Follow Jeff Sayre on Twitter

BP Privacy: History and Lessons Learned from Developing a Major BuddyPress Component


Coding great-quality, open source software, while often rewarding, can also be a thankless, difficult task. As many have been asking for an update on BP Privacy–also known as the BuddyPress Privacy Component–I thought I would take the time to write up an exhaustive history of the project and share some lessons learned.

It is important to state up front that there are many wonderful, helpful, supportive, knowledgeable, community-minded members in the greater WordPress community. If you are an active participant within this community, you already understand that fact.

Of course, a great community of supportive, fun-loving people does not guarantee that you will face few challenges with your WordPress or BuddyPress projects—whether that is starting and running a community, designing themes, or developing plugins.

This is the story about the challenges I have faced in bringing BP Privacy to fruition. It is just one developer’s journey and, as such, should not be construed as anything more than my perspective.

I hope that those who manage to read through this entire, long article walk away with not only a better understanding of some of the difficulties BP Privacy has faced, but also a feel for how they might want to approach taking on similar open source projects in the future.

Genesis of the Idea

In the beginning, there was an idea that BuddyPress needed privacy. Well, that idea was not present at the genesis of BuddyPress as it does not offer core privacy, but the idea was hatched in the early pre-RC2 release days of the BuddyPress project by two very active community leaders—one of whom was me.

At the inception of this project, BP Privacy had two developers. That’s right. I had a project partner. This partner was a key BuddyPress member and very interested in coding his first BP plugin. We teamed up on this project as we realized the complexity of the task at hand and that it would be beneficial to have a project partner.

We had a number of discussions about how we should tackle this project. I set up a subversion repository on my dedicated server for the project and gave him access. I started the long, tedious process of learning, really understanding, the inner workings of BuddyPress. After all, BP Privacy would not be a typical plugin. It had to interact with all the core BuddyPress components. It had to monitor and take control of output based on an individual’s desires. We both realized that BP Privacy was going to be a major, foundational component in its own right—even though it would be a third-party plugin.

However, as weeks passed into months, my project partner’s schedule did not allow him to participate. So, I told him that I was just going to get started and that he could join in at any time.

So that is the humble, less than exciting beginning of BP Privacy. It started with a two-person project team but ended up becoming a solo effort.

BP Privacy Timeline

On the BP Privacy site, I state in a blog post that this journey has been 16-months long. Of course, that was posted basically October 1, 2010. So as of the date on this post, the process is nearing 20 months. The reality, however, is that this project had its inception even earlier, almost two years ago.

Here is a blow-by-blow timetable for BP Privacy and some of the key factors and issues at each point along the way:

Project idea inception: Early April 2009. My project partner and I began discussing BP Privacy (what was at that time called BPAz or BP-Authz)

First code written: June 23, 2009. This was two months after hatching the concept. It was the point when my project partner determined his schedule would not allow him to participate. So, I started coding the project on my own.

First public beta release: December 5, 2009. Only four months and two weeks after the first code block was written, I released a very solid public beta version to the community. Note that before that public beta release, there was a small, select group of private alpha testers.

This was a very solid beta version with only a few minor bugs. It worked perfectly with BuddyPress v1.1.3, offering privacy filtering for four of BuddyPress’ then core components. But the rug was about to be pulled out from underneath the project.

Codebase and platform concerns arise: January 2, 2010. As BuddyPress 1.2 was fast approaching release, it became clear that a major BP Privacy code refactoring would be required. A good portion of the previous 4 months of work would need to be reevaluated and much rewritten. As I looked at the time commitment involved, I realized I needed to try a new approach.

Not surprisingly, this approach failed. It only raised about $175 dollars. Without a big financial boost to help me focus on BP Privacy, I had to turn my attention elsewhere for awhile.

Late spring through early fall of 2010: The BuddyPress project experienced critical uncertainties in my opinion. These uncertainties made me question its long-term health. During this time, the development of BP Privacy progressively slowed down, practically grinding to a halt in late summer of 2010 as I awaited a few, final core patches I had submitted months before to be accepted.

Due to these factors, nine months passed with very little development time being invested.

Announcement of Public Release (v1.0): September 30, 2010. I was privy to some promising developments in the world of BuddyPress that gave me hope that BuddyPress might actually weather the storm. So, after almost nine months of greatly reduced activity on my part, I went out on a limb, venturing back into the BP Privacy project on a more serious level once again.

I created the BP Privacy site and made an announcement on that new site that BP Privacy would be released on November 8, 2010. This is the first officially-advertised date given for the release of the public, production-ready version (v1.0).

A few weeks later came the news for which I had been waiting. The BuddyPress community had a shot of adrenaline and renewed hope. We welcomed the announcement that Paul Gibbs and Boone Gorges had been “promoted” to core committers.

Of course, November 8, 2010 came and went. I continued working on BP Privacy as time permitted as I patiently awaited the release of BuddyPress 1.2.7 which was finally released on December 22, 2010.

BP Privacy’s Future: See the end of this article.

