Easy Digital Downloads 2.9.2 GDPR Tools

As some of you know, we’ve been hard at work getting Easy Digital Downloads (and its extensions) ready for the GDPR deadline. Over the last week, all the work we’ve been doing has culminated into what will be version 2.9.2 of Easy Digital Downloads. With this release, we’ve added a host of hooks and filters, which allow developers integrating with Easy Digital Downloads to process their data for export and erasure alongside of Easy Digital Downloads, instead of having to write all their own routines to do so.

We’ve also included some helper functions to make your export and erasure integrations easier to write.

Export Data

Filters

Filter: edd_privacy_customer_record
Code:

$export_data = apply_filters( 'edd_privacy_customer_record', $export_data, $customer );

This filter will allow developers to put any custom information into the data export for a customer record. This filter supplies you with the data already chosen for export for the customer, as well as the EDD_Customer object itself. Using this filter should return the $export_data array. Items added should be in the following form:

$export_data[] = array(
    'name'  => __( 'Name for the data' ),
    'value' => $value,
);

Filter: edd_privacy_order_details_item
Code:

$data_points = apply_filters( 'edd_privacy_order_details_item', $data_points, $payment );

This filter will allow developers to supply additional information for a specific payment (order) that is being provided to the export. This filter supplies you with the data already chosen for export, as well as the EDD_Payment object. Using this filter should return the $data_points array. Items added should be in the following form:

$data_points[] = array(
    'name'  => __( 'Name for the data' ),
    'value' => $value,
);

Filter: edd_privacy_file_download_log_item
Code:

$data_points = apply_filters( 'edd_privacy_file_download_log_item', $data_points, $log, $log_meta );

Allows developers to supply additional information for the file download log export. This filter will supply you with the existing data, as well as the download log post object, and all the post meta found for the log, so you do not have to look it up again. Using this filter should return the $data_points array. Items added should be in the following form:

$data_points[] = array(
    'name'  => __( 'Name for the data' ),
    'value' => $value,
);

Filter: edd_privacy_api_access_log_item
Code:

$data_points = apply_filters( 'edd_privacy_api_access_log_item', $data_points, $log );

Allows developers to supply additional information for the API access log export. This filter will supply you with the existing data, as well as the API access log post object. Using this filter should return the $data_points array. Items added should be in the following form:

$data_points[] = array(
    'name'  => __( 'Name for the data' ),
    'value' => $value,
);

Erase/Anonymize Data

Helper Functions

Function: _edd_privacy_get_customer_id_for_email( $email_address )
Purpose: Since each registered eraser callback in the WordPress data eraser process is passed the email address, it is possible that a customer may already be modified when your eraser runs. Therefore, early in the process, Easy Digital Downloads finds, and stores the customer id for the email address requesting erasure. By using the _edd_privacy_get_customer_id_for_email function, you can rely on our early lookup, so that you can continue to look up by customer id, not the email address, to avoid having any issues due to a customer already having their email address anonymized in a previously registered eraser callback.

Function: _edd_privacy_get_payment_action( EDD_Payment $payment )
Purpose: As you process data erasures, it may be necessary for you to look up what type of action is supposed to be performed on an EDD_Payment object. This helper function looks up the actions specified in the Downloads > Settings > Privacy > Export & Erase section, and then allows extensions to filter the action based off their own criteria.

The function does have a filter ('edd_privacy_payment_status_action_' . $payment->status) which allows the customization on a per-extension basis. An example use case is, normally a completed payment would allowed to be anonymized, but if our Simple Shipping extension is enabled, and the payment has not yet been shipped, we should not allow this payment to be anonymized, as the store owner still needs data from it to be able to correctly ship the item(s) ordered.

Filters

Filter: edd_should_anonymize_customer
Code:

$should_anonymize_customer = apply_filters( 'edd_should_anonymize_customer',
    array( 
        'should_anonymize' => true,
        'message' => '' ),
    $customer );

When a customer requests to be deleted, there may be a business need to not allow this anonymization or deletion. By default Easy Digital Downloads will proceed with its determination if the customer should be processed, but before it does, it allows extensions to tell it if the customer should be processed.

The return of this should be in the following array format:

array( 
    'should_anonymize' => true, // If this customer should be anonymized 
    'message' => '',            // If should_anonymize is false, supply a reason
)

Filter: edd_should_anonymize_payment
Code:

$should_anonymize_payment = apply_filters( 'edd_should_anonymize_payment', 
    array( 
        'should_anonymize' => true,
        'message' => '' 
    ),
    $payment
);

During the erasure process, all payments associated with the customer found are processed to take one of three actions (and the string used to reference them in the code) :

• No Action – (none)
• Anonymization – (anonymize)
• Deletion – (delete)

The status of the payment typically determines what action should be taken, and the action for a specific payment status can be modified by store owners in Downloads > Settings > Privacy > Export & Erase

There are, however, times where an extension may need to override that action, which is where this filter becomes useful. With this filter, developers can inspect a payment and determine if it is allowed to be anonymized based off their own criteria, and tell the eraser to leave it alone, by performing no action on it.

The return of this should be in the following array format:

array( 
    'should_anonymize' => true, // If this customer should be anonymized 
    'message' => '',            // If should_anonymize is false, supply a reason
)

Actions

Action: edd_anonymize_customer
Code:

do_action( 'edd_anonymize_customer', $customer );

When a customer requests to be deleted, Easy Digital Downloads first runs anonymization on them (and later determines if they can be fully deleted). After the anonymization is completed, this action is run, supplying the EDD_Customer object, so developers can take any further action necessary. It passes in the EDD_Customer object of the customer being processed.

Action: edd_anonymize_payment
Code:

do_action( 'edd_anonymize_payment', $payment );

After Easy Digital Downloads has processed the payment for anonymization, but before saving the payment, this action is run, passing in the EDD_Payment object, allowing developers to make further changes. It passes in the EDD_Payment object of the payment being processed.

Action: edd_anonymize_file_download_log
Code:

do_action( 'edd_anonymize_file_download_log', $log );

In the event that a payment is required to be anonymized (not deleted), the file download logs associated with it are anonymized as well. This action will allow further anonymization of a file download log, if necessary. It passes in the WP_Post object of the $log.

Action: edd_delete_api_access_log
Code:

do_action( 'edd_delete_api_access_log', $log );

When a user requests deletion, if they have any API Access logs in the database, this action will allow you to take further action after they are deleted. It passes in the WP_Post object of the $log.

Conclusion

So that’s a wrap on our updates to Easy Digital Downloads core for the GDPR release. As with all software projects and legal regulations, this will evolve as the ecosystem deems necessary. All of these hooks, filters, and functions can be found in the includes/privacy-functions.php of Easy Digital Downloads version 2.9.2 or later.