Make your WordPress website GDPR compliant – YouTube

Make your WordPress website GDPR compliant

Because of various privacy laws, it’s necessary to have a compliant website. One of the most important and most heard privacy concerns is GDPR which mandates explicit “cookie consent” and “right to forget”. In this YouTube video, I demonstrate how to make your WordPress website GDPR compliant.

A word on existing WordPress GPDR articles flaws

GDPR obviously is not a new law. It’s in effect for more than two years which makes one considers that all related topics already covered and saturated. This is particularly true in the WordPress world as it is the number one CMS by far. Indeed tons of WordPress tutorials available that explain how to make WordPress websites comply with GDPR (by asking explicit consent).

However, most of them have one flaw and that is:

It’s NOT OK to set third-party cookies before a user’s consent

Displaying a banner to ask consent is simply not sufficient. A user should have an option to reject “non-functional” cookies. And a website should not set any third-party cookies before getting the consent. Although, many websites do that.

That’s why most of the WordPress GDPR articles only explain adding a related plugin and then imply that “you are done” which is not the case. For example, plugins with similar functionalities to Cookie Notice are advertised quite often. In reality, the Cookie Notice plugin is just a consent banner. It only sets a cookie that indicates whether a visitor has given consent or not. It does not add any other functionalities like blocking third-party cookies. As the authors’ state in the plugin description, one has to add custom codes for more features.

What I’ve discussed above is a clear classic misrepresentation of Cookie Notice plugin (by some poorly written WordPress articles). Unfortunately, those articles often found on the first page of Google search results.

The solution to block all third-party cookies in WordPress

If you don’t have the necessary coding skills to block third-party cookies, you left with two choices:

  • Hire someone
  • Find a plugin and thoroughly test it

Using a plugin may seem contradictory to what stated in the previous section at first glance but it’s not. The main issue is not the avoidance of using a plugin. It’s the false representation that a plugin does something whereas it does not. Hence, the only way to find out is trial and error.

That seems quite a tedious task as there are many GDPR cookie-related plugins. And testing each requires at least 10-15 minutes. But it’s not. You can adjust the criteria when searching for a plugin on wordpress.org. That should reduce the subset. Additionally, avoid plugins that do not have many active installations and/or have not updated more than 3 months. Then, read the description of each plugin carefully and try to look for words like “third-party cookie blocking”.

Once you have the final list, sort them based on the active installation, and start the trial and error process. Keep a couple of incognito tabs to inspect whether the plugin blocks third-party cookies before the user’s consent. A way to detect if all third-party cookies are blocked is that no embedded content (e.g. YouTube) should be rendered.

One of the good plugins that blocks third-party rather decently is Complianz | GDPR/CCPA Cookie Consent. Additionally, helps you to generate a cookie policy page with a full-fledged list of cookies used in your site.

For more details take a look at the following YouTube video to learn how to make your WordPress website GDPR compliant using Complianz | GDPR/CCPA Cookie Consent plugin,

Conclusion

There are much misinformation and misrepresentation about WordPress GDPR plugins out there that make solely relying on articles almost impossible. They are usually not trustworthy. The best approach is to read the regulations clearly from the source and accordingly find the appropriate plugin. To test plugins better set up a local WordPress and start the trial and error until finding the right plugin.

Disclaimer: There is nothing against the Cookie Notice plugin. What I explained here is how many WordPress articles misrepresent the functionality of this plugin. Otherwise, the Cookie Notice works as intended according to its description.

Disclaimer: We are not endorsing the usage of Complianz | GDPR/CCPA Cookie Consent plugin. They neither sponsor this article nor provide any monetary compensation for naming them here. What I have stated about the plugin in both this article and the YouTube video is based on my personal experience. Use Complianz | GDPR/CCPA Cookie Consent plugin on your own risk. Neither Geeky Hacker nor the article’s author is responsible, liable, and accountable for any damages, losses, misuses by using the aforementioned plugin. It’s a third-party plugin that we don’t have control over it.

Inline/featured images credits

For more WordPress related articles check here.