All posts filed under: Privacy

The “not affiliated” checkbox and the GDPR

TL;DR The punchline of this post is that the operator(s) of WordPress.org may, through the “I am not affiliated…” checkbox, be breaching Europe’s General Data Protection Regulation (GDPR), and that is something of which the board of Automattic ought to be aware. Let me explain. The “not affiliated” checkbox As is well known across the community, on or around 8 October, the login screen on WordPress.org was amended to look like this (originally it linked to the WP Engine lawsuit, but that was subsequently removed): Application of the GDPR First of all, there is a strong argument that the operator(s) of WordPress.org are subject to the GDPR in relation to their processing of EU residents’ personal data through WordPress.org. For example, there are localised versions of WordPress.org translated into the languages of some EU member states (e.g., de.wordpress.org/) and so services are being actively offered to EU residents, and the WordPress.org privacy statement appears to have been written on the assumption the GDPR applies. Personal data processing through the checkbox Under the GDPR, “personal data” …

Attention WordPress course creators – mad cyber week deal on The 5-Step Legal Plan for Online Course Creators

I suspect many of us, myself included, are now suffering from Black Friday to Cyber Monday fatigue. So I’ll keep this brief. For a very limited time, I’m offering full access to The 5-Step Legal Plan for Online Course Creators for the madly discounted price of $29. That’s a whopping 66% off the normal price. The course helps you to protect your course content, avoid being sued, comply with important laws, and keep what you earn in your pocket, in under 90 minutes! This includes walking you through quick and automated creation of your own copyright statement, disclaimer, terms of use, and privacy statement. Oh, and you’ll get all 6 of our ebooks too, which cover protecting your course content, using others’ content safely, licensing content to get promotion, mastering your email marketing, having a privacy statement, and shielding yourself from lawsuits. This deal will never be repeated again, so be quick. There’s never been a better time or place for course creators to get their legal house in order. GET THE DEAL HERE AND NOW, before it …

Automattic, WordPress.com, Jetpack, European cookie laws and transparency

Setting the scene In Legal checks when building a content-driven WordPress website, I discussed cookies — not the edible variety but the small text files that are stored on your computer or mobile device when you visit or undertake certain activity on certain websites (for further information about cookies, see https://www.allaboutcookies.org.) I observed that, whilst many countries don’t have laws that require disclosure of cookies, in Europe there are specific (and controversial) cookie laws. Website owners in European Member States are required to: provide clear and comprehensive information about the cookies they are using; and obtain consent to store a cookie on a user or subscriber’s device. There are some narrow exceptions but I don’t think I need to mention them again. Questions The questions I want to explore in this post are these: What are the implications of the European cookie laws for European users of WordPress.com and Jetpack? Are users of WordPress.com and Jetpack able to obtain sufficient information as to the cookies that these services set? If not, do the cookie laws …

Template terms and policies for WordPress multisite businesses

Introduction As many if not most readers will know, with WordPress’ multisite feature, you can set up your own network of sites, whether for yourself, friends, clients or customers. The WordPress Codex puts it in these terms: “As of WordPress 3.0, you have the ability to create a network of sites by using the multisite feature. … A multisite network can be very similar to your own personal version of WordPress.com. End users of your network can create their own sites on demand, just like end users of WordPress.com can create blogs on demand. If you do not have any need to allow end users to create their own sites on demand, you can create a multisite network in which only you, the administrator, can add new sites. A multisite network is a collection of sites that all share the same WordPress installation. They can also share plugins and themes. The individual sites in the network are virtual sites in the sense that they do not have their own directories on your server, although they …

Legal checks when building a content-driven WordPress website

Introduction Recently I’ve built two blogs (both running on WordPress of course). The first is this one and the second is a blog for a group of lawyers in the United Kingdom. The purpose of the second blog is to enable the lawyers to share their knowledge and thoughts on a particular area of practice with clients, potential clients and the wider legal community. As well as building the site, I also attended to the usual legal and related issues that arise with a content-driven website like a blog, just as I did for this site which is similar in many ways. I’ve done this sort of thing many times in the past, for myself, for colleagues and for clients. Each time I do it, I run through a range of legal and related checks in my mind that ought to be covered off. I thought it might be useful to document the checks for others building similar sites. The purpose of this post, then, is to do exactly that. The checklist covers the kinds …

Would you like a privacy policy like mine?

When I was getting WP and Legal Stuff ready for release, I drafted the privacy policy that is linked to in the site footer. I did this because I would probably be collecting personal information (e.g., names of commenters and email addresses) and it was appropriate, therefore, that I let people know what I’m collecting, who can see it, what I’ll do with it, and so on. When drafting the policy, it struck me that this is something that other bloggers and site operators – whose structural set up is similar to mine – may also need or wish to do. If you’re in this position, please feel free to create your own policy based on mine. To help you out, I’ve whipped up a form that takes a small number of inputs and then spits out a version of my privacy policy but with my details removed and your details inserted. The form and output are based on a few assumptions: that an individual is operating the blog / site; the site is externally …

Why legal stuff matters

For some people, thinking about legal stuff may not be at the forefront of their minds when they’re developing, designing, launching or adding content to a WordPress website or developing and releasing a theme or plugin. I suspect it’s also not at the forefront of the minds of some people who launch commercial theme and plugin shops, release WordPress ebooks, produce WordPress podcasts, and so on. It’s easy to get caught in the moment and the excitement of developing, writing or releasing something new. I know what that’s like. Just as a lawyer building a website may pay little attention to something that a developer would consider crucial, so too can developers, designers, bloggers and entrepreneurs pay little attention to things that lawyers consider important if not crucial.  And, of course, in some cases people want to do what’s right or in their commercial interests but just don’t know what the relevant laws are or how they apply. The legal stuff does matter There are various reasons for sticking to the right side of the …