 Yeah, thank you very much. So my doing Reese. Hello everybody. I am Reese and as I said I'm here to talk to you today about how to integrate your GDPR features They're more press into your project So first of all to begin with I am not a lawyer. I am not a lawyer I'm Pretended to be a lawyer but acted as a lawyer. I did date one once I did date one one for about six months, but apart from that I have no experience of any body In the legal profession or myself so what I am is I am a plug-in developer and In 2009 I built a plug-in called WP will capture Basically what it does is it allows you to pull into your site You name and an email box and it sends an email saying do you want to subscribe to my newsletter? They then click yes save the email address and the name to the database and You can then export and put it into something like MailChimp or something to send the email As you haven't probably worked out by now my plug-in is designed to collect data So I had to comply And GDPR came about in Late May so I left it really really really late and in early May I Began working on my own solution my own solution was basically have a privacy policy box in the back end of my plug-in You could copy and paste from the privacy policy box into your privacy policy and you could also Export and delete data based on email addresses It worked it did work but It wasn't really very robust so 16th of May 2018 It was Manchester WordPress user group and Heather came down and gave a talk on the work that she been working on With the privacy team and it was the next it was like oh my goodness. This is like everything which I have been doing as a plug-in developer and I had to kind of make a decision and I made a decision now and then to basically scrap what was effectively two weeks worth of work and Most of it scrapped and you decide to integrate with WordPress's privacy features the reason for it was two-fold first of all from a first of all from a Developer standpoint it was far easier for me to maintain because rather than just me maintain it. I had a large WordPress community who would be maintaining those tools and It was also better for the users because rather than going to the users and go right okay if you need to do a GDPR Export or do a GDPR request you need to go here. Oh, yeah, except for my plug-in way. You need to go here So you need to do too. We can just train the user to kind of go to one place Do one GDPR request and go from there So that was May 16th May 17th WordPress 4.9.6 was released It was classed as a security release, but probably should have been a minor release because of the amount of features that it added I'm not going to mention the G word, but there's all sorts of reasons behind WordPress 4.9.6 instead of 4.10 which you should have been but it wasn't automatically updated initially but eventually it was We'll say did a few checks and make sure that it was all okay the 4.9.6 had a number of privacy features um It had a privacy policy creator a data exporter and a data eraser It did have also a lot more features That we're not going to talk about in this talk such as like if you leave a comment you can choose whether to keep your name and email address in the cookies in the comment box by sending the cookie But we're not going to talk about those but they're all there, but for the purposes of the next 15 to 20 minutes, we're going to be talking about these features and how to integrate them with your project So the first thing is a privacy policy creator when you go to settings and then privacy You can choose a privacy policy page on your site This can either be one you've already written or it can be one that exists that you haven't written but you can create a brand new page that Is treated as your privacy policy page What happens is when you kind of create this page like similar when you've got like a A front page or if you've got like a news page like you have a little label by it. You now have a label It says privacy policy page when you go into the page. This is on the classic editor Um You get a guide prompt and this is this is equal to both when you create a page And if you assign a page to be your privacy policy You get a little prompt that says you need help putting this together Check out your guide for recommendations of what content to include and There's a link going to the privacy policy guide um The only difference is if you create a page and if you've already got a page assigned is if you create a page Those headers are automatically pasted below. Um, but if you've already got a page assigned, it's not When you click on that link to go to the guide you get taken to the privacy policy guide This is like an introduction and it basically says this is a bunch of headings And it kind of says right. This is what you need to write for these sections Um, you will need to write it. It's not boilerplated on the whole The reason being is that everybody's got different sites. You could have a You know, you could have a facebook pixel pixel, which you'll need to account for you could have a google analytics Which you'll need to account for you could you know, you could have a bitcoin miner I don't know why you'd want to put one on your site, but you could have one But and you need to write sections for these for every single player for every single thing that you have on this site now WordPress does things that It knows what it's doing. So so basically things like when you log into your site We've got a cookie on your computer because that way you don't have to log into every single page and things like that now Those those things are kind of known so there is a there is kind of boilerplated text Now if you're a plug-in owner or you write a plug-in you can actually add to this page And you can do so. Um, by the way, this is all the code, but if you go to that link Um, I'm putting the slides up after so this is a code example Um, so you can see this so you can actually add to this page. So for example um You can add to the admin init action Which is an action that runs on any admin page that's initiated. You can add a function I've got my function wp email capture privacy policy content and I've run it quite late um, this is just a very basic function that runs the wp underscore add underscore privacy underscore policy underscore content function This function has two attributes The first parameter is the title. So if you wanted to be a title on the page, this could be like a section So in my case wp email capture Um, the second parameter is content. So this block here is just the blocker text on what my plug-in does and the data it collects And you can add