Time Invested and Anticipated Returns

Projects of the magnitude of BP Privacy require a considerable time commitment. Whereas it is difficult to be absolutely precise, I have a pretty accurate estimate as to the number of hours I’ve invested in BP Privacy. My total time spent to date working on BP Privacy is 1450 hours.

What kinds of activities go into a project that would require such a time commitment? A great number of essential activities such as: emails, forum and IRC discussions, support of alpha and beta1 testers, writing and submitting core patches required to bring privacy services to BuddyPress, debating a number of these patches, studying and thoroughly understanding the inner workings of BP, keeping up to date with codebase changes in BP Trac, writing tools that were necessary in figuring out some unexpected behaviors with BuddyPress’ action and filter hooks, continuous and exhaustive testing of BP Privacy, and writing detailed documentation. Of course, all of this is on top of the actual coding of the component itself which has required (so far) two major refactorings of the codebase.

What will I earn for all of this effort? Zero. Okay, I had a total of about $225 in donations to help support development ($175 as mentioned above plus $50 received before that post). I am very grateful to all who donated, to my select testers, and to everyone who offered support in other ways.

This means that I will have earned just shy of 16 cents per hour working on BP Privacy. So, the next time you question the commitment and contribution of those who actively volunteer in the open source world, remember that number. Of course, if all the additional hours of time that I’ve donated on the BP support forums, IRC, via email, Twitter, and Skype are included, that total would undoubtably be about half of that.

Financially, I would have been better off spending that time working at McDonalds. It is ironic that the vast majority of people who will benefit from my work will not even contribute enough for me to buy a Big Mac. By the way, I do not eat at McDonalds so please don’t send coupons. In fact, I am not interested in any more donations.

Why do I have a section emphasizing the monetary aspects of BP Privacy? Because like the vast majority of people, I need to pay bills, put food on my family’s table, and save for the future. How many of you can donate 1450 hours of time creating free products or services for others to use?

I am a vocal advocate of the open source model, as anyone who reads my blog and tweets would know. I have volunteered a thousand hours plus of my time answering questions on the BuddyPress community support forums, via email, in IRC, on the phone, and via Skype. None of those hours are included in my total time spent on BP Privacy. Like many active members of the community, I give in more ways than just creating plugins.

The reality for me is that this community and its open source model does not make it possible to earn even a small part of my living in a way that I prefer—coding great-quality GPLed plugins that provide needed services to others.

As I do not take on client work–I’ve discussed this fact with people many times before–I need another means with which to recoup some of the time I have invested in coding open source software for the community. If you really want to learn more about this point, please read this post about this issue from my perspective—and read the comments for a fascinating discussion.

Lessons Learned

Here are a few lessons learned that may help other WordPress and BuddyPress developers have a better experience with offering GPLed software to the greater community.

Work on Projects that Give You Energy, Not Sap Your Strength: By and large, I have lost more energy working on the BP Privacy project than I have gained. It has been exceedingly frustrating at times. To be honest, if this were not something desperately needed for the BuddyPress platform, I would have dropped this project a year ago.

At the time I started coding BP Privacy, I was planning on using BuddyPress as the foundation of my startup, and privacy was key to that vision. So it made sense to continue BP Privacy and then release the component to the greater community once it was ready. Had I any idea how vocal the negative minority would be as they impatiently waited for me to provide them with high-quality, free-as-in-cost software, I would have canned the community release a long time ago and just worked on it for my private use.

The Vocal, Negative Minority: It is important to realize that more likely than not, the vast majority of users will be happy about your work, or at least indifferent. Unfortunately, human nature makes us more vocal when we’re displeased than when we are pleased. It is a minority of users that will be anywhere from disappointed to obsessively outraged. It will be this minority that will be most vocal. If you release your work to the community, expect to have a greater volume of “I hate you” than “I love you” feedback from your user base.

Whereas community members may appreciate your volunteer help on various support forums, and paying clients may love you, when it comes to freely-contributed plugins, don’t expect the same rosy reception.

Don’t Expect Donations: Based on the vast majority of all plugin developers’ experience, ninety-nine percent (and realistically more) of all users will never donate to your efforts. There are many plugin developers who have written about this. Here are just a few articles to shed some light on this issue. Again, read the comments to get a more balanced perspective on this issue as there are good points on both sides:

The donation model is not broken, for the vast majority of creators, it never worked to begin with. I have tried many tactics to increase donation conversions. My plugins and appropriate blog posts all had obvious donate badges. But that has not made a difference. Donating to something that is freely available apparently also goes against human nature.

Plugin support: Unless you clearly and explicitly state that there will be zero support offered for your plugin (at a minimum that should be communicated in the readme.txt file) then it is your moral obligation to offer some level of support if you release a plugin to the community—which includes forking an existing plugin.

Therefore, expect there to be questions that must be answered, that user issues will take away time from your other projects, and possibly impact your paid work and family obligations. There will be users who claim they are having a problem with your plugin when in actuality it will be caused by something other than your plugin. No matter how hard you try to communicate that it is not an issue with your plugin, in these people’s minds, you will still be the party at “fault”.

