Recent searches
Search options
@AlgorithmWolf in order for YouTube to detect the use of adblockers, they are using javascript in the client to detect various behaviours.
The deployment of that js file itself requires consent, the running of the javascript within the browser to ascertain how the browser is behaving also requires consent - there is no other legal basis available under the relevant law.
There is no escape clause here for YouTube, we have EU case law which is binding on *all* Member States supporting this.
@thatprivacyguy @AlgorithmWolf@ioc.exchange
If that is the case then most websites are also in breach of the same law. Virtually nothing works if you disable client side JavaScript, which by definition has been loaded ( from the remote) and executed locally in your browser.
I’ve never seen a single consent screen for that. In fact, I reckon every consent screen implementation out there would be in breach of that.
So why pick on YouTube’s ad-blocker?
@helvick you seem to have missed the part of the OP that says "unless strictly necessary to provide the service".
@womble @thatprivacyguy
No, I know that’s what the final part of that article says.
It’s just that nobody asks permission to run Javascriot on any site. I can’t speak to YouTube’s belief or otherwise about what’s strictly necessary but who gets to decide what Javascript findings need consent to be transmitted back and what doesn’t? And every site does it.
Are there guidelines?
GDPR is quite clear (to me) but this seems like it could be interpreted to target any client:server traffic.
@helvick ultimately, "who gets to decide" is the courts, just like every other law.
As for "every site does it", technically it can't be *every* site, because the websites I occasionally build don't. I will grant you, though, that the overwhelming majority of sites do something along these lines. However, I'd suggest that the overwhelming majority of drivers break the speed limit (or some other rule) now and then, so why should the road rules ever be enforced?
Fair enough, but if they are all breaking the law we should be reporting them all.
I find Youtube’s adblocker pogrom to be pathetic and dumb but it’s their website, if they want to make it crap then so be it. We can all choose to not play.
But if the ePrivacy rule genuinely prevents them ensuring ads are run on an ad-funded service then i think the fallout could kill off a lot of service access for folks who can’t pay subscriptions. And that’s bad IMO.
@helvick yes, you absolutely should report every site you believe is breaking the law. Don't be surprised if the authorities decide to get the most bang for their buck and prioritise the cases that serve their interests most effectively, though.
@thatprivacyguy @helvick @womble Well, GDPR is _slightly_ relevant in that it specifies what level of consent is required, what you must do to collect it, and that consent for it must be separate and specific. But it's the ePrivacy Directive that brings code of this nature under GDPR.