WordPress.org

Support

Support » Plugins and Hacks » Protest: no updates for this plugin the next 30 days

Protest: no updates for this plugin the next 30 days

  • One of my plugins was recently pulled from wordpress.org, because it was participating in the Sustainable Plugins Sponsorship Network (SPSN). According to Mark Riley this is against the rules, which are:

    1. Your plugin must be GPLv2 Compatible.
    2. The plugin most not do anything illegal, or be morally offensive (that’s subjective, we know).
    3. You have to actually use the subversion repository we give you in order for your plugin to show up on this site. The WordPress Plugins Directory is a hosting site, not a listing site.
    4. The plugin must not embed external links on the public site (like a “powered by” link) without explicitly asking the user’s permission.
    5. If you don’t specify a v2-compatible license, what you check in is explicitly GPLv2.

    (source)

    For now I have removed the SPSN from all my plugins, but I do not agree that participating in the SPSN is against the rules. IMHO it clearly isn’t. Of course reasoning with Mark has been tried, but without any result so far. I have thought a long time about this and I have decided to protest against this injustice. That is why I won’t release any new features or improvements for this plugin for the next 30 days (except critical bug fixes). Furthermore I am asking you to protest against this injustice by writing to Mark Riley at plugins@wordpress.org.

    I am not writing plugins to earn money, nor do I participate in the SPSN for money. The few bucks I got from the SPSN is not even enough to pay the coffee I drank while developing this plugin.

    If you don’t agree with me, please let me know why.

Viewing 15 replies - 1 through 15 (of 54 total)
  • At first I thought that no new updates for 30 days was a reference to the almost daily updates to the Add Links to Facebook plugin. Don’t get me wrong, I absolutely love the plugin…I upgraded my hosting because it the plugin put me over 32M for php, and I don’t regret my decision.

    That said, did he actually provide a specific reason beside the gauzy “against the (poorly elucidated) rules?”

    This was the reason given:

    Plugin sponsors:

    “During the sponsorship month, each impression requested by the JavaScript code within a given plugin’s administrative interface is allocated to one of the set of sponsors for that plugin according to that sponsor’s proportion of the overall sponsorship pool received for that plugin”

    so every time a user sees the plugin interface information is tracked.
    The user is not told of this, has no way to opt out.
    This is hidden from the user and has privacy issues regardless of what the sponsors site says.
    It is therefore not permitted.

    http:// … /wp-admin/options-general.php?page=wp-login-vkb/wp-login-vkb.php
    On here you have
    “I have donated to this plugin”
    which users have to tick. If they have not they will not and then your link is displayed. To remove the link a user has to lie or pay.
    This is not permitted – it’s not fair on the user.

    This is just ridiculous. Are there not more important things for them to worry about?

    I am glad you agree, Michael.

    Did you know that WordPress itself is tracking you too? This was reported four year ago here, but not much has happened since.

    As far as I can see it, the rules were broken. And if plugin does things that the user was never informed about, than that is shady. I am sure the data is not being used for bad reasons, but hiding the fact that this is happening is a shady practice.

    As far as I can see it, the rules were broken.

    Can you tell me which rule?

    And if plugin does things that the user was never informed about, than that is shady.

    There was a clearly visible link to the Privacy Policy of the SPSN.

    I’m not sure if it would be allowed under SPSN’s terms and conditions, but would it be possible to “force” the user to opt-in during activation or setup of the plugin?

    There was a clearly visible link to the Privacy Policy of the SPSN.

    Don’t get me wrong, I believe that since you are doing the work for a plugin, you should be able to get some kind of compensation.
    But the rule that was broken is because a person gets a plugin PLUS a code that is not related to the plugin and a user is not notified that they are getting something extra besides the plugin.
    And the “Privacy Policy” is not cleat at all, at first it says:
    “No individually identifiable information of any kind will be collected”
    and lated down the page:
    “Individually identifiable information will be accepted from plugin”

    So, should you be able to make some money from the plug in? Absolutely yes.
    But at the same time, a user should be notified CLEARLY that they are getting something extra besides the plugin itself. Something like, during install, have a notice: “This plugin contains SPSN code, do you wish to continue? (And have a link to the explanation of the code right there so people can read about it before continuing) and give them option to opt out, or at least stop the installation if they don’t agree.

    Best thing to do is to be honest with people, if you try to include code that people don’t know about, people will suspect a shady practice and they will not trust you. But if you are open and up-front, people will support you, and many will want to help you make extra income.