to the page When you update to this version of my plug-in or If you add this to your plug-in, you'll get the notification at the top of the page saying The suggested privacy policy text has changed. Please review it Which encourages the user to review the page and to make changes So you can see here You see here like the source wp email capture. That's the title and underneath it's the body You can press copy and you can copy it and paste it into your privacy policy Second section is the user explore page, which is added in the tool section. It's called export personal data When people make a request for data, they generally use requests such as your email address or username And then they click send request an email gets sent To the username or email address Requiring confirmation. So you're basically to say hi We've received this request for user export. Please confirm you are who you say you are To stop people making an error in this request Um You got this next step once once they click the link It's then this next step changed the waiting from confirmation to confirmed Um, once confirmed you can download the data Um, I'm sending to them now. You can actually download it before they confirm as well, but it's up to you When you when you download the data you get a file Look something like this So this is like your personal data export and it's basically all the density you have So this is this is running on my test site with my email address So everything associated with the email address so you can see here at the bottom I've uploaded a couple of images. They're assigned to my email address. That's data that they have Yeah Now you can add to this page and you can add to the export file To do this, you need a filter which is wp privacy personal data exporters Um, this filter is connected to an array which lists all the exporter functions As this an array you can add to it Uh, you can add to it An array with two keys exporter friendly name So this is like in my case is wp on the capture, which basically says that if it goes wrong You know where to look to kind of fix it And it also adds callback, which is a callback function And I'm going to apologize because the next slide is really complex um so The callback function will be something like this. This is only part of it and then only part of the relevant part of it You start off the callback function by grabbing your data However, you choose to do that whether it's in miniscule query, whether it's uh I mean, it could be in an api However, you choose to do it you grab the data and you have it in whatever format you choose You then need to put it into an array. So this is the data array on the side and this data array you two keys in an array and it is The first key is name, which is the name of the data And the second key is value, which is the value of the data So for example, if you have a twitter handle the name would be twitter handle the value would be at resource or whatever You then have this data row array. So this data array, sorry You then put this into another array, which is called exports items over here This has four attributes First one is group ID, which Is the group that you want to associate with this data. So it can be post page media comment Whatever Um, or you can give it your own. So in my case, it's WPML capture The group label is a human readable name. So in my case, it's WPML capture data An item item ID, which is like a unique identifier for it and all the data that you created in the previous step You then take that array And put it into another array, which is the data you return Um, so this array has two attributes Uh data, which is everything you've built up to this point and done Done is either true or false. So if you have a lot of data You may want to kind of split this up into two or three different Two or three run-throughs If you click and if you return false The function runs again if you return true It goes on and does something else Complex, I apologize. It's a lot easier from here on it What you end up with is something looks like this. So this is like This is like the group label and this is like the group the group ID The left hand column is all the names And the right hand column is all about the user associated with it. User deletion page The user deletion page works very similar and has a very similar layout. What happens is a user will Send an email that will make a request to delete the data And you give them either their username associated with it with the data or an email address This then sends an email to the User Says hi we've received requests to just delete your data Please confirm they then confirm And then you can then go ahead and delete the data again You can delete it beforehand, but you probably don't want to do that Similar to the exporters You have an eraser And you have a you have enough filter for erasing data And that's wp underscore privacy underscore personal underscore data underscore erases This is an array of all Erasing functions. So you can add to it Similar to the exporter This you add to it an array with two keys arrays a friendly name So that's the name. So if something goes wrong, you can know where to look for debugging And the callback function This my callback function In the callback function You build a function as least items for your database table. However, choose to do it again API You know wp query SQL however you choose to do it. So I'm not going to go into When you have the query that runs You return An array with four values. Now the thing is because because there's no data return You can't really return too much, but you have to return something You return an array with four keys Items underscore removed Is the number of items you remove. So this is like the the row here is removed Items retained items retained means that any data that you Choose to retain for whatever reason You can do so. I think Again, not a lawyer, but I believe you need to retain sales records for example for some liners Messages any messages you want to send And a done filter So if you need to Run through this process through more times for false If you only need to run through it once return through race through this It's a unit call right A useful option is wp underscore page underscore for underscore privacy underscore Policy This is an id for the privacy policy page. So if you need to In your plugin or theme link to it use that id and use a get permalink on that id to return and the The privacy policy page You cannot call if you choose to release your plugins on the WordPress.org repository. You cannot call them ddpl The reason being was hypothetically