com, I could easily check the appropriate tab to see what cookies it uses and whether it uses Google Fonts or other embedded resources (in the same way other add-on repositories typically require developers to disclose what permissions their add-ons require and why). The developers presumably know better than most users what’s in their themes and plugins, and if there’s a standardized form to fill out for it, disclosing that information doesn’t have to be an insuperable hassle.
I realize this isn’t something that could happen overnight, but it’s something I’d love the www.ads-software.com team to seriously consider phasing in. There’s a real risk that draconian, hard-to-comply-with privacy laws may end up making website ownership a corporate-only proposition. Given the popularity of WordPress, clear disclosure of these points would help to forestall that by giving less technically adept users the information they need to at least try to comply.
(If there is a more appropriate forum for this suggestion, I would appreciate it if someone could help me move it there. Thanks!)
-
Also, I’m not suggesting that developers be barred from using cookies or external resources (which would be silly as well as impractical), just that they put that information into some consistent place on the theme or plugin page so that users can make an informed choice.
I don’t really see how doing that is more burdensome and onerous for developers than ending up fielding the same question multiple times in the support forums or other feedback messages. And, some plugins use neither cookies nor external resources, so there’s no documentation involved in that other than maybe clicking “no” on an upload form.
It would help if there were a standardized tab for it in the plugin/theme pages, even if filling it out were not mandatory.
Again, I am not a developer. Neither are a lot of WordPress users. I am facing a legal climate that is increasingly calling for fines of thousands of dollars for noncompliance over things like cookie disclosures that are challenging to figure out for people who are not developers (or even people who are developers dealing with someone else’s code).
Why is it not onerous to have keywords to let me search themes by how many columns they are, but onerous to provide some indication of whether they use Google Fonts?
Why is it not onerous to have keywords to let me search themes by how many columns they are, but onerous to provide some indication of whether they use Google Fonts?
Because it is?
*Drinks coffee*
Let’s say I wrote the Hello Dolly plugin (I didn’t, it’s just an example). Here’s the keywords I would choose.
Louis Armstrong, Jazz, example plugin, admin notice
And that takes no time at all. Why would it?
Now imagine it’s 5,000 lines of code. I wrote it, I want to share it, it solved a Wonderful and Unique Problem™ that has plagued people for years.
You want me to go back and document any cookies it may use to satisfy your problem?
That’s an additional level of work that is not needed for any opensource community project. This is not a market place, there is nothing to sell here. This isn’t the Apple Store, it’s not Google Play store .
If you need to know that cookie information you can ask, you can look at the source. If that doesn’t work then don’t use that plugin.
*More coffee, so good*
That does not mean people who publish code here get to do bad things. That’s what the plugin/theme guidelines are for. But what your asking is an additional and unnecessary barrier for code contributors.
- The topic ‘Request regarding cookies and embedded content’ is closed to new replies.