On Thursday, May 17, WordPress 4.9.6 is expected to be publicly released and will include new tools which support Europe’s General Data Protection Regulation (GDPR). This post is to help you prepare for the coming changes.

There are differences in how this update is being implemented on our different platforms.

• On the WordPress.com VIP platform these tools will be disabled.
• On the VIP Go platform these tools will be available, but clients can choose to disable them.

When will the changes be deployed?

On the WordPress.com VIP platform, this update will take place following the public release, which is expected on Thursday, May 17. On the VIP Go platform, this update will take place on Monday, May 21.

What is the GDPR?

The GDPR is a new andfar-reaching privacy regulation from the European Union (EU) that takes effect this month, May 2018.

The GDPR, among other things, requires companies and site owners to be transparent about how they collect, use and share personal data. It also gives individuals more access and more choice when it comes to how their own personal data is collected, used, and shared.

What’s changing?

There are five new GDPR tools in this release: a privacy policy page, a privacy policy editing helper, a personal data export tool, a personal data erasure tool, and a comment form checkbox.

1. Privacy Policy Page
   This is now a setting under wp-admin > Settings. It lets you designate or create a privacy policy page.
2. Privacy Policy Editing Helper
   This tool gathers privacy policy declarations from plugins that support them into a copy and pasteable view above the page editor when editing the privacy policy page. It also highlights when a plugin’s declarations change.
3. Personal Data Export tool
   This tool is designed around GDPR Right of Access requests. You can find it under wp-admin > Tools. It allows administrators to send a confirmation link to users to confirm their personal data export request, and lets administrators download or directly email a personal data export as a ZIP file. It includes hooks for plugins to add contributions to the report.
4. Personal Data Erasure tool
   This tool is designed around GDPR Right to Erasure requests. You can find it under wp-admin > Tools. It allows administrators to send a confirmation link to users to confirm their personal data erasure request. It does the following:
   1. Allows administrators to run a personal data erasure for those users
   2. Informs administrators of any personal data that was retained by a plugin
   3. Allows administrators to optionally delete registered user accounts
   4. Includes hooks for plugins to erase personal data they collected
   5. Works with new anonymization functions in WordPress core to anonymize things like IP addresses instead of just erasing them
5. Comment Form Cookie Checkbox
   This is a checkbox that appears to logged-out users, getting their permission to store their username, email and website in a browser cookie before doing so.

Personal Data Export and Erasure Tools, as seen in WordPress development version (4.9.6-RC1-43241).

Privacy Policy Page and Editing Helper, as seen in WordPress development version (4.9.6-RC1-43241).

Comment Form Cookie Checkbox, as seen in WordPress development version (4.9.6-RC1-43241).

What about WordPress Multisites?

By default, the tools are disabled in Multisite for single-site administrators, but are still available for Super Admins.

How do I disable the privacy tools?

You can follow the instructions in our documentation.

Where can I get more information?

You can learn more about the release schedule and current feature set for WordPress 4.9.6 on the WordPress.org site.

What do I need to do?

We highly recommend updating your local development environments to the beta release using the Beta Tester plugin or updating it to track trunk (i.e. bleeding edge) via either the Subversion or GitHub repos. (If you’re using VVV, one of the default sites will already be tracking trunk. For Chassis users, you can switch your install to switch over to a separate checkout.)

For sites on VIP Go, you can have your Go-hosted development sites switched to trunk as well. If this is something that interests you, please reach out and we can set it up for you.

What if I find Issues?

If you have testing feedback or questions related to this release, please open a support ticket with details and we will be happy to help.