GDPR

You have undoubtedly heard about GDPR already—the General Data Protection Regulation meant to give citizens back control of their personal data, and taking the form at IBM of a series of regulations and audits and certifications of how personal data is collected, stored, used, and how it can be deleted at the initiation of the user.

Many of you are involved in GDPR exercises in your organizations, and have asked if your devcenters are at risk, if we have statements or assurances we can share, if there is more for you to do.

Having nearly concluded a couple of months of intense auditing and updating our devcenters and other applications, we can say that:

Your devcenters will be GDPR compliant:

  1. Unless you have published custom forms for collecting user data and not taken the proper steps there (there are a few of these, and we’re already working on them) and
  2. Once we remove a few more “tags”, or includes, from the HTML from our devcenters

Jetpack

“Tags” is a general name for services, libraries, and other things that are included in your web pages—things like analytics, web and CSS libraries, testing frameworks, chat services, etc.

In order to comply with GDPR standards, we need to stop a number of services that are included in your devcenters. A big one is Jetpack, which provides a set of features to self-hosted WordPress offerings such as ours, including the inline stats, social sharing, subscriptions, widgets, etc: https://jetpack.com/

This is a significant change to our platform, but it’s one we now need to make.

For some time, we’ve been trying to cease or reduce usage of Jetpack because of its off-domain user data management and the performance penalty our sites pay for loading it.

Many of you find its services convenient for capturing subscriptions, seeing how your site is doing, creating simple widgets. But we have alternatives for some or most of these features. For example, our preferred analytics dashboard is Google Analytics (for now), to which you should have access. We are replacing the social sharing buttons with ones from ibm.com that are compliant. And subscriptions is something we simply can’t accommodate in the way that Jetpack manages it. Look for more information from us about alternatives to Jetpack in our platform coming up.

Timeline

We’re going to turn Jetpack off this coming Friday, May 4th, and remove it from our source base shortly afterwards. You can contact us if you have what you feel are extenuating needs here, but Jetpack is not approved in IBM’s GDPR review process and therefore must be removed from our pages.

15 comments on"GDPR, Jetpack, and your devcenter"

  1. ‘…our preferred analytics dashboard is Google Analytics (for now), to which you should have access’: could you provide information for how to get access to GA?

  2. Ian_Larner May 02, 2018

    Hi Ian,
    I understand the GDPR impact, and have been adding text to forms in use by the Integration site, and have a “Privacy configuration capabilities” doc page to publish soon.

    You mention “Look for more information from us about alternatives to Jetpack in our platform coming up.”

    Maybe the impact of removing Jetpack will not be significant, but if we need to take remedial action to fix use of our devcenters that information should be available before Jetpack is turned off,. I’m concerned the UX will fail or get worse until we can recover.

    Regards,
    Ian

  3. I’m not entirely sure of all our uses of JetPack (I suspect the social media buttons affects us – WASdev – but I’m not sure how it’s implemented at the moment). One thing I am aware of using it for though is auto-publishing new blog posts to Twitter, LinkedIn, etc, which is quite useful. It doesn’t currently do the same for new ‘doc’ articles, which would also be useful.

    Is there any plan to replace this function?

    • There are two kinds of “social” coming from Jetpack, Laura: We are going to have the V18/IBM social icons for push-to-post functionality. But the other thing, where you post to your networks automatically upon publishing, is NOT something we have a replacement for yet.

  4. Esther Dovey May 02, 2018

    Jetpack has said that they will be GDPR-compliant by 25th May. They’ve already released one update towards it, and another should be due this week (they apparently release in the first week of each month). The subscription function is important.

    • Thanks, Esther, that’s very good to know. We’ve talked about GDPR and Jetpack with IBM, and though they may get compliant, our process for certifying that they are so is not going to make it in time, so they *have* to come out. At least until some point down the road.

      But frankly, our team has wanted to try a Jetpack-free WordPress environment for some time, given what a huge, off-domain-hosted, and sometimes performance-bogging feature set it is.

  5. Enabling markdown in the wordpress editor is through JetPack, isn’t it? If that’s turned off, what will happen to our posts written in markdown?

    • Was just looking at this, Laura. Do you guys have MD on staging site? I want to 1) verify that Jetpack-free does not support Markdown (conflicting information) and 2) install an alternative I’ve found.

  6. Jing Zhe Li May 08, 2018

    According to the announcement I found ” For example, our preferred analytics dashboard is Google Analytics (for now)…”. Seems we do NOT need to remove Google Universal Analytics (analytics.js). Right? But I test the page “https://developer.ibm.com/linuxone/” by IBM page audit tool (https://digitalregistry.w3ibm.mybluemix.net/#page_audit_urls/add_urls), still get non-approved issues in report like below.
    Page URL : https://developer.ibm.com/linuxone/
    Tag Name : Google Universal Analytics (analytics.js)
    Parent Tag Name : Google Universal Analytics (analytics.js)
    Parent Tag Status : Non-Approved
    Tag Request URL : https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41146412-1&cid=1787255459.1525681019&jid=8092695&_gid=565113652.1525681019&gjid=906565934&_v=j67&z=1328619139
    We should ignore the error? Or we can fix it?

  7. KerstenRichter May 08, 2018

    So what are the proper steps for forms? I’ve been digging and am still not sure what to do…

Join The Discussion

Your email address will not be published. Required fields are marked *