Cross-CMS Compliance Coalition
This repository has been created as result of the meeting between representatives from the WordPress core-privacy team and members of the Joomla GDPR Compliance Team, following earlier meetings held at Drupal Europe in September 2018 with participants in Drupal's privacy work.
About this work
Over the past year, CMS projects have taken a new focus on online privacy, largely spurred by compliance requirements for Europe's General Data Protection Regulation. Although that work is now largely completed, the work gave each project useful practical experience in
- creating privacy teams
- planning and structuring work on a volunteer-led basis
- advocating for the inclusion of the privacy work within release schedules.
The compliance work also led each project to understand that privacy is about taking a proactive approach, and deploying the concepts of privacy by design and other best practices as integrated standards throughout CMS projects, and is not merely about coding reactive fixes related to specific legal requirements.
While other legal compliance requirements lie ahead for 2019, there is an ongoing and greater need to develop open and univeral standards for defining and validating privacy work as a principle.
At the heart of this is the belief that privacy is about protecting and empowering users by safeguarding their data and giving them rights over it.
About the proposed coalition
At Drupal Europe in September 2018, contributors from various CMS privacy initiatives met together and compared notes from our respective experiences in a friendly, mutually supportive setting. We realised that although our work is structured very differently from code, structure, and project governance perspectives, we had more in common that that which divided us.
This led us to agree to put in a proposal to the Drupal project to formally support the group.. The group would then be hosted and run through the Drupal project structure for everyday administrative support. In our proposal, Chris Teitzel stated:
"The idea is that through collaboration, the open source community can help shape the online community into one that values the user’s data and privacy through a positive and proactive approach to building guidelines, policies, and tools, rather than a negative and responsive approach to compliance as a legal obligation.
In order to build the community necessary to take on this task, it is proposed that each project would nominate a handful of representatives to meet on a regular basis and to work to implement the guidelines and outcomes from the group into their project. By synchronizing efforts and sharing tooling across common code libraries, a broader basis for security and privacy focused features can be created in the open source community.
By taking a stance alongside WordPress, Drupal has the ability to be part of shaping privacy in the open web. The combined reach of the two projects alone is immense. Setting a foundation for privacy in the project will help to continue to the message of a free and open web that Drupal was built on."
The proposal is pending formal approval but received verbal support from Dries Buytaert.
Drupal, Joomla, and WordPress have a combined market share of 71% as of December 2018. The potential of this group to make a meaningful difference in online privacy for 71% of the web is tremendous.
The aim of this repo is to have a common space where to collect and share knowledge and information about the initiative.
The Joomla team has posted meeting minutes from an introductory conversation here: Meeting Minutes December 06, 2018
The attendees would hope that the meeting could result as the foundation of this new cross-community initiative and would like to invite Chris Teitzel and other members from the WordPress, Drupal and Joomla Communities to join this informal group and share their knowledge and efforts.
If you want to join the initiative feel free to contact firstname.lastname@example.org