    Also you asked which rule was broken?
    It was a rule #4 “The plugin must not embed external links on the public site (like a “powered by” link) without explicitly asking the user’s permission.”

    I think they should change it to make it clearer to: “”The plugin must not embed external links or code…..”

    But if you had what I mentioned earlier: “during install, have a notice: “This plugin contains SPSN code, do you wish to continue?”
    Than you would have complied with the rule requiring to ask for users permission.

    The problem with saying that the SPSN code violates rule #4 is that it does not embed any links on the public site. It embeds it on the dashboard, specifically, the settings page for the plugin.

    And the “Privacy Policy” is not cleat at all, at first it says:
    “No individually identifiable information of any kind will be collected”
    and lated down the page:
    “Individually identifiable information will be accepted from plugin”

    I will ask the SPSN for a clarification about this.

    Something like, during install, have a notice: “This plugin contains SPSN code, do you wish to continue? …

    If the SPSN will come back to the plugin, something like this will be part of the EULA.

    Hi folks,

    This is Greg, speaking on behalf of the SPSN.

    As indicated (I hope clearly) in our privacy policy, mentioned earlier in this thread: “No individually identifiable information of any kind will be collected or retained about sponsorship messages delivered at websites using a sponsored plugin.”

    I’m sorry if this is unclear in some way, but the subsequent statement that we accept individually identifiable information from plugin authors and sponsors means that we (obviously?) accept their own personal information.

    Stating clearly who we accept personally identifiable information from and what we do with it is a requirement for us due to both UK and European legislation.

    We also require that all participating plugin authors disclose fully that their plugin is participating in SPSN and provide either a summary of or a link to our privacy policy (or both).

    So, again, unless you are a plugin developer or a plugin sponsor: we do not collect, track or retain personal information. And it should go without saying, but if you are a developer or a sponsor, it would be pretty darned difficult for us to pay you money (developers) or accept your sponsorships (sponsors) if we did not have your personal information.

    As far as I am aware, we maintain a vastly higher standard of privacy protection and full disclosure than the example set by Automattic and WordPress.org itself — with the automatic plugin update mechanism responsible for the transmission and collection of vast amounts of information about individual WordPress installations without any disclosure about what information is being transmitted, what will be done with it, how long it will be kept, etc., and without any opportunity to opt out.

    All the best,
    Greg

    It was a rule #4 “The plugin must not embed external links on the public site (like a “powered by” link) without explicitly asking the user’s permission.”

    As edwardra3 already pointed out this rule is not broken, because there are no links on the public site.

    I have read the rules thoroughly and have thought about how each of the rules could be broken by the SPSN and I cannot think of any way. There was also no valid explanation from Mark so far, except from ‘This is not permitted‘ and ‘The matter is being discussed with developers and we will let you know what the outcome is‘.

    The plugin was pulled from wordpress.org on July 1 and in my opinion this is a drastic measure for a plugin that have been on wordpress.org since May 2009. I have always happily supported all my plugins, but I feel quite abandoned by the WordPress people, in such a way I really think about stopping support at all. That is why I organized this little protest.

    If the SPSN is violating rules I will accept that without discussion, but I cannot accept a random rejection without a valid explanation.

    To keep you informed, this is what I wrote to Mark yesterday (no response so far):

    I am unhappy and tired of waiting.

    Every time I write to plugins@wordpress.org I have to wait a long time for mostly a vague answer, if any comes (not only for this issue).
    Apparently there is no serious support for plugin developers.

    Both me and Greg have asked for an explanation why the SPSN is against the rules. Until so far you have not given an acceptable explanation.
    Referring to possible future rules or to users that don’t like things like the SPSN is not a valid explanation.

    I don’t want to passively wait for an answer that may or may not come, so I will check in the Add Link to Facebook plugin next Thursay with the SPSN enabled.
    If you still think the SPSN is not permitted, then please remove the plugin from the repository. Please know that:

    1. I can and will not support plugins that are not in the WordPress repository
    2. I will not take action to get the plugin back into the repository
    3. I will refer all users asking for support to this discussion (I have sent you a link before)

    If you decide to remove the plugin from the repository then I am asking you:

    1. to remove all my plugins from the repository
    2. to explain why you removed the plugin from the repository in the discussion mentioned before

    I’m not sure if it would be allowed under SPSN’s terms and conditions, but would it be possible to “force” the user to opt-in during activation or setup of the plugin?

    The next version of the plugin will have an explicit opt-out option.

Viewing 15 replies - 1 through 15 (of 54 total)
  • The topic ‘Protest: no updates for this plugin the next 30 days’ is closed to new replies.