WordPress Plugin Authors: Be Up Front and Honest With Users About Tracking

Tracker TransparencyPlugins collecting information and phoning home to a third-party without the user’s consent is a serious issue in the WordPress community. The WordPress plugin repository guidelines are clear on this matter specifically, point number seven and its sub points. Pooria Asteraky has published a post that explains why there needs to be more transparency across the WordPress community as a whole as it relates to ‘trackers‘ being installed on users sites via WordPress plugins.

GhosterylogoAccording to Pooria, trackers are referred to as tracking codes that collect information such as statistics. After installing a WordPress plugin that provided social sharing buttons, he discovered through the use of Ghostery, that there were thirteen trackers installed on the website. Five of which had nothing to do with social networks. The rest of the post goes on to explain why this is not a good thing for the WordPress community and calls on webmasters, plugin authors, and everyone else on the web to be completely transparent regarding the trackers that are being used on their sites.

The Community Does A Good Job Policing Itself

WordPress is open source and so are all of the plugins hosted within the plugin repository. While there are plugin reviewers that voluntarily do their best to make sure nothing malicious ends up in the repository, some plugins slip through the cracks. However, because of the size of the WordPress userbase and how easy it is to look at the plugin’s code, those plugins usually don’t last long in the wild. If you come across a plugin that you think is doing something malicious and it’s on the WordPress plugin repository, contact plugins at wordpress.org. Someone from the review team will take a look at the issue and act accordingly.

Complete Transparency Is A Pipe Dream

Near the end of the post, Pooria outlines the final goal of transparency.

The final goal of transparency is to encourage all WordPress Users ( Webmasters) to publicly announce all the trackers and cookies of their sites to the public ( visitors and viewers of WordPress Sites).

This is a goal that in my opinion, will never be realized. Otto makes a number of points I agree with. I think it’s asking too much for webmasters to list out ad scripts, cookies, trackers, analytics, etc to their website for public display. In fact, it should be assumed that any webpage a user visits will be running some sort of statistic gathering software or leave cookies behind in the browser. This is the nature of the web. It’s not like users don’t have an option to combat these assumptions. There are a myriad of tools available such as browser extensions, desktop software, and privacy settings within the browser.

The Correct Way To Gather Usage Info Within Plugins

If you’re going to track users of your plugin, I highly suggest going about it the same way as Joost de Valk. WordPress SEO developed by Joost de Valk will ask users after they have activated the plugin for the first time whether or not they want to enable tracking.

Yoast SEO Tracking
Tracking Done The Right Way

This is an acceptable method within the WordPress plugin repository guidelines as it’s asking for the users consent.

Be Up Front and Honest With Users

Between the plugin review team and the WordPress community, most users don’t have anything to worry about. It’s not that gathering usage information is bad as it’s a wonderful way to track data to improve software. What’s bad is gathering that information without anyone knowing it’s taking place. As a plugin author, do the right thing. Be up front and honest about gathering usage data. Give users the choice and for those users that enable tracking, don’t give them a reason to lose their trust.

9 Comments


  1. Maybe WordPress core should present users with information that states something to the effect of: WordPress enables Gravatar by default. When Gravatar is enabled, your IP address and a referring URL are sent to third-party servers owned by Automattic, Inc. on every page load. This information could be used to track your browsing activities and interests by Automattic and/or anyone they chose to share the information with. This also applies to everyone that visits your site. When put in context, WordPress runs 20% of the web, so when enabling this service you’re adding to a global tracking network owned by a third party commercial entity whose goals and philosophies may or may not align with yours, now and/or in the future. To disable Gravatar, click here.

    Report


  2. I completely agree with the article, and this is the way I have implemented tracking within my WP RSS Aggregator plugin. Another good example is Easy Digital Downloads, in that plugin the author offers a discount on other add-ons if the user enables tracking.

    On a related note, it would also be useful to know what data the WordPress software and related services such as Gravatar are sending back. I’m also of the opinion that there is not enough data being provided to plugin developers, which what motivates many developers to install tracking systems. As developers it is very useful for us to know which versions are in use for example. Before there used to be the version pie chart on the Stats page of a plugin, but it is no longer being displayed.

    Report


  3. @Jean Galea – You can read all about it in this ticket: http://core.trac.wordpress.org/ticket/14682 comment towards the end has link to incident revolving Gravatar that has cost some people their jobs etc. There is also video presentation showing that sites using Gravatar makes available data that can be used for nefarious purposes.

    Report


  4. Might be good too note that a person revealed through the Gravatar system had a bomb put in his frontdoor mailbox last night. It could be unrelated but timing suggest its connected.

    Report


  5. I certainly did not know about the gravatar leak. By it raises questions for me.
    1. Living in Europe I am required to let every visitor know about any tracking cookies that may exist on the site. However if visitors leaving comments on a wordpress install are able to be identify then they could be tracked. Am I breaking the law by not declaring this leak of privacy?

    2. Should it be in my privacy policy?

    3 Why are automattic not being open with their users? If the EU decide to prosecute can I lead innocence because Matt was keeping me as a non technie in the dark? Or have automattic inc got a special disclaimer that covers this liability for them and us as users?

    Ron

    Report


  6. Plugins collecting information and phoning home to a third-party without the user’s consent is a serious issue in the WordPress community.

    Whaaaaat?!?

    *Cough*! *Cough*! *Cough*!

    [Catches breath…]

    Can we please address WordPress itself before trying to give lessons to plugin and theme authors?

    Phones home with a lot more information than it should? Check.

    Collects information on its users using Gravatars and pray tell what else? Check.

    Creates potential privacy issues in the process by exposing md5’d versions of commenter email addresses? Check.

    Doesn’t disclose any of the above? Check.

    Doesn’t allow to easily disable any of the above? Check.

    Consistently refused to address any of the above issues for *years*, going as far as closing several related tickets as *won’t fix*? Check.

    No offense, but who the hell do you thing you’re kidding here with this shameless and ludicrous angelic stance?

    WordPress itself is the worst offender in this area. Period, end of story. No ifs, no buts.

    As long as WordPress doesn’t get this right and lead by example, this entire article is moot.

    Report


  7. Wow,

    Where’s Glenn Greenwald when you need him?

    Report


  8. I think it would be nice if there was a policy of disclosing any features which can be used to track you. A lot of plugins and themes implement code which could be used to track you, even though they most likely don’t.

    I don’t think a rule like that would be implemented any time soon though, since WordPress itself would fail such a rule quite badly, but I do think it would be a good thing.

    Report

Comments are closed.