Youtube are tracking you by default on websites with embedded Youtube videos, even if you don't play the video!
This is not new, but Dave just discovered he's been embedding non-privacy enhanced Youtube videos on his website without knowing it. These links embed cookies that track users behaviors even without them playing a video.
EEVblog Main Web Site: http://www.eevblog.com
The 2nd EEVblog Channel: http://www.youtube.com/EEVblog2
Support the EEVblog through Patreon!
http://www.patreon.com/eevblog
Stuff I recommend:
https://kit.com/EEVblog/
Donate With Bitcoin & Other Crypto Currencies!
https://www.eevblog.com/crypto-currency/
T-Shirts: http://teespring.com/stores/eevblog
Likecoin – Coins for Likes: https://likecoin.pro/ @eevblog/dil9/hcq3
💗 Likecoin – Coins for Likes: https://likecoin.pro/ @eevblog/dil9/hcq3
This is not new, but Dave just discovered he's been embedding non-privacy enhanced Youtube videos on his website without knowing it. These links embed cookies that track users behaviors even without them playing a video.
EEVblog Main Web Site: http://www.eevblog.com
The 2nd EEVblog Channel: http://www.youtube.com/EEVblog2
Support the EEVblog through Patreon!
http://www.patreon.com/eevblog
Stuff I recommend:
https://kit.com/EEVblog/
Donate With Bitcoin & Other Crypto Currencies!
https://www.eevblog.com/crypto-currency/
T-Shirts: http://teespring.com/stores/eevblog
Likecoin – Coins for Likes: https://likecoin.pro/ @eevblog/dil9/hcq3
💗 Likecoin – Coins for Likes: https://likecoin.pro/ @eevblog/dil9/hcq3
Hi I Can't believe I've just discovered this has to do with YouTube and tracking users on my website if you don't know, I've got Eevblog com where I post videos and of course host the eevblog forum and I as well as posting on YouTube I actually posted on my blog website here I have done since day one and if you actually go in here and have a look at an individual page, then Bingo! I've got an embedded YouTube video here and you can play it. You know you can play it here or you can play it on YouTube or you can do whatever ever. Even got a podcast version you can download but I just discovered something. So when I go to create these blog posts I of course go into my youtube video here and I click the embed button which they've just changed today by the looks of it, but it's got the same stuff.
once you get in anyway, they're always changing stuff and I just copy the information here and then post it into my wordpress blog and Bob's your uncle, right? It puts the frame in and everything's hunky-dory but I really have never paid attention to this. Enable privacy up yet. Yes, you can see that enable Privacy enhanced mode and I've never really thought about this before. I Just assumed that if I put that embedded video on my website YouTube like won't track users YouTube / Google / alphabet won't track users unless they actually play a video.
But that's not the case. Look at the help for this thing. hover over that. Here it is when you turn on Privacy Enhance mode YouTube won't share information about visitors on your website unless they play the video.
So of course what this means is that a by default this is disabled. So every time I've gone to do what? I Just done. Copy, you know and paste the thing. I've never thought about it that YouTube Just by me.
Copy and paste in this code onto my website. Every time somebody loads my page, it loads a cookie on your browser which then tracks you and what pages you're visiting and stuff like that. What a load of unbelievable. Anyway, Um, I can't believe that I've never noticed this.
The Bastards I am I know this is probably not. Well, this is definitely not new. I checked and apparently this was first introduced in 2010. So it's like ancient.
it's eight years old. Um, but I just never really paid attention to it and everyone's gonna do of course. Google and everyone else tracks you. You know that's their whole business model, but I just didn't expect them to do it unless you actually play the video.
Unbelievable. So anyway, what is the difference between the privacy thing? What is the difference in the code? Well let's have a look at it. The the only difference is that it has Youtube.com embed and YouTube - no cookie com embed. Apart from that, it's exactly the same thing.
and YouTube No cookie com sure enough is actually a YouTube websites of the name servers on Google.com and all that sort of thing. So of course it's totally legit as you'd expect, but that's what it does. It doesn't load a cookie when you load the page, so only if you play the video then does it put it. Which is fair enough. it puts a cookie on your website. Everyone does it right. I don't do that. By the way, I'm not tracking people, but um, on my website, but the advertisers may because I've got ads on the website and they may be I don't know what cookies and things they might or might not put on, but I didn't expect it unless you actually played the video like that.