It is for this reason that some plugin developers fully exercise their GPL rights. Please note that if you plan to charge for support, you should be aware of a potential issue.

Since all WordPress plugins and themes need to be licensed under then same GPL version as WordPress itself–GPL version 2–you do not technically have the freedom or right to charge support fees. That explicit freedom and right was added later in GPL version 3. (Compare the last paragraph of Section 1 of GPL version 2 to the last paragraph of Section 4 of GPL version 3).

Therefore, if you are planning on charging for support, you are operating outside the freedoms of the GPL version 2. You would be wise to seek legal counsel.

Disclaimer: You should seek legal counsel if you have questions or concerns about your freedoms and rights under the GPL. I am not a lawyer and the information presented is my opinion only.

With Plugin Popularity Comes Possible Trouble: I do not envy plugin developers with high download counts. I know that that means one of two things: they are at the first stage of the plugin’s support lifecycle where they are spending an inordinate amount of their time supporting the plugin (probably for free), or they will soon be entering the final stage of the plugin’s support lifecycle where they discontinue support and future development as their time commitment to the project cannot be sustained.

It is for these two reasons that I always donate to plugin developers whose software I use and only use plugins that I am sufficiently interested in as I expect that one day I will have to maintain them myself.

Plugin development should not be a popularity contest, he or she who has the highest plugin download count often does not win. Do not release a plugin for praise and glory. That rarely happens. What really happens is the more popular your plugin becomes, the greater the potential for you to lose control over your time. This can lead to a rather unpleasant, overall experience with your project.

Alpha & Beta testing: If you have limited time to work on your project, then it is best to make the alpha and maybe first beta version private releases. Provide copies only to those people who you believe will genuinely test it and provide you with useful feedback. It is better to have a small, focused group of testers than a horde of quasi-interested and knowledgeable testers.

The exception to this lesson would be if you have a team of developers who can share the responsibilities of managing a public alpha and beta test. But, if you are a solo developer, you could be in for a world of hurt if you set your pre-release software free for any and all to test.

Bugs will continue to be found even after you’ve released the first public version. You have to go no farther than WordPress or BuddyPress Trac to see how many bugs still exist in those stable, public products. That is the nature of all software. No matter how mature a software product, there will always be bugs, some of them serious.

Develop on a Developer-stable Version: Although BuddyPress v1.0 was the first official public release deemed suitable for general use, it was far from stable from a developer’s standpoint. This is evidenced by the fact that significant changes occurred between BP 1.0 and BP 1.1 that caused developers some grief and then even greater changes occurred between BP 1.1 and BP 1.2.

In my opinion, BP 1.2 should have been then first public release. In other words, BP 1.2 is really v1.0 in my mind. Now, with BP 1.3 close at hand, I’m concerned that developers (and possibly even users) will be faced with difficult upgrade challenges. Although, Paul, Boone, and John have been working hard to make the transition to BP 1.3 as painless as possible. So, perhaps my concerns are not valid. Whatever the reality, when the dust settles, BP 1.3 will become the first developer-stable version in my opinion.

Group or Solo effort: As should be obvious from the start of this article, you need to carefully vet your project partners. Although I had little data with which to make an honest assessment of my project partner’s suitability–the BuddyPress community was very new at the time–I nevertheless made a mistake at the start of this project. I should have quietly started by myself and only asked for interested project partners once I had some code to share and knew more about the skill sets of the various BP developers with whom I associated.

Communicate Less, Not More: This may come across as a hypocritical suggestion in light of some of the communication issues BuddyPress had last year. However, you need to differentiate BuddyPress as a developer platform and community from that of developing a BP plugin. With the former, the community is what makes the project a success. With the later, only a few key people need to be kept apprised. Communication is essential to the former, whereas to the latter it is not necessary until the plugin is released.

When it comes to plugin development, it is better to surprise the community with a new release (especially the initial release) than it is to build up their expectations. Although there is a thrill with getting validation for your efforts at the start of a project, there is no way to know what challenges lie ahead and how difficult the task may be. Interest and attention in any project can quickly turn negative if there are seemingly few results to share. Blame will always go to you, whether the issues holding up your project are beyond your control or not. This is especially true for a project that is deemed very important or possibly even vital—such as BP Privacy.

Once a plugin is released to the world, then proactive communication and vigilant project management are crucial to the project’s continued success. But before the public release, communicating less might actually help the project succeed as you won’t be distracted by the negative vocal minority.

Promised Release Dates: As a follow up to the point above, it is best to never put a date on a release. You are working on a plugin, not the core foundation of WordPress or BuddyPress where it makes sense to have project deadlines and development freeze dates.

If you do communicate a release date, do not be overly concerned if you fail to meet it. You are generously working on GPLed software that will more than likely earn you little if any for your efforts invested. You are not beholden to anyone.

