[wp-hackers] Revisiting phone home and privacy

Lynne Pope lynne.pope at gmail.com
Thu Dec 10 00:20:18 UTC 2009

The first rule of data privacy is only collect what is absolutely necessary.
The second rule is to ensure people know what is collected and how it is

Depending on legal juridiction, there is a third rule - disclosure of
information must be optional and opt-in.

None of these apply to WordPress.

It is not necessary to collect information about plugins and themes that are
external to the repository. There is no valid reason for descriptions to be
collected. Each update query sends the IP address which is, itself, a unique
identifier - associating the blog URL to the rest of the data is

We can all argue till the cows come home but it won't change the fact that
some users (of those who are aware that this data is even being sent) are
concerned and are being disadvantaged due to privacy concerns. These can be
alleviated very easily and would buy a lot of goodwill in the process.


More information about the wp-hackers mailing list