Wordpress 4.9.6

A review of WordPress 4.9.6 ‘the GDPR update’

Blog Audio: Read/listen time: 6 minutes

So you’re probably asking yourself

“whats so special about this update that it requires a blog post?”

So if you’re in Europe, or if you are outside of Europe but service EU residents via your website, you may have heard about this little thing called GDPR. GDPR is a pretty major change in how we enable visitors to websites to control their personal information.

I won’t go into depth about what GDPR is here, you probably know that already or you wouldn’t be reading this. Instead, I will cut to the chase about tools and features which WordPress 4.9.6 introduces to your website which can help you towards achieving compliance with the General Data Protection Regulations. Find out what a website consultant does or if you want to go and read a bit more about GDPR first then I have a really brief summary of GDPR here, and you can read a lot more fantastic information over at the Information Commissioners Office (ICO) here.

Without further delay, let’s get to it!

Why is this update so important?

This update introduces a number of privacy-related tools and settings into WordPress which can help you both in your role as a site owner or manager and as your role as a user of other websites yourself.

GDPR introduces some rights that EU residents have over the management of their data:

  • the right to be informed
  • the right of access
  • the right of rectification
  • the right of erasure
  • the right to restrict processing
  • the right to data portability
  • the right to object
  • the right not to be subject to automated decision making/profiling

The latest WordPress update has introduced a number of tools, and a few features to help you in supporting the rights listed above.

What do you have to do?

You may find that your WordPress version has been automatically updated via your hosting company or another service or even by someone that updates your website for you. If that isn’t the case you can run the update by going to ‘updates’ in your WordPress dashboard and installing it from there. Don’t forget to run a backup of your site and database first! That’s really important.

Unlike a major release of WordPress, you won’t be hit in the face with a huge notice about the new privacy features. Its almost totally fitting that the new privacy features have been installed without fanfare and only a simple pop up to let you know. When you log in after installing the update you will see the above images:



Just as most WordPress themes allow you to nominate a page as your homepage, and a page for blog posts, the latest WordPress 4.9.6 update has added the function to nominate an existing page as a Privacy Policy. If you don’t already have a Privacy Policy on your website you are also given the option to create a new one, using some suggested content (and a helpful guide) provided by those kind WordPress developers.

It is worth stressing here that you WILL need to tailor this page to meet your own requirements. But, if you don’t know much about privacy policies and GDPR this will give you a head start and certainly prompt you to take a more critical look at your site.



As mentioned above, EU residents have a number of rights which from 25th May  2018 allow them to edit, restrict, delete, move their data. This latest update to WordPress helps site owners provide some of this functionality, most notably, the ability to request deletion of data and the ability to download their data.

These tools help satisfy at least some of the administrative tasks that site owners may have to carry out as users get savvier with their data management. The two images above show you how you can ‘Erase Personal Data’ and how you can ‘Export Personal Data’.

As you would expect, to avoid the malicious deletion of other peoples’ data, these tools on your WordPress website request confirmation via the users’ email address that they would like this activity to be carried out.

A particularly nice touch is the statistics showing the site operator how many pending, confirmed, failed and completed Erasures and Exports have occurred.

So how does this help you with GDPR compliance?

Until today WordPress and therefore the majority of the worlds websites have been a bit lacking in terms of built-in privacy features. This update is very important for the simple reason that it marks a change in attitude towards privacy. Privacy will now be considered at the root of all design decisions, as it should be, and I think most of us would agree, probably always should have been.

The web has become a central part of our social interaction, work, play, even in how we control our heating and household automation. It is absolutely right, and probably long overdue, that more control is given to users about what information is recorded, how long for, and what is done with it

Now you, the site owner have tools at your disposal that empower visitors. Not only is this important to help you adhere to the law, it is important because it builds trust between businesses and their customers. Trust which has been slowly but surely eroded with ruthless and manipulative marketing activities.

GDPR changes everything and with Privacy (and in this instance, it deserves a capital P) now being considered during design, I think we will grow to rebuild some of that eroded trust in the web.


The privacy updates in the latest version of WordPress help us as site operators and owners, comply with the new laws coming in. We will, I am sure, see these tools and features added to and improved over the next year. Not only will these tools become an important aspect of the services we provide, but it will help us keep our marketing efforts targeted and ultimately improve conversion rates.

Although in the short term GDPR may be a shock to our systems and processes, it will lead to cleaner, more useful marketing which is laser focused actually wanted by the recipient. I fail to see a loser in that situation.

The deadline is coming fast. What can you do?

Paul Edwards is a Web Consultant & Front-End Developer in Worthing, West Sussex.

Paul can help you:

  1. Carry out an audit/privacy impact assessment on your website
  2. Generate a list of issues which need action
  3. Prioritise tasks in order of importance and impact
  4. Correct any issues in accordance with an agreed plan of action
  5. Provide ongoing website care

To discuss moving your website towards GDPR compliance call Paul on 01903 527927.

Head and shoulder picture of Paul Edwards, a web consultant in worthing. Paul is smiling, has blue eyes and spiky hair and a short beard.