Even the BuddyPress project has difficulties meeting its promised release dates. As this article can witness, there are many factors that contribute to a missed release date. Some are beyond your control. From a community standpoint, it is best if people remain patient and remember that they are getting GPLed software that provides them many freedoms of use. The software will be released when its released.

Use of the WordPress Plugin Repository: The WP Plugin Repo is a great service to developers and the greater community. You should use this service if you are planning not to exercise your full GPL rights. However, do not use the Repo for releasing alpha, beta, or RC versions. Most users will have no clue what an alpha or beta version truly means. More importantly, most will not care. If it’s on the Repo they’ll expect it to work. You should make your plugins available on the Repo only when they are ready for full public release. Until then, use another service, or your own server, to make pre-release versions available to those whom you wish to have access.

When Will BP Privacy Be Released?

Over the past two months, I have been reassessing my role in this project. As you have found out from the above history, my time commitment and investment into this project have been substantial. I’ve decided that the time required to support and maintain this project, and the energy required to do it properly, is incompatible with me earning a semblance of a living. It has also taken too much focus away from my current startup.

This project started out as a team effort but unfortunately became a solo effort. I believe that this project needs to become a team effort again—as in a team of developers, not a team of testers.

To be clear, BP Privacy was never intended to be a core BuddyPress component—even though some of you think that was the case. I am not and have never been part of BuddyPress’ core development team. I was simply an active community volunteer, support forum moderator, and plugin developer.

As most of you know, I am a staunch privacy advocate. Since my first days with the BuddyPress project, I have believed that privacy was a necessary core feature. That has yet to be realized. Perhaps part of the BP Privacy codebase can serve that purpose in the future. Although it might make more sense to refactor BuddyPress, offering true core privacy as a component.

What does this all mean?

I will be releasing the fully-functioning BP Privacy codebase over the next several days, along with a very extensive manual (35+ pages). At that point, I will end my official involvement with the project, and as such, I will not be providing any support.

The project will be in the hands of the community. It will be available for anyone to use as is, expand upon, fork, or even merge into BuddyPress core. Perhaps a group of developers will adopt BP Privacy and maintain it as a community-based project.

Because of my decision to end my official involvement with the project, I’ve decide to back tag the version I’ll be releasing, making it a release candidate instead of a public, ready-for-production version. Therefore, it will be v1.0-RC1 instead of V1.0. It also means that I will not be placing it on the WordPress Plugin Repository per the reasons I mentioned at the end of the last section. It will be available for a short while on the BP Privacy site before that site is taken down. The link will go to some yet-to-be-determined public repository. I will also be placing the link within a BP support forum thread.

By the way, for any group of developers interested, I have registered the bp-privacy distribution name with the WP Repo. I would be more than willing to assign that over to another group, if that is possible, or at the bare minimum add other committers. But be advised that I will not be participating in the project anymore.

Once BP Privacy v1.0-RC1 is out, it will be up to each person to fully evaluate the plugin and decide for themselves whether or not to run it on a production site. Although in my exhaustive testing BP Privacy works very will under WP 3.0.4 and BP 1.2.7, you must decide for yourself the viability of its use in a production environment. Thus, please be advised, no matter what you do, you are on your own until (and if) a new group of developers takes the reigns of BP Privacy and assumes support and maintenance responsibilities.

As far as the upcoming release of BP 1.3, I have not fully tested the most recent BP trunk version in Trac. Therefore, I cannot say how much refactoring may be required. I may put some effort into that, but do not wait for me. You should take the initiative and bring it up to date on your own volition.

As far as the few people that have pre-purchased BuddyPress Privacy Support Plans, I will be refunding all the monies received over the next week. But first I will focus on getting BP Privacy out the door. I will also be refunding my two, wonderful advertising partners. Yes, your ads have been up on BP Privacy going on three months (I have only charged them for the first month), but you have not received the type of exposure that you had expected. It is only fair that you get full refunds as well.

I hope that BP Privacy finds a useful life going forward!

Article Comments

  1. Avi M says:

    As I have already mentioend to you, this is unfortunate but understanble. I’ll keep an eye out for the refund over the next week or so.

    Oh and yup you did indeed mention the refund at the end!

    • For all the time and effort that has gone into the plugin, and you are still getting the plugin in the end. I can’t believe you are so worried about a refund. No wonder he doesn’t want to support the plugin any more.

      Un-grateful users and the mentality that everything should be free, just because it is built on an open source platform, is severely detrimental to the future of these types of projects.

      • dan says:

        I agree Seth – been there too myself and have seen what people expect to get for nothing or very little. I am also considering letting my plugin into the community but I am not prepared (in fact can’t afford) to spend the time resolving every issue and discrepancy. My thanks goes out to those who do it and endure.

  2. Simon says:

    Hello Jeff,

    We recently found your BP-Privacy site having just started my first BuddyPress website. I am a fairly seasoned WordPress developer, and we needed to extend the functionality of WP for a new community site we are building. BP looks very promising, but the one thing that jumps out at you is that it is just not suitable for creating a community site out of the box. A public Activity stream with everybody’s details tagged, complete lack of privacy options for profiles and a wide-open member list is just going to turn site visitors off.

