Close this search box.


In this article

Category: ,


Recent articles

Friendly Captcha, a privacy-friendly option for reCaptcha

ReCaptcha from Google is the most popular spam prevention tool available, and certainly with good reason as it seems to work and is widely-adopted and therefore easily implemented for most instances. Most contact forms on WordPress come with their own reCaptcha integration, and if not available, many third-parties have developed reCaptcha plugins to adapt to these forms. So far, so good for spam prevention and open-source collaboration.

There is, however, a significant issue overlooked by many, which is the impact on your user’s privacy. Spam prevention might suggest reCaptcha is functional in practice and does not need consent, principles, and guidelines laid out by GDPR and other privacy laws oppose this as reCAPTCHA does not adhere to the data minimization principle in the slightest, as explained in more detail in this article.

A solution by Complianz is to block reCAPTCHA before consent and only initialize when consented and needed. This might cause several issues. Because reCaptcha is adopted widely and implemented directly in other plugins, it will cause dependency issues when blocking reCAPTCHA, as some functionalities might depend on reCAPTCHA loaded at all times. When this is not the case, functionalities might break, and specific integrations are needed for plugins, for example, Contact Form 7, to function correctly. And this is just one contact form plugin, and we’re excluding variables regarding caching and optimization plugins that might defer, combine or minify javascript.

Leaving reCAPTCHA behind. A Simpler solution.

To leave this all behind and conform with GDPR simultaneously, privacy by design is always the best option. 

A solid option to have a Captcha without blocking functionality and checking dependencies is Friendly Captcha for WordPress

For now, it has integrations with;

  • WordPress native forms (registration, login etc)
  • Contact Form 7
  • WP Forms

If you’re missing your contact form plugin, you can create an integration request here;

When installed, you can now disable reCaptcha as an integration in the Complianz wizard and keep moving toward a more privacy-friendly set-up. If you’re willing, self-hosting your Google Fonts will remove other requests to Google as well. And when you’re at it, do the same for analytics!

Join 900.000 users and install The Privacy Suite for WordPress locally, automated or fully customized, and access our awesome support if you need any help!

Complianz has received its Google CMP Certification to conform to requirements for publishers using Google advertising products.