Will this theme component be included in official one day? I tend to stay away from unofficial stuff as much as possible due to maintenance and stability reasons. But since this plugin is from a Discourse developer (right?) and since the plugin is already a few years old, I suppose it’s mature and maintained well enough to get the official label?
2 Likes
I’m totally wrong guy to answer but from my point of view it can’t or should be official just because of pure technical reason. It still doesn’t fulfill demands of GDPR, does it?
1 Like
The plugin in itself is just one of the steps to become GDPR compliant. It really depends on how you organize your Discourse. Your privacy statement is what determines that, not this plugin. So if that was the expectation of anyone, then that will indeed never be fulfilled. However, having a cookie notice popup, it does that quite well it seems.
2 Likes
Are you saying I have to use another tools to clean off cookies that did not get consent and this is just another pure informative banner? Then it isn’t GDPR compliant. We can’t
- just tell
- close doors without consent
- ask consent and no matter what an user answers just offers all cookies
That’s why cookies, consent and GDPR is so big pain in the tender places.
If we have only technical cookies without any connections to users there is no need to ask consent — and that plugin is unnecessary. Any banner can do the job.
1 Like
All that doesn’t matter for making it official. That’s up to the admin to determine if this cookie consent is needed and what to include in there.
1 Like
It matters tremendously if it misleads site operators into thinking that it fulfills their obligations with regards to cookies under the GDPR.
As outlined in the OP:
It’s important that site operators see this before implementing it. If there’s a simple checkbox in settings to enable a banner they’re much less likely to realize the gap here.
2 Likes
I get that, but from my point of view an official theme component does not equal zero configuration. It just means that the plugin is recognized by the Discourse devs and thus gets proper maintenance for stability and compatbility.
There is also a Matomo theme component, which is official. The defaults are not GDPR compliant. I created a PR to add the options to make it compliant. But in the merge it was not decided to make those extra settings the default. And I’m okay with that, because in the end it is always the admin’s responsibility to make sure things are configured in a proper way. And this warning you quote here should make that also clear. The theme component is also not called “GDPR compliance”, it’s just a consent banner.
But I guess I can conclude that this plugin does get official-like care, but just not the official label due to legal concerns or miscommunication to the Discourse admins? Because then I’ll just run with it and make an exception for this component.
2 Likes
Actually are.
But let’s be straight. You just want that small green dot before you install it. That’s it. So from your point of view the function of the plugin is not important, but the small grafical sign of ”official” is. Just install it and that’s it. Problem solved.
1 Like
No, they are not for Matomo. If you think it is because it has the official tag, then I get your confusion.
An official tag means it’s officially supported by the Discourse devs, right? Not plug and play ready without any configuration or (legal) worries. Which seems to be the reason to not give it the official tag according to you and Stephen?
To me the official tag just tells me that this plugin is tested by the devs with new releases and I don’t have to worry about breaking changes when I upgrade Discourse.
Maybe it’s better if @tshenry answers this question? Because like you already noted, you’re not the one to ask or answer this question. @tshenry is there a reason why this component isn’t official yet? Is that because the component is not deemed as mature/stable/important or something like that? Or is that because the official tag may give admins the feeling that just this component will magically give GDPR compliance and you don’t want to create this miscommunication?
2 Likes