TYPO3 core is ready for many GDPR requirements regarding cookies and IP addresses. The core anonymizes IP addresses, cleans up database tables, and limits backend user access. Some features still needed include personal data portability, a "forget me" removal of all user data, and improved cookie consent APIs. An extension called EXT:gdpr is in development to help with GDPR compliance for things like working with privacy data and building custom privacy modules. The discussion focused on additional areas the core could address and what other features may be missing.