speaking. This is a thought experiment, but If you had one plugin that makes your site gdpr compliant, which doesn't exist, but this is you you can And you are working in a laptop You're working in a coffee shop with your laptop and you take a phone call and you leave your laptop open all of a sudden What was your and you're working on your WordPress site and you logged in All of a sudden that plugin can't do anything really So You can't call the gdpr compliant Um, what I use is compatible with WordPress's privacy Features or gdpr friendlier or something like that. I prefer using the compatible with WordPress's gdpr or privacy features Um, that doesn't mean you shouldn't do this Taking away the moral and the legal reasons for doing these this this sort of work It's actually when I introduced this into my plugin From a business standpoint. I had number of people who turned who switched from other people's plugins to mine Not everybody does this either through the fact that Plugins abandoned or You know, they have rare reasons for not doing it if you can do this You've opened up a new market particularly a european focus market to to your features, which is great when you get more customers And further reading is available at developers.wordpress.org For such plugins for such privacy. There's a lot of really really useful examples on this I have raced through that The offer bow. Thank you very much and I'm happy to take a few questions and So you mentioned about this is not specifically about your your But the privacy stuff mentioned like that a user would submit a request to a delete or to access How Yeah, I mean what I mean generally I would assume just like a contact form Right, so you're built in core way that That like puts a form there that I I don't think there is to the best of my knowledge I would do Just if you put in your privacy policy, I'm assuming If you if you want to put a request in Either email this. I mean this is this is more for stuff that I've done outside of this This is for client stuff is when they free written the privacy policy. They've usually included the email address Any In terms of Data solutions is there any move from wordpress to give us functionality to do Automated housekeeping by having expiry dates against the data I don't it's a it's a very open-ended question because there's no one kind of data No, but to give us the opportunity to again So maybe I keep your data for five years and yours for seven years Again, and also it's granular So you may have multiple pieces of data in a single record which would have different Deletion dates one thing we're looking at is putting a did we do this? I don't know if we did this but putting Um, I'll fiscating the personal data out of comments after I think there at all time was six months so that after six months It's just the name. It's not the IP address um If you'd like us to build that functionality for certain things we can look at that but because it's so granular It's really difficult to provide a one-size-fits-all Situation. Yeah, so it almost becomes This is why risa's talk was so so valuable because He's showing how he put that into one specific plugin for one specific purpose As well as to try to create some sort of universal functionality Yeah, so if there's any specific specific user case you need it for I'd love to hear about it thinking like medical records Like small businesses Yeah, and I know that they're going through their metal filing cabinets after so many years and pulling them out And working all you know, could we not do something for them and you know, it'd be Specific to them so they could put their own time scale on but yeah, and that again That's assuming that all the records that you need to delete live within a WordPress database. Yeah, exactly. Yeah, it's really It's not it's not an easy So what we're doing in the core privacy team is we're encouraging people to come to us with these specific cases Like tell us what we need to build because we're very much working off of A theoretical and very knowledgeable basis, but what we're missing is people say like right if I have x plugin that does x Help me with this. So yeah, please come to us with that one thing I do um when I talked about scrapping the The work that I'd already done. I did actually keep some of it um, and one of the features I did keep was the automatic deletion of the um of the So basically the way in which my plugin works is it stores data in one table that and then moves it to another table Once it's You know once people have compared when it's in the first table I put in I've put in something into my plugin that basically wants every Day, I think it does it deletes data that's older than three months because the chances are they're not going to click on it Yeah, so for something like that I built I kept that Which is just a very very simple function You can write it yourself, but again That's because I know the data I'm working with. Yeah, I know what to do with it. So That's why any other general privacy questions Yes, it's a quick question. Um that bit of code that you kept yeah, would it be possible to Um abstract that so that say I could say Now that I know what data I'm working with the law says I need to keep it for five years and then I can just say all right So like five five years and then it will run once every day to check Oh, how old is this data? Oh, it's five years old now. Then it then just exposes that Yeah, uh, it would be possible. Um To be honest it's It's fairly simple So it's one of those things where it's like if I because it's because it's like it's specifically designed for my plugin It's actually really really kind of it's about four or five lines of code Um, just open the database check check a date record and things like that Um It depends again the thing is so because I know that there's a date record in my table So I know this is this is where to go from um Once people will store data people will store dates in various different formats Some people will store it in the text field some people will store it As a as a proper date time object and things like that. So it would be kind of tricky to kind of Do it, but so this is this is why I kind of say I mean I can put it up and and you can you can see it and and and start from there. That's that's not a problem, but It's it's quite tricky to generalize it because of that off the top of my head But uh, I can certainly show you it and if you if you want to see it Yeah, I was just going to say that you know Because you've already done it it might be a great like Hopefully it's not the correct word, but something that people can look at