It's just unbelievable. Anyway, yeah I just realized that it's new to me. news to me so I know everyone's gon do. But anyway, just thought I'd share that catch you next time.
I have been getting the vedios which my husband usually watches on my youtube feed, however he never used my phone or my account to watch those vedios. Same happened on my husband's youtube feeds as well. I do not want to be paranoid, but feels like being watched big time.
Welcome to the world of GDPR! In Europe I am not allowed to put an embedded video on my blog page without getting the consent of my visitors. Reason being that I cannot control how Youtube will use cookies. Obviously this new option allows Content creators to change that setting, so the embed code is GDPR compliant.
I didn't know there is this option, so I simply deleted the embedded Youtube video's on my blog page and put in the URL's instead. (Without linking of course, cause if I liked it then I would need to put a disclaimer specifying I cannot control the content behind that link or be identically responsible for that content.)
The world has a lot of waking up to do in regards to the Jews and all that they are up to
Can you log in to your website? Oh you can XD then you do set cookies and "track" users (although it's to make sure that it's all authentic and people are logged in and such but you said that you don't XD )
Compare the "code" with and without the setting then you can go back and edit it
This is part of the GDPR craze. It is part of google' s mechanism that shows relevant content (like video suggestions) based on personal interests.
This option basically should allow websites with EU visitors to prevent tracking cookies if the user has not consented to them.
Even if you play the video, you still have the right to not be tracked. The "If you do not like it then do not use the site" practice is not acceptable any more.
The same applies to google adsense/adwords and google maps.
Of course the implementation on a framework like wordpress might operate differently. Which is a very strong indicator that GDPR is misguided. Consent should be handled on the browser level. Not be left to the the mercy of website implementation. Like with any IOS/Android app.
That's why Zuck was in senate. They do it all the time and there's no checkbox to disable it.
That's why you use "Privacy Badger" from EFF 🙂
I mean, without my cookie, my settings aren't going to be applied to the player. You probably know, but cookies hold settings, not really a tracking thing.
yes Dave.. they track everything.. thats how they make their ads services better so they can pay you..
As you maybe don't know, any url served from a webserver can be registered and they can figure out where you came from, the page you came from and what you actually like. Easy peasy. If you want to avoid this 'exposure', host your own website, don't use wordpress, don't use embedded links/software (host your own videos), don't point to external locations. Better: Don't go online, it always a risk when you rely on third-parties. First problem, name registration and DNS, provided by a server and you can't figure out what kind of info they store or not, legal or not.
What google did is a privacy requirement by law, when not required it wasn't there. Problem is the default, it is on when it is off. Most of the time it is off, the reversed way of "on". It always is turned on when introduced, so you have to turn it off but in this case you have to turn on the protection by swithing it on, the opposite of protection. You have to don't agree instead of accepting it and they fool you by !true and !false. Awful game.
Corporate surveillance is going to become a huge issue in the next decade (far more than it is now, which is pretty bad).
Google you cheeky rascals
Thanks a lot there Dave.
No it's not the same. With the nocookie-domain a visitor won't be able to use the youtube history (e.g. to continue watching on another device). Identifying an account is not necessarily always about tracking. That said: embedding a resource from another server technically always allows tracking (at least the visitors IP). That's a reason to prefer local resources or load them only if needed/requested by the visitor.
uBlock Origin blocked 53 requests by the end of this vid', just this page. Unfortunate for monetised content creators, but the alternative is worse.
I mean it is an embedded element which loads files when you load the page it is embedded in, clicking the play button just goes to the next process, I would see the fuzz if it was just a link and it was doing that.
Clear your cookies and browsing history every couple of weeks.
uBlock Origin and uMatrix.
Adblock Youtube (and everyone else) as hard as you possibly can.
Cookies or not, Google tracks you. Your IP, your browser "fingerprint", etc.. Same for Facebook and his button all over 90% of the web pages. Each time you read the page your browser make a request on the server to read the button picture. Then it record: timestamp, IP, browser, referer, site, URL, etc…
I know it's difficult, but lesson is try and remove reliance on using youtube, google, etc software written by them. Or just spend 500 dollars on a 1998 stock pile intel pentium 4 laptop with o.s. wipped and uefi bios script called chrome web browser, otherwise known as chrome book, and smile.
Tracking is understandable if you insert Google Analytics into your website, that's it's job. But a video playback window's job should be just that, to play back video, and only do something when you click on it.