    BP desperately needs privacy built into its core code. As it stands, we are going to have to do our best to code out huge swathes of code in the theme – or just turn off big chunks of functionality altogether – to get it to work with any semblance of privacy.

    As somebody who wholeheartedly believes in Open Source and the WordPress platform community, please can I just say thank you for all your thankless work to date? I completely understand your frustration and hope that a team does take all of your hard work and run with it. I hope the core development team take note of the issues you have faced and build upon what you have created here.

  3. Luis says:

    Sorry to hear of this news 🙁 I understand why you’ve made the decision to stop the project. Thanks for making the effort, I was waiting all so patiently for the release of your work. This is such a core functionality to BP which I don’t understand why it wasn’t included as a core element. Best of luck to you.

  4. “Therefore, if you are planning on charging for support, you are operating outside the freedoms of the GPL version 2.”

    That seems to be a very unusual legal interpretation of the GPL2. Maybe a question for the SFLC ?

    • Jeff Sayre says:

      I am not a lawyer. I am not providing legal advice or a legal interpretation.

      Nevertheless, there is nothing unusual about that interpretation. The differences in language with regard to the specific freedoms to charge fees is very clear between GPL version 2 and GPL version 3. Read the sections of the two license versions and you will see that, from a licensing standpoint, it is only in GPL version 3 where the specific freedom and right to charge a support fee is explicitly granted.

      It is interesting to read this article by the Free Software Foundation (FSF) concerning their philosophy on Selling Free Software. The FSF is the organization that promulgates the GNU GPL licenses. Their philosophy on selling GPLed software is clear. But, nowhere in the article do they mention the phrase “support fee”. When it comes to the issue of fees, they only use the phrase “distribution fee”.

      Now this is pure speculation on my part, but perhaps they avoid discussing support fees as the article is specifically about selling software, not selling services such as support services. But it could also be that they do not mention support fees because there are differences in rights between GPL versions.

      Maybe a question for the SFLC ?

      I agree. I also have contacted the FSF about this specific issue. I have sought legal advice and I suggested in the article that others who have any questions about the GPL should do the same.

      I have no issues with people charging any fees for their GPLed work. That is not my point. In my opinion, the primary focus of all GPL versions is providing all users of a piece of GPLed software with the freedoms to use, repurpose, and alter code without any restrictions being placed on them other than the restriction that they cannot restriction others’ freedoms to do the same.

      As I am not a lawyer, and I had specific questions about the GPL license that could affect my business, I sought legal counsel. If you are concerned, then you should talk with your lawyer. They might have a different interpretation. That is fine. I made a risk benefit determination based on what is best for my business.

      • Thanks for your reply.

        I still think that the legal view is very unusual because I know of nobody else who has published such an interpretation of the GPL2. As far as I see the relevant sentence in GPL2 is this one: “Activities other than copying, distribution and modification are not covered by this License; they are outside its scope.”

        • Jeff Sayre says:

          With all things legal, there are a number of ways in which certain items within contracts can be interpreted. That is why it is important to seek legal counsel if you wonder how a given contract, license, or law may or may not apply to your specific situation. Of course, only a ruling by a court of law can be deemed as true legal judgement on an issue.

          The wording that you quoted is what could be cited as a legal loophole. If someone wants to interpret that to mean that under GPL2 it is alright to charge support fees, then that is their prerogative. The last sentence in that phrase

          …they are outside its scope.

          is why I stated in my article with regards to this issue that, “if you are planning on charging for support, you are operating outside the freedoms of the GPL version 2. You would be wise to seek legal counsel.” It is clear to me that GPL2 does not grant that freedom or right whereas GPL3 does. That is my single point. So, it is up to you to make sure you know what this means for your business.

          Again, I have no issues with people charging distribution fees or even support fees. But as the phrasing differences between GPL2 and GPL3, and any potential impacts, where not clear from a business persepctive, I sought legal counsel to get an opinion on business risks and options under GPL2.

          If a company is earning a substantial revenue stream from selling support contracts, then it could make sense to keep doing so. They might wish to exploit loopholes as they’ve determined the risks for them are worth taking or that there are no risks as advised by their own legal counsel.

          I choose to mitigate my risks where possible. That is why I prefer GPL3 as it explicitly grants the freedom to charge support fees.

          It is interesting to note that the FSF thought it important and necessary to add that provision into GPL3. That could indicate that people have questioned whether or not they had that right under GPL2. Perhaps there have been legal challenges in the past and the FSF wanted to make it absolutely clear going forward that that freedom would be allowed, no questions asked.

          Again, this is pure speculation on my part as I am not a lawyer.

          • Shawn says:

            I think what you’re missing is the technicality of the actual licensing. It is not “GPLv2” but “GPLv2 (or later)”, as is very common in GPLed software.

            • Jeff Sayre says:

              Shawn –

              That is incorrect. At the time I sought legal counsel and wrote this article, the current, stable, production-ready version of WordPress (v3.0.4) was licensed under strict GPL version 2. Look at the readme.txt file in v3.0.4 and you will see that there is no “or any later version” clause.