and be like oh Maybe I should just yeah make sure that I'm storing my dates correctly so that I can check them. Yeah, probably I mean within this is because I mean For my plugin I have to go in When I update when I release this version I actually added the date column because it wasn't there to begin with when it was in one of the tables It wasn't in the other So I actually did that retrospectively kind of um, yeah, I mean store dates as Proper date time objects and that way it's a lot easier to to work with the manipulators Seems a lot of minutes. Can you do a live demonstration of it? I'll have to see No pressure Reese. Okay So so what do you want? So what do you want a live demonstration just just what you was talking about? Are we set for time? Go over 10 minutes. I think All right, here we go Don't normally go around us like this Got david in here at 12 so we do have a wee bit of time. Okay Yeah, I'd rather you actually do a live demo than talk about the background image again Oh god, he's gonna talk about you Hmm Just had a comment about time I'm gonna talk to you then I am and this is all due to me so In my world Data has to be held to the only For the amount of time it's Yes, that's all of our world now. Yeah. Yeah. Yeah, probably for that. You know, it's seven years five years But then that's okay, but so things can change if you have to get rid of it after you stop using it I'm not I don't know masking here or it's not so we should get it So so there's there's No throwing out the baby with the bath water is Any data that you are obliged to keep for any other statutory reason does not have to be wiped out That's one of the most commonly that that's the two most commonly misunderstood aspects of the right to be forgotten or number two You have to leave everything and number two. It is a universal right. No, it's the right to oppressed it The right what I always tell people is the right to be forgotten is not the right to fly under the radar So for example, you have to keep seven years of purchasing sales records for tax purposes It's even more. I think in Italy. It's 10 years you so the trick the Challenge for us is have you come up with a means of deleting the information? You don't have to keep which frankly shouldn't be on your database And keep still keep those records unique for other statutory purposes other thing is like if you've got like Um Someone who's abusing the system trying to hack in or whatever you don't have to delete that record So there's no Black and white binary key for delete Be aware of what information and data you have to keep for statutory purposes and then What the ICO would like to see is that you come up with a data retention and deletion schedule for everything you hold How you define how long you keep that data? It's entirely up to you as long as you can document justify it You say we keep all Contact form submissions for a year For x y and z reasons, that's fine as long as you can justify what they're looking for is people who have You know the the proper full case. I always talk about in the conference speaking The the charity that had five years of contact form submissions of people's sensitive medical data on the website database Hacked, you know, there's no reason for any of that those forms to be there for more than six weeks They had five years worth so it's 5 000 confidential medical records leak As long as you can explain and justify why you're doing things They're fine with that But as I advise people make sure it passes the laugh test You know if your explanation would make someone laugh at you you need to go back and revise it nobody should be surprised Nobody should be surprised with that god This is one of the really healthy things that I found in all the gdpr work I've done it's making people go back and say okay. What do we have? Where do we have it? Oh my god? We've got You know Zip drives. We've got paper files. Um, I love this giant purge that's happened in the past six months of like completely useless Paper and terabytes of outdated data that just didn't have to be there I suddenly get why we uh Because I've been working away and I'll just be like it Okay, so very very quickly. So when you log into my plugin, um, you there's a box here called enable gdpr This is all the features that I've kept Um, I've put the privacy policy thing in here, which is basically replicated on the privacy policy Section, so I've got the thing here which way how long do you want to keep the data on your server? Um, so for example the 10 days Now you see here, I've signed up to this email address this email address has probably been It's longer than 10 days ago. So in theory that should well, I won't delete actually Because it needs to run It needs to run once per hour So what will happen will be at some point that will be deleted within the next hour or so As in the code The code is run In this line here, which is an hourly function So this is like a cronjarder runs once an hour and this is the gdpr So if you ever capture gdpr deletion um When you go to it This is the function that kind of runs I'm still i'm still fairly new with uh, so Basically just a function that runs every hour um If the gdpr features are enabled Uh, you get the unit the unit is days weeks months or whatever and the number is the 10 that I put there It then says well, basically if the if we have a unit so it's present and the number is more than zero Uh, we've grabbed the time string Which converts it from So basically we we we get the time of now And we get uh, we convert it into the mysql day form that we should hear Wednesday hours seconds It then runs uh A couple of sql queries, which is basically delete from the 10 member table and register member table where the date is uh less than What the date is um And it just runs those queries and that's all it does That's that that that that that's that's pretty much needs what what I do Because as I said, this is this is built for this purpose or anything like that Um, sorry, is that just a normal WordPress cron job? Yeah, so yeah, I mean Can't be asked when it comes to WordPress cron jobs is that it doesn't necessarily run every hour because Last thing I'll say before I make you wrap up is that we're actually that slide or the page with all the developer tools Yeah, um instructions. We're looking at that this month We're going to give it a fresh look because we haven't really looked at in six months We pushed everything out for gdpr now that we're moving into v2 We're gonna have a look and if there's anything you need as a developer or you need that you want us to put in there Please let us know. Yeah, we're gonna help