Jump to content

Better privacy policy for embedded YouTube videos (GDPR)


Phil7789
 Share

Recommended Posts

Hello there,

I have some concerns about how YouTube videos are embedded by the software. For a proper privacy policy (at least in germany) you should add that you use the service of YouTube only with an extended privacy policy. YouTube has a function for this while sharing videos: the link changes from youtube.com to youtube-nocookies.com when you tick the checkbox "extended privacy policy". Without this YouTube will generate a cookie for a visitor just by visiting the site where a video is embedded. The user does not have to click on the video or watch it.

When using youtube-nocookies.com the software can't embed the video (as the link has changed).

I strongly suggest that a feature is added to choose if the software should use extended privacy policy for embedding youtube videos as this could cause some harm with GDPR compliance (posibility of user tracking with the set cookie). The software should furthermore force-change the link to youtube-nocookies.com for the case that unexperienced users post videos without the extended privacy policy checked.
As this might perhaps not be a necessity for some countries or courts it can increase the legal security of webmasters.

Please let me know what you think of the suggestions I'm quite interested.

Best regards,
Phil

Link to comment
Share on other sites

Personally, I do agree with you that this is shortcoming and currently the youtube embeds are not GDPR compliant. 

However, I draw the line slightly before obsessing about cookies placed by youtube embeds. I do have in my terms that some embedded services such as youtube can place cookies and thats pretty much it. I gave up on the idea that I can be 100% compliant. 

Link to comment
Share on other sites

33 minutes ago, jair101 said:

However, I draw the line slightly before obsessing about cookies placed by youtube embeds. I do have in my terms that some embedded services such as youtube can place cookies and thats pretty much it. I gave up on the idea that I can be 100% compliant. 

I have to agree with you, it is almost impossible to be 100% compliant. I personally want to reduce the risk to a absolute minimum (I've also added a section inside my privacy policy declaring the youtube cookies).

18 minutes ago, Nathan Explosion said:

Added functionality for this in v1.0.3 of this plugin:

Thanks for the hint Nathan! Do you extend the core function with this plugin? I think I could use this until there is a function to enforce GDPR compliant youtube links.

Link to comment
Share on other sites

1 hour ago, Phil7789 said:

Do you extend the core function with this plugin?

Yes, it's hooks into the \IPS\Text\Parser when someone pastes a link.....the IPS code performs a check of the domain of the link to determine if it has an oembed endpoint. I just do a little manipulation of the returned embed information for youtube and change the url used.

Link to comment
Share on other sites

11 minutes ago, Nathan Explosion said:

Yes, it's hooks into the \IPS\Text\Parser when someone pastes a link.....the IPS code performs a check of the domain of the link to determine if it has an oembed endpoint. I just do a little manipulation of the returned embed information for youtube and change the url used.

You probably need to reupload the images for your product again. The hi-res images are all gone. 

Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...