In order to add value to your blog post, sometimes you may want to embed a YouTube video. Usually using YouTube’s default settings.
But there’s a problem many website owners may not be aware of …
The visitors of that blog post will get third-party non-essential cookies unless they previously set their browser to block cookies.
Here’s what I got in my browser after embedding such a video:
- 1 advertising cookie stored by Google under the domain doubleclick.net (IDE)
- 4 cookies from youtube.com (GPS, PREF, VISITOR_INFO1_LIVE, YSC)
Now let’s see what you can do to solve (or not!) this issue …
Unsafe Solutions: Ignoring GDPR; Implicit Consent
For various reasons, you may consider ignoring GDPR requirements.
Lack of jurisdiction, hard or even impossible to enforce GDPR, etc.
But you’re not 100% on the safe side, are you?
Another option is to interpret the law as some bloggers, companies, and other organizations did:
You aren’t a lawyer, are you? Neither am I.
What if all those guys (who think that implicit consent is enough) are wrong, and the others (who think that explicit consent is required) are right?
(Update: If you don’t know what the difference between implicit consent and explicit consent is, please read this comment.)
You’re not safe. You cannot defend yourself by saying that many other people do what you do. That’s not an acceptable legal defense.
Bad Marketing Solutions: Banning EU IPs; Removing Videos
These days when some law makers think that they are the masters of the Universe, I don’t know anymore whether something is still legal or not. But I guess that banning EU IPs is legal.
However, such an extreme solution is bad for your marketing. It’s obvious. You don’t need me to explain why it’s that bad, do you?
Let’s move on to the next solution …
I’ve seen some bloggers removing YouTube videos from their blogs or replacing these videos with simple links to the original YouTube videos.
Sending the visitors away from your site doesn’t look like the best solution though. Both you and your visitors don’t gain anything from such outbound links.
The Best Solution: Not Using YouTube Default Settings
At the bottom of this blog post, there is a YouTube video.
Here’s how I stopped it from sending to your browser the five cookies mentioned above …
- Case 1 – If the video is already embedded on your website, go to that blog post where the video is embedded and change the code that renders the video as follows: instead of
src="https://www.youtube.com/embed/your video code?rel=0", use
src="https://www.youtube-nocookie.com/embed/your video code?rel=0"
Basically you replace the domain name youtube.com by youtube-nocookie.com
- Case 2 – If you’d like to embed now a video, right before copying the code from YouTube’s site go to “Embed Options” and check the box “Enable privacy-enhanced mode.” This setting changes the domain name from the default code the same as shown in the previous case.
When it comes to embedding YouTube videos on your website, it doesn’t pay to ignore GDPR, argue about explicit or implicit consent, ban certain visitors, or remove the videos from your site.
Simply use the safe solution posted under the previous sub-headline and everyone will be happy.
To Your Blogging Success!