Youtube GDPR and the implementation with Complianz

  • Resolved bestcases

    (@bestcases)


    2 years, 3 months ago

    Hello.

    I’ve read an ( relatively old) article from Complianz here which basically says that Complianz will stop loading embedded Youtube Videos, until an acceptance had been made by the site visitor. Instead of loading the Video from YT during loading the site, there will be an image from the Video which Complianz is loading from YT and storing it locally to show it on the page without connecting to YT prior a visitor gave consent..

    So far, so clear. Question: With this approach: Should the Videos still be linked with the “nocookie” option from Youtube (https://www.youtube-nocookie.com); or should a regular link be fine?

    • This topic was modified 2 years, 3 months ago by bestcases.
Viewing 8 replies - 1 through 8 (of 8 total)
  • Thread Starter bestcases

    (@bestcases)

    To put the question in a different way:

    Will Complianz automatically transform YouTube links to the nocookie URL, like “Embed Privacy” does, as I learned here by accidentally asking a related question in their subforum?

    If Complianz does so, where can I read about the handling/details about the function related to Youtube, asking for consent and nocookie?

    • This reply was modified 2 years, 3 months ago by bestcases.
    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    We do not use the no cookie url, as it still places cookies. Only instead of placing them on page load, it does so after the user clicks “play”. Please read the full explanation here.

    https://complianz.io/youtube-and-the-gdpr-how-to-embed-youtube-on-your-site/

    Because of this, Complianz blocks YouTube until consent is given, even if it’s a no cookie url.

    Regarding the other thread: if YouTube is already blocked by another tool, you can always deactivate the YouTube integration in Complianz/integrations/services.

    Thread Starter bestcases

    (@bestcases)

    Thank you. The handling by Complianz is clear now.

    If I understand you correct, your understanding (the understanding of the Complianz-Team) is, that according to the GDPR-rules it would be OK to place Youtube-Links on the site, which are without the “enhanced privacy/no-cookie-rule), because Complianz does prevent the connection to YouTube, until consent is given by the user.

    If this is correct, then one would not need to worry about placing the no-cookie-links for YouTube, right?

    Even if I think the GDPR is a bureaucratic monster, and a waste of human resources (as this thread should be evidence of), the GDPR has been put in place and seems to be enforced. With that in mind, I really hope we get a resourceful discussion going, ending with a clear understanding of the proper way to handle these links, therefor I will express the following:

    From my current understanding I am not sure if preventing the YouTube connection until the user gives permission to open the “regular” link would be sufficient for the GDPR, because the user is not served with the privacy information/handling of his data in regards to YouTube; therefor he’s not able to make an informed decision…
    With that in mind, it seems useful/more safe in regards to the GDPR, if one would still use the no-cookie link to YouTube. And in such case it would be great if Complianz would “overwrite” an existing regular link and replace it with the no-cookie link, (as the linked tool in my previous post does). Might be a pretty straight forward/simple additional feature to implement to Complianz.

    What are your thoughts?

    Plugin Contributor jarnovos

    (@jarnovos)

    Hi @bestcases,

    Just to confirm: this concerns embedded YouTube content, and not just links to YouTube video’s? As simply offering links to YouTube video’s on your website would not require you to obtain consent.

    With the YouTube integration activated Complianz blocks the entire YouTube embed/scripts prior to consent, therefore preventing the connection & its cookies until explicit consent is obtained from the visitor. When the user wants to play the video and has therefore consented to YouTube via the placeholder or the Complianz banner, and at that point it wouldn’t really matter whether it is a regular YouTube URL or the ‘nocookie’ variant being used to embed the video.

    As to the aspect of informing the user sufficiently: Complianz offers a description of the YouTube cookies on your Cookie Policy, as well as a direct link to YouTube’s Privacy Statement.

    Hope it answers your question!
    Kind regards,
    Jarno

    Thread Starter bestcases

    (@bestcases)

    I get your reasoning, it makes sense to me. Thank you.

    Yes, my question is in regards to embedded content, not just links.

    So with that, is it correct to assume that you (the Complianz-team) does currently not see any reason to integrate the functionality to “overwrite” an existing regular YT-link and replace it with the no-cookie link?

    Plugin Contributor Aert Hulsebos

    (@aahulsebos)

    Hi @bestcases,

    Correct, as the entire connection with YouTube is blocked prior to consent and therefore only initialized upon providing consent, there wouldn’t be a noticeable benefit in doing so.

    Uninstalling Complianz now. This is just getting stupid.

    Plugin Contributor jarnovos

    (@jarnovos)

    Hi @titusakk,

    I’m not entirely sure what your post refers to, as this thread is over 5 months old, and the original poster’s question(s) had already been answered.

    If you are experiencing an issue we can assist with, feel free to create your own thread. We’d be glad to help.

    Kind regards, Jarno

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Youtube GDPR and the implementation with Complianz’ is closed to new replies.