Add notice about usage tracking in updater #164
Comments
timbocode
changed the title
|
After discussions with Tim Kaye, it was agreed that all we need to do is to add a note to make it clear that we are logging the URL. I would suggest something along the following lines but feel free to adjust as you see fit:
|
|
Note that the Update Manager plugin does not collect, store, or track this information. The information is collected, stored, and displayed by an extension written by a 3rd party. If you look at your Privacy page (in your dashboard) the Update Manager plugin fully discloses what data it uses, how, and why. This is also described in item 2 of the FAQ. |
|
Yes, it was pointed out to me today that this was an extension for your plugin. I've updated my original post to reflect this. I don't have the plugin installed at present so I haven't seen the privacy messages. This issue is still valid though. We do need to make it clear to users that Classic Commerce tracks usage and data is logged. |
|
No worries, just wanted to point you in the right direction for finding the Update Manager's disclosures. :) |
|
After further discussions, it has been agreed that we should seek the users' permission before logging the data, even though legally we are not obligated to. I would therefore suggest something similar to the following on the General tab in CC settings:
Suggestions for a better form of wording are welcome. |
|
Thanks for this. Wouldn’t this be best suited in the accounts and privacy section? |
|
You could make an argument for putting it there but the reasons I thought it would be better on the General tab are twofold: a) it makes it much more visible and perhaps less likely to be ignored if than if buried amongst other privacy settings. As this setting will be "off" by default, we want it to be seen so that as many people as possible switch it on. But I'm open to suggestions. |
|
I agree with @bahiirwa that this belongs in the Privacy tab. If you want to raise visibility, move the privacy tab to the first position, or, better (IMHO) show an admin notice in the CC admin which links the user to the correct tab to make the choice. Just my .02. :D |
|
I foresee a number of nagging notices for the user and this could lead to some ignoring the message. How about we add a submenu link under commerce menu to accounts & Privacy? Plausible to move the privacy to first tab. |
|
I wouldn't exactly call it a nagging notice. I've gone out of my way to make it look just like any other setting. The sort of setting you set once when you're first setting up CC and then forget about. The settings on the Accounts & Privacy tab are likely to be the ones that get left at the default settings which in this case would mean that the data usage stats would remain off. Not keen on rearranging the position of the tabs. |
|
I mean, if we contrast one plugin to the other plugins that are installed and have so many notices.
|
|
Nags are definitely something to be avoided. I am concerned though that if we add it to the Accounts & Privacy tab, it'll just get ignored. But by placing it on the General tab in the main CC settings area, it's stands a much better chance of being seen and activated. If you like, we could, as John says, begin by adding a notice (not a nag) on the General tab telling people to visit the Accounts & Privacy tab (and why) and see what the opt-in is like. I'd be interested to see what @simplycomputing's thoughts are before making any final decision. |
So the default is not ticked? In that case I think it's a pointless exercise. It won't get ticked. I wouldn't tick it. I make a point of never ticking those sort of boxes. So the data we collect will not be that useful since it will be way lower than the true figure. I would have it under the Privacy tab and ticked. You can include a short note somewhere informing people and telling them that if they don't want to be logged they need to untick it. |
|
OK. Having gone back and re-read all relevant posts and chats, I think that the opt-out approach is acceptable in which case, the setting can go on the Accounts & Privacy tab. This is what I had in mind:
It could maybe even go at the bottom of that page. Thoughts? |
|
I don’t think we need to move it. We can swap the texts as in the picture below. As for a notice, we can make one similar to the one that talks about the setting in the customizer.
We don’t need to move it down if this proposed change is taken into account. The note would stay prominent. |
Just to clarify: |
|
What if you made the setting enabled by default and kept the checkbox in the Privacy tab... then, when the plugin is activated, it could show a single notice that says, ie, "This plugin collects anonymized data, click here to opt-out." with the link leading them to the checkbox setting. Of course, this would be dependent upon whether the CP directory will require things like this to be disabled by default. |
|
Let's fly with John's idea. Pushing this to RC1 -+. |
|
Explaining why we are collecting the data is mandatory. Informing people that the data is anonymised is more likely to encourage them to leave it enabled. In my view, this is just a plugin setting (not a notice or nag) so I think it belongs on the tabs along with all other CC settings. I already changed the setting so that it is opt-out and therefore enabled by default. Modified version:
|
|
I think it works fine this way, with the exception that it doesn't match the other inputs and descriptor labels. It should be a single line and all lables should be using the Also, the left-text is too wordy... it need not be a sentence. The right side would be enhanced with a link to a sample. For example: Anonymous Data Collection [checkbox] Allow us to collect anonymized data. See a sample of the data collected. |
|
Yes, I agree. I'd inadvertently set ' How does this look?
It looks much tidier with the Anonymous data collection on the one line. |
Consistent. 👍 |
|
With link:
I think the link should go to a page on classiccommerce.cc. What do you think? |
|
The link should span only; data collected. Also, the word "Yes" is redundant here... the checkbox means yes. The example from above seems ideal to me.
|
|
I'm good with that. |
|
(Except my inconsistent caps on the left side... they don't match the existing entries) |
|
|
|
Actually, one last point. Is there any reason you are putting it at the very top of that page? I would set it between the "Privacy Policy" and the "Personal data retention". Or maybe even below the "Personal data retention" block. |
|
No, not really. I did suggest earlier that we could consider moving it to the bottom of the page. I don't want it to look as though we're trying to hide it though. That's my only concern. |
|
It makes more sense further down to me. Around "Personal data retention". We aren't doing anything wrong (as Tim has said)... it's just a courtesy thing. And yes... I would like to hide it as much as possible. :-) The boxes at the top of the screen are ones I do set on a site. The ones below not so much. |
|
To be clear, I'm not really trying to hide it as such. I just want it to be given the prominence it deserves (which I consider to be very, very minor) . |
|
Here's the gist https://gist.github.com/timbocode/d04c8fba4744da6e75ad2473e26fcdfd Put the code between lines 43 and 62 wherever you like. You'll also need to update line 38. Then you need to do the logic. |
timbocode
assigned bahiirwa, johnalarcon and ghost
and unassigned timbocode and johnalarcon
|
Introduced a PR based on this conversation. These are the notices from CC but dismissible.
|
|
It's bad form to place plugin-specific notices in the global dashboard, unless it's for something critical like a needed security update. These notices should be constrained to the plugin's own admin page(s). |
bahiirwa
added
Has PR
Currently WooCommerce and CC don't have an admin page specific to this. This might be something we need to introduce for this purpose. This particular task has also opened up other issues, we might need to split the accounts & privacy tabs to individual tabs. It's a huge mash up in there. |
|
Ignore that. It will be closed with PR #166 |
A 3rd party extension to Codepotent's plugin updater has the facility to track plugin usage as shown in this example:
We need to make sure that users are aware that their usage is being tracked in this way
and I would also suggest that we make this an opt-in feature.We can try to discourage people from opting out by explaining that their data is anonymised and that the data is extremely useful to us during the development and testing stages. But I do think they need to have a choice.As things stand, this potentially breaches GDPR and possibly other privacy laws too.The text was updated successfully, but these errors were encountered: