Members - Privacy Caps

Creates additional capabilities for control over WordPress’ privacy and personal data features (GDPR).

About this plugin

Usage

The plugin adds the following capabilities to the “General” tab on the edit role screen:

  • Manage Privacy Options (manage_privacy_options) – Allows you to manage the site or network’s privacy options, including the privacy page.

The plugin adds the following capabilities to the “Users” tab on the edit role screen:

  • Export Others’ Personal Data (export_others_personal_data) – Allows you to export personal data for users other than your own.
  • Erase Others’ Personal Data (erase_others_personal_data) – Allows you to erase personal data for users other than your own.

Managing privacy options

Currently, there’s a bug in WordPress (Trac ticket) that won’t allow users without manage_options to see sub-menu items of “Settings” in the admin, even if the user has permission to do so. There’s nothing this plugin can do to address this. Therefore, if you have the manage_privacy_options but not the manage_options capability, you won’t be able to access the Settings > Privacy page in the admin.

However, you will be able to edit the Privacy Policy page if one has been set for the site under the “Pages” screen in the admin. Of course, you’ll need the appropriate page-editing capabilities for editing the page.

A good use case for this is to give Editors (or a similar role) the manage_privacy_options cap to allow them to actually make copyediting changes to the page.

Erasing personal data

The erase_others_personal_data capability must be used in conjunction with the delete_users capability. This is how core WP is set up. It makes sense when you think about it. Users shouldn’t be able to erase others’ data without high enough permission to actually delete the actual user account.

Multisite

If you’re on a multisite setup, the new capabilities (see above) are not automatically added to administrators on each sub-site. This is because WordPress, by default, considers the privacy and personal data features a “super admin” privilege. You may assign these capabilities to administrators or other roles on a per-site basis if you feel like your administrators should have these permissions.