Require notification when sharing address

I would like to suggest that any plugin that shares the e-mail address of a user with a third party web site must have a mechanism that specifically notifies the user before action is taken.

How would that be enforced and what constitutes as third party?

For example: a subscription plugin, that does not run on any other site save for yours, does it using a SMTP relay constitute a third party when it notifies the WordPress admin with your email?

Also you seem from your other topic to have an issue with double opt in, is your suggestion here to change a widely accepted and considered safe email practice? Opt in emails are not the same as collecting data.

A third party is sending the e-mail address to any other host that is not the host hosting the blog.

How it would be enforced, when a plugin is found to transmit an e-mail address to a third party without specifically getting the permission of the user, that plugin is removed from www.ads-software.com repository until they take action to fix their code so that the user must agree before their data is sent.

My issue isn’t double opt-in. My issue is that e-mail addresses are sent to third parties without the explicit knowledge or permission of the user before they are sent.

This is a privacy and tracking concern.

As far as SMTP – the purpose of an e-mail address is to receive e-mail. When a user gives e-mail they are implicitly giving permission for the server they submit the e-mail address to to send them e-mail through the SMTP system. They are not however implicitly giving permission for that web site to share that e-mail address with other companies that will then use it (for SMTP or other purposes)

They are not however implicitly giving permission for that web site to share that e-mail address with other companies that will then use it (for SMTP or other purposes)

I haven’t seen any plugins that do implicitly give permisisons for that. If you know of any that do take email addresses and use them for those sort of purposes you really should report them to the plugins team so that they know about them and can take some action if it’s required.

The problem with a blanket “must report back about emails” is that there’s no way to really police it. A plugins author may say “we are not using it for anything bad” when in fact they are harvesting and sharing it, so just saying it won’t make any difference at all.

I’m not sure you understood me.

If Plugin X is going to share [email protected] with website Y then before Plugin X may do so, it must get permission from the user who’s e-mail address is [email protected].

An example of a plugin that currently shares e-mail addresses with a third party website without the users knowledge or consent is jetpack.

If a blog has jetpack enabled and handling subscriptions (and apparently the UI is very confusing for turning off features) then anyone who checks the box to have e-mail notifications from the blog will have their e-mail address shared with wordpress.com – and jetpack does not notify the user, it just does it.

That may not be a big deal to some but it is a big deal to some, and violates the stated privacy policy many websites operate under, and may even violate some privacy laws in some countries.

What I am asking, is any plugin that takes a user submitted e-mail address and shares it with a third party must ask the user before doing so.

I believe that is actually required by law in the European Union for certain types of websites, but I am not a legal expert on laws in my own country yet alone the European Union.

Enforcing it is not difficult. Look at plugin source, if the plugin sends user submitted e-mail addresses to a third party then it can only do so after asking the user if it is okay to do so.

That is fairly easy to accomplish via the window.alert() function in JavaScript and I have never seen a wordpress blog that works properly with JS disabled, and at this point JS is fairly accessible for users with a11y needs, so using JS to ask is a suitable method. Not asking is not okay however.

If window.alert() returns true, the user clicked OK, go ahead and send their e-mail address to the third party for whatever purpose – good or evil. If window.alert() returns false, the user clicked Cancel, do not send the data to third party – even if that means you can’t accomplish a task (like e-mail subscription managed by that third party).

Sorry in above I meant window.confirm() not window.alert()

https://fra.europa.eu/sites/default/files/fra-2014-handbook-data-protection-law-2nd-ed_en.pdf

Handbook on European data protection law – 2014

2.1.
Personal data

Data are personal data if they relate to an identified or at least identifiable person, the
data subject.

An e-mail address is thus classified as personal data in the EU data protection law.

2.3.
The users of personal data

A ‘third party recipient’ is a person or entity that is legally separate from the controller,
but receives personal data from the controller.

2 . 3 .1.
Controllers and processors

The most important consequence of being a controller or a processor is legal responsibility for complying with the respective obligations under data protection law.

The blog (controller receiving the personal data from the user) has legal responsibility for complying with data protection law.

2.3.2.
Recipients and third parties

A ‘third party’ is someone who is legally different from the controller. Disclosing data to a third party will, therefore, always need a specific legal basis.

2.4.
Consent

Consent as a legal basis for processing personal data must be free, informed and specific.

The existence of free consent is valid only “if the data subject is able to exercise a real choice and there is no risk of deception, intimidation, coercion or significant negative consequences if he/she does not consent”

-=-=-=-=-=-

So basically what I am asking, if I understand that PDF correctly, is that plugins in the www.ads-software.com plugin repository comply with what European Union already requires websites to do.

Here’s another article that seems to see things the same way I do – https://www.computerweekly.com/opinion/Security-Think-Tank-What-should-UK-business-do-to-prepare-for-new-EU-data-protection-rules-part7

So if websites in the EU are to have any confidence that using plugins from the www.ads-software.com repository won’t get them into legal trouble, then some guidelines about personal data privacy with what plugins automatically do need to be spelled out.

I would hope they are spelled out because it is the right thing to do, but I’ll take it if it is because the EU is serious about privacy. Either way works for me.

Note that this doesn’t mean a plugin can’t share personal data with a centralized service, jetpack and any other plugins that do that can keep doing what they do – it is just that they really need to inform users of the blog (those entering their e-mail address to comment) and ask their permission first.