              In fact, according to the WP pundits at the time, it has to be licensed this way as the project from which WordPress was forked, b2/cafelog, was also licensed under strict GPLv2. Therefore, there is not anyway in which WordPress could be licensed differently. See this comment in this WordPress Trac ticket for the issue of WP licensing based on the fork of b2.

              Also, see this comment in the same Trac ticket by Mark Jaquith. He honestly admits there are uncertainties in the licensing and promises to discuss this with others to bring clarity to the issue. However, he rightly and clearly states that:

              It has been our stance that we cannot guarantee “or any later version” GPL licensing for WordPress as a whole.

              This was the state of current WordPress GPL licensing policy by some of its most vocal and active core developers at the time I sought legal counsel on this issue. The above linked-to Trac ticket was what several people pointed me to when I brought up the question about WP’s GPL licensing on Twitter.

              See my Tweets here for context and dates:




              I sought legal counsel based on the information provided in that WordPress Trac ticket. Using that information and a legal interpretation of GPL version 2 (see last paragraph of Section 1 and Section 9, second paragraph of that license), an important business decision was made—I decided to terminate BP Privacy’s support plan. To be honest, the licensing issue was a final, but very important, piece in my overall decision.

              Unfortunately, after my decision was made and I began writing this article and planning for the refunding of all BP Privacy support fees received, this new Trac ticket on WordPress’ GPL licensing appeared. This will apply to WordPress Version 3.1 going forward.

              I just found out about this change in GPL licensing terms this morning and I must admit I am rather mad. I’m not mad about the decision. I am mad that this information was not available when I was seeking legal counsel. In fact, I applaud the licensing change as it will put to rest all the legal issues with which I struggled.

              However, this news is too late for me to use. Also, the current, stable version of WordPress is v3.0.4 so BP Privacy has to be licensed under strict GPL version 2—that is unless I wait until WP 3.1 ships at which point I could license it under “GPLv3 or any later license”.

              It is times like this that make me wonder why open source projects in general don’t have business managers, people who are keenly aware of the import of such seemingly-trivial issues like licensing. This issue is of course non-trivial as can be seen by the mental and legal gymnastics that I’ve gone through to figure out my business options with regard to WordPress licensing. Consider this the final lesson learned from developing BP Privacy.

  5. Hachi says:


    I’m sad. Sad because I fully understand you. Sad because how people behave. Sad because you’ll have to “drop” -in some ways- a bit of your life -good or bad-

    My new site doesen’t needs so badly this plugin as previous projects of mine, but as I’ll be using it -in some way if possible- I will put a big explanation of your work in the About page.

    This will not be forgotten

  6. Kyle says:

    Well written, Jeff!

    I’ve commented before on the issues you’ve faced concerning the privacy component on, as well as privately messaged you, and I have to say that you’re truly a stand-up guy! Great honesty, and thanks a million for sharing your hard-earned nuggets of wisdom and your deep insights as you have here with us all!

    I’m a huge privacy advocate myself, and this plug-in made me salivate profusely. Thank you for putting in a near full work-year (hour-wise) on it for little more than a slap in the kisser. You would almost think that you’d worked for corporate on it, considering the wonderful kudos and pay that you’ve received thus far!

    I’ve never believed that donations were (could be) profitable from the standpoint of how they are implemented concerning WordPress/BuddyPress, though I’ve never released nor coded my own plug-in/theme/etc. I think the more popular that your release to the community is then the less people will contribute to it due to the volume of other folks that “must” have already donated to the good cause (yeah, right…).

    If you recall, or perhaps don’t recall, what I messaged you in private about my Inkblot project, among others, I believe that it is the way to go about it and still be able to contribute back to the development and support community in a very meaningful way ($$$), while also being able to better and further the development of new and better open-source code and products.

    Most people don’t know me all that well out there, but I’ve been working in IT for over 20 years now and have been active online, to one degree or another, since the early days. I guess my love of privacy shows in that respect. Though a bit behind the initial rush, I registered my first personal domain names way back in 1997-98. I was “blogging” on my own personal sites in 1998/99. I used to own, but just run (the original “stumble” site) as a WordPress/BuddyPress profile site.

    I’ve always loved WordPress, and have grown quite fond of BuddyPress, and have been a user since the early days. I even own, which is about as perfect as a domain name can get for a WordPress blog.

    You know what, Jeff, you’re on the right track here and the majority of us appreciate you and your efforts one way or the other!

    Best regards,


    • Jeff Sayre says:

      Hey, Kyle. Thanks for the great comment and the support. I appreciate it. I do remember your idea regarding your Inkblot project. It is an interesting concept.

      Outside of offering WordPress consulting services and possibly creating a premium theme collection, the economic models for a WP dev are very slim. Perhaps this will change over time.

      For those of use that prefer to offer our code rather than service, it seems that the opportunity to earn even part of a living from doing that are for the most part nonexistent in most OS communities. There may be a few who succeed, but I think those few also take on client work as well.

