Complianz Privacy Suite

Friendly Captcha, a privacy-friendly option for reCaptcha

Aert Hulsebos

Aert Hulsebos

Categories

Popular articles

Share on facebook
Share on twitter
Share on linkedin

ReCaptcha from Google is the most popular spam prevention tool available, and certainly with good reason as it seems to work and is widely-adopted and therefore easily implemented for most instances. Most contact forms on WordPress come with their own reCaptcha integration, and if not available, many third-parties have developed reCaptcha plugins to adapt to these forms. So far, so good for spam prevention and open-source collaboration.

There is, however, a significant issue overlooked by many, which is the impact on your user’s privacy. Spam prevention might suggest reCaptcha is functional in practice and does not need consent, principles, and guidelines laid out by GDPR and other privacy laws oppose this as reCAPTCHA does not adhere to the data minimization principle in the slightest, as explained in more detail in this article.

A solution by Complianz is to block reCAPTCHA before consent and only initialize when consented and needed. This might cause several issues. Because reCaptcha is adopted widely and implemented directly in other plugins, it will cause dependency issues when blocking reCAPTCHA, as some functionalities might depend on reCAPTCHA loaded at all times. When this is not the case, functionalities might break, and specific integrations are needed for plugins, for example, Contact Form 7, to function correctly. And this is just one contact form plugin, and we’re excluding variables regarding caching and optimization plugins that might defer, combine or minify javascript.

Leaving reCAPTCHA behind. A Simpler solution.

To leave this all behind and conform with GDPR simultaneously, privacy by design is always the best option. 

A solid option to have a Captcha without blocking functionality and checking dependencies is Friendly Captcha for WordPress

For now, it has integrations with;

  • WordPress native forms (registration, login etc)
  • Contact Form 7
  • WP Forms

If you’re missing your contact form plugin, you can create an integration request here; https://github.com/FriendlyCaptcha/friendly-captcha-wordpress

When installed, you can now disable reCaptcha as an integration in the Complianz wizard and keep moving toward a more privacy-friendly set-up. If you’re willing, self-hosting your Google Fonts will remove other requests to Google as well. And when you’re at it, do the same for analytics!

Recent articles

Subscribe

About Contact form 7 v5.4

Due to significant changes in Contact Form 7 version 5.4, consent for reCaptcha is no longer available. We recommend not updating or reverting back to 5.3.