antmg

I’ve just discovered this was done as an optimization quite recently here: https://core.trac.www.ads-software.com/changeset/56074?

I’m surprised it got merged, and I’d say it should be reverted ASAP as I’m sure people are not realising it’s happening on their sites and that they are non-compliant with the relevant privacy laws.

Hi,

Indeed I see it’s possible to do at least for now. It’s concerning that as soon as you deploy a WordPress site you’re instantly not compliant until you get emojis disabled.

Fines for being non-compliant can be pretty high.

And as said by @threadi a future update could cause the disabling of the emojis to break (eg by renaming the scripts), silently becoming non-compliant again, which means a call between disabling auto updates and reviewing the situation manually on on offline second install before allowing each update as you can’t have it accidentally going live in a non-compliant way.

Even if you’ve got a GDPR / CCPA notice on the page, this data is written on the first page load, so before they have a chance to accept.

I guess this is a feature request to have a built in mechanism to disable (or preferably disabled by default so a fresh install is compliant with US / European laws) for the emoji plugin.

Or perhaps could the functionality be pulled out into a regular plugin that can be disabled, but could be installed by default on a fresh install (or completely independent of course)

• This reply was modified 1 year, 6 months ago by antmg.