      I do plan to continue using WP for some projects but will be expanding to a few other platforms that offer features not currently available in WP. Therefore, I am not leaving the community as much as stepping down from my visible role. I’ll be lurking in the corners, popping in here and there.

      Thanks again.

  7. Well, I guess that’s the end of a long journey. I’m a business major in college so this has a been a fascinating story about different business models (GPL 2, GPL 3, freemium, free, etc.).

    Good luck with your start-up… I’ll still be visiting your blog here.

    • Jeff Sayre says:

      Thanks for the comment, Paul. Whereas it is the end of my journey with the project, I hope that it is not the end of BP Privacy’s journey. The codebase will be available to all, so a group of devs could adopt it and take it further.

  8. Matt says:

    Hey Jeff, it’s sad to hear about your move away from BP-Privacy, but I certainly understand your decision. I’ve been involved in some never-ending, thankless web projects, and sometimes you have to make the decision to let it go.

    Would you care to comment on how you see your involvement with BuddyPress evolving over the coming months?

    As for refunding BuddyBoss’s ad money, please do not. We got more than enough exposure to justify the ad spend.


    • Jeff Sayre says:

      Matt, thanks for the comment.

      As far as my involvement with WP and BP going forward, I will be less visible but will not be dropping out of the community. There are a number of wonderful people in the community and I’ve made a number of friends. I will simply be redoubling my efforts on my startup. This means very little time for answering support questions on the forum or for creating GPLed plugins.

      I will be using both WP and BP for one of my current projects. I will also be using other OS tools for a few other future projects. So, you will see me around.

      Thanks again for helping to sponsor


  9. Bunk says:

    I don’t quiet get this. There must be some untold circumstances behind you leaving privacy and maybe the whole wp community. Those disappointed/arse commenter’s are very very few compared to all the enthusiastic ones. Also I don’t think you imagined make a living on donations? No one can or at least very few. So what gives?

    • Jeff Sayre says:

      I explained my decision—and the reasons—very clearly in the article. Please read it.

      Those disappointed/arse commenter’s are very very few compared to all the enthusiastic ones.

      I agree. I say so as much in my above article.

  10. Bunk says:

    Thank you for answering. I’ve read it twice know and still don’t get it. I mean I get what you’r writing but not your reasoning.

    There are several parts dealing with this taking much more time than anticipated. Ok, this could have been an argument for letting go in midst of dev. But now, when it’s done it doesn’t make any sense.

    Other parts deals with financial situation. So, no one can make a living on donations. You must have known that. And if not, same here, dev is done, plugin ready. Makes no sence leave at this point.

    Lastly you want revenue and set up a support offer. This is a highly demanded plugin and you would likely to earn some real money out of this offer. Again, same here. Dev is done, this will likely happen (money).

    Thus, I respect your work and your decision to leave. I just don’t understand. 🙂

    • Jeff Sayre says:

      Thanks for the additional comment.

      I am clear in my article about my reasons. The fact that it is close to release is irrelevant. As I must shift priorities to my startup, I do not have time to maintain or support BP Privacy. I am also burned out on the project.

      The few thousands of dollars I theoretically could receive would be insignificant to the amount of additional time that would be required to invest in the project. As I’ve also determined that, for me, accepting support fees is not workable (read comments above), this means that I would be supporting the plugin for free. For a project of this magnitude, that is a losing proposition from the start.

  11. Bunk says:

    Ok, that of being burned out i can definitely understand.
    I’m sorry you feel that way and appreciate your time and engagement. Can’t help feeling sad about you leaving at the end of this endeavour. One would think harvest the fruit of your work would be the best way to recover, but that’s solely your decision.

    Hope you stay around the community and good luck with your startup 🙂

  12. joshua_d says:

    Jeff, while your desisson is respected, there is still no mention of any release time for this plugin.Comments are turned off on the plugin site so I can’t ask there.
    When will it be released for others to take over?

  13. Jeff,

    I am just starting out in the premium plugin rat race. I to have faced quite a few challenges, and more than a handful of angry users. It is very disheartening at times, as well as downright frustrating. I have managed to stick it out and hope to see the light at the end of the tunnel someday.

    Good luck on your future endeavors. I wish you good fortune and good health.

    Seth Shoultes

  14. Brian Bowman says:

    Hi Jeff,

    I’m a business owner who has made his living by building websites that have strong earnings potential in local markets. I’ve been working on something using Buddypress as the platform for doing so, but was eagerly awaiting the release of your BP Privacy component before moving forward.

    I’ve given your article the once over…and at heart, I understand the decision. Having said that – it seems that the product is a very viable (yet missing) component for the LT success of Buddypress sites. I can’t think of who WOULDN’T want it if they are at all serious. And, frankly, I think it’s worth a good penny asking price. I work in the realm of where we PAY for services and support all day long – this open source environment is interesting, but candidly, I’d rather pay to get a great product….and get moving NOW vs. when someone in the community such as yourself puts in all the effort (and doesn’t get paid?!) – but you just don’t know when all the components will be available, or supported (if at all).

