GDPR compliant YouTube Videos

Is there a way to use Bricks video element to make YouTube videos GDPR compliant? Developer Matthias Altmann created this snippet for Oxygen builder which also works with Bricks but I’d like to have gdpr support directly from Bricks element.

4 Likes

@timmse any input on this? would appreciate your feedback.

Well, it is only a workaround but you could do the following things to be compliant with GDPR yourself by embedding a Youtube Video :

  • use the no-cookie domain by replacing your youtube video URL by adding ‘-nocookie’ between ‘youtube’ and ‘.com’
  • use a performance plugins that can generate images for Youtube embeds like Swift Performance, FlyingPress, WPRocket or LSCache. Those plugins will do the whole “put a cached image from local storage instead of loading youtube thumbnail” that looks juste like Matthias Altmann description
  • to finish you can use plugins like tarteaucitron.js (yes, lemon pie in french) or another popular GDPR plugin that can prevent something from loading and ask for permission first.
2 Likes

Thanks for your suggestions. I hope Bricks will take all these features into account. Things like GDPR and accessibility need to be baked in the builder especially in today’s hard competition.

1 Like

Maybe u use the “real cookie banner” with the content blocker?

If the user do not accept the cookies the content would not be loaded.

Timmse recommended me this plugin.

Greetings Andre

3 Likes

Hi Alex,

sorry I missed the thread completely. From my point of view, GDPR is an enormously important topic - not because I’m afraid that my data will end up somewhere, but because it is legally required depending on the country and can lead to massive warnings if disregarded. Accordingly, the topic should definitely be taken seriously. However, I do not see the theme in the responsibility.

There are a lot of very good plugins that deal exclusively with the topic of GDPR. For example, I use Real Cookie Banner or Borlabs Cookie, both of which are very comprehensive and provide much more options than just blocking YouTube videos.

To run a professional website nowadays you almost can’t avoid using a GDPR plugin, unless you want to do without everything completely (stats, google, webfonts, youtube, vimeo, share, like and more).

Unless it’s really just about blocking youtube, a custom script solution is certainly a (simple) alternative. If it goes beyond that, I would definitely recommend using a good plugin.

Best regards,
timmse

5 Likes

Yeah, I get it, I shouldn’t have used the word “need to be baked in the builder” but maybe when it comes to a simple use case as you mentioned about blocking YouTube for example, that would be nice to have in the builder as an advantage to stand out from other builders in the market so that an inexperienced user doesn’t have to dig into code or search for additional plugins to just block YouTube. Just a thought and thanks for taking the time to reply.

1 Like

Since Bricks v1.4 WordPress JQuery is no longer enqueued on the frontend. If you are using Matthias Altmann’s Code Snippet: GDPR compliant YouTube Videos you will get an browser console error because the snippet uses JQuery and the click to play button won’t work.
You can enqueue JQuery by adding the follow code into your Bricks Child Theme functions.php:

function load_jquery() {
  wp_enqueue_script( 'jquery' );
}

add_action( 'wp_enqueue_scripts', 'load_jquery' );

Then the snippet should work again. As usual rengenerate CSS in Bricks to be on the safe side.

100% on point. There are enough really good solutions out there. It’s not the theme‘s responsibility to be GDPR compliant …

But: The theme should assist in achieving GDPR necessities as easy as possible, eg: to make Google fonts local and stuff like this!

Hi, Bricks team! I’d like to add my vote for this. When generating an embed code on YouTube, one can choose an option to use a so-called “privacy-enhanced mode”:

image

This feature is offered by YouTube, but not available in the video module.

I agree, of course this does not replace a GDPR compliance plugin (I highly recommend Complianz).

However, using a privacy-friendly embed in the first place might give one an extra leg up in GDPR compliance, though I’ll admit I might be mistaken here. It does sound like YT will still collect data when the video is played, privacy-friendly embed or not, Complianz or not.

I do know that e-Recht24, one of the leading German legal service providers for web designers, advocates for the use of this feature in their privacy policy generator:

“The use of YouTube is associated with legal uncertainties. These cannot be fully remedied by activating the ‘privacy-enhanced mode’. However, they can at least be reduced by this, hence its use is recommended.”

4 Likes

Did anyone figure this out yet? The Snippet of Matthias does not work for me, I get strange display errors (video does not load, the sound loads though).

Also activating the load jquery as suggested by @renpub did not work for me.

Would love to get the youtube functionality without a premium plugin such as borlabs. Also borlabs does only work when the video is embeded as an iframe. I had situations in the past where I could not embed it as an iframe, I dont know if that happens in the future again.

The theme has responsability to be a good theme, build templates, build the base of your website, do it well and fast all while respecting the proper wordpress documentation/rules so that it may play well with other functionalities (such as a GDPR compliance plugin).
GDPR compliance is not the responsibility of the the theme, but of an entire different/separate solution :slight_smile:

Michael from the Inner Circle got it working, but the code is too long to paste it here.
I have send the snippet to Mathias Altman though, maybe he will include it :slight_smile:

If you need it now, send me a dm :slight_smile:

Hi, is this a code to block YT vids or also vimeo? I’d be happy if you could send it to me.
BTW, do you have an idea how to make the bricks-form reCaptcha GDPR compliant?
Thanks in advance!

I did not found a solution to use the no-cookie domain to the Video Element.
I tested with the filter “oembed_dataparse” and “embed_oembed_html” but it not working.

I think the only solution for now is to duplicate the Video Element and change the urls

switch ( $source ) {
	case 'youtube':
		$video_url = "https://www.youtube.com/embed/{$settings['youTubeId']}?";

So is there a solution for it working?

there is coming a wonderful video player with this features from bricksextras.

Invidious with enabled proxy mode can mitigate those privacy issues but it can be a strain on the server.

It would be great if Bricks could pull videos from Invidious instances for backgrounds for that very reason.

It is native now, there is an option “Do Not Track” from Bricks Builder 1.9.2