    Would you reconsider completion of the BP PRIVACY component with a financial partner of sort? If so, what would it take as an investment? Would / could you put in milestones of such to reach completion? And ultimately, we could perhaps promote the product together (with some sort of a revenue split – depending on the investment up front) once it’s gotten through the BETA stage – or, are you limited in the ability to outright SELL the plugin itself? There are many ways to structure a deal that would be good for the community…AND for you (and your investor). I”m not a programmer, but i do know how to structure deals.

    Not sure I understand all the legal limitations just yet, but it may be worth a chat given you have nothing to lose at this time. It wouldn’t be the first time a person, or a business reversed it’s decision based upon a changing environment or opportunity.

    If interested in a one-on-one discussion – feel free to drop me an email and we can exchange numbers and have a chat on the idea.

    Either way – best.


  15. Hi Jeff

    Newbie WP user for about a year for 1/2 dozen sites, just starting into my first BP install… and immediately went looking for privacy options. Was excited and bookmarked your site to visit back awaiting release. Didn’t, like so many obviously, think to pre-pay for support.

    Reading your post in full, I got an education in many areas. Thank you. From now on, I’ll be a lot more picky about the plugins I choose, providing donations/signing up for support, and far more open to buying premium plugins (even if that’s not your preferred release method).

    A great, if sad story Jeff: one where your diligence, patience and altruism shine brightly, and ultimately your wisdom underlines it all in the rationale for your decisions. Disappointed for you, and selfishly so for me, but inspired by your story!

    My hope is that this code is taken up into the core BP code – ASAP!!!!!! At least then your efforts will live on dynamically…

    y blessings for what they’re worth on your start-up: may it be wildly, enjoyably and sustainably successful for you in the ways you dream of!

  16. […] anymore on buddypress. The privacy plugin from Jeff Sayre was released after more than a year. Jeff described his reason why he decided not support and maintain the plugin – and I fully understand why he is acting like that. He said that he believed that privacy is […]

  17. jbdurand says:

    The entire story of your plugin is really sad.
    Because we need privacy in Buddypress.
    Because Facebook, Google and Diaspora have it already then it’s less understandable not to have it.
    Because Facebook Timeline will drive people to escape and use more wordpress blogs to keep personal life informations (end evenutally share a fraction of it to FB Timeline).
    So what could be done to have you change your mind and find a solution with Boone Gorges and incorporate your plugin in the BuddyPress as one of the most important add on?
    Hope you can find a solution very soon…
    Facebook Timeline is like a secret family diary that you can only store and write in a supermarket closed office. It’s simply crazy to let ( pattern) direct marketers own this type of data on a massive scale. We need an alternative!
    Best regards from France.

  18. askingara says:


    i have created a site by wordpress and i have installed BuddyPress Privacy Component (BP Privacy, BP_Authz, or BPAz) plugin, for privacy issue, it is ok but, when i want to open this part of my site it says that:

    (in opera) “Redirection Status
    The URL was redirected to Please click the link to go there.
    Generated by Opera” and when i click on it it says the same again.

    (In Mozilla)”Redirect Loop
    Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
    The browser has stopped trying to retrieve the requested item. The site is redirecting the request in a way that will never complete.

    * Have you disabled or blocked cookies required by this site?
    * NOTE: If accepting the site’s cookies does not resolve the problem, it is likely a server configuration issue and not your computer.”

    i have checked the cookies also and all is well.
    and i have also transfered the privacy folder to buddypress/bp-default.

    any solution will be great.

    • Jeff Sayre says:

      Please read my old article, BP Privacy v1.0-RC1 is now available! In the article I am very clear that the plugin is “tested to work with WordPress 3.0.5 and BuddyPress 1.2.7.” On the WordPress plugin repository site for the BP Privacy and in the plugin’s readme.txt file, it is clearly stated that BP Privacy requires and is compatible only with “PHP 5.2.x, WordPress 3.0.5, BuddyPress 1.2.7”.

      In short, BP Privacy is not designed to run on newer versions of BuddyPress or WordPress. In fact, is was designed to run only on WordPress 3.0.5 and BuddyPress 1.2.7.

      In my article, I also make it clear that “I am no longer developing or supporting this plugin.” Therefore, you will need to either update the plugin yourself, hire someone to do so, or choose a different option.

      Finally, the article and plugin’s readme.txt file are very explicit that BP Privacy is “a release candidate, not to be used in a production site.” In fact, the plugin’s readme.txt file has this obvious statement:

      This plugin is a release candidate version to be used only in a development sandbox and not in a production environment. Use at your own risk. This plugin is also not being developed or supported anymore by the author. It is released to the BuddyPress community for it to be adopted and further developed.

      I’m sorry for the inconvenience.

Share on Twitter
Share on Facebook
Share on FriendFeed
Share on LinkedIn
Share on StumbleUpon
Share on Digg
Share on Delicious
Share on Technorati
Add to Google Bookmarks