Support » Plugin: WP YouTube Lyte » GDPR Compliance Issue

  • Resolved ekatarinal

    (@ekatarinal)



    Hi guys,

    Except for 1 issue, your plugin does everything it needs to for GDPR compliance (the new EU privacy law). There is NO compliant Youtube embedding plugin right now, so you have the opportunity to be the first (and best) and people will stand in line to use it.

    The only problem is that the preview image is still being loaded from i.ytimg.com. I’ve seen another (bad) plugin that simply takes said image and stores it on the website’s own server so it gets loaded locally. This way, there are zero connections to external servers (which is also faster!). Can you implement this as well?

    Some background: In the EU, we now have the problem that we can’t have our websites connect to external servers (like Google fonts, youtube, font awesome etc.), because the user’s IP address (personal information) gets transferred in the process and we would need the user’s permission and document everything. The only way for us to be safe legally is to get around such connections and load things locally.

Viewing 15 replies - 1 through 15 (of 48 total)
  • Plugin Author Optimizing Matters

    (@optimizingmatters)

    But preview-image aside; when playing the video the user is making a connection to external servers, no? So even if we would load the image locally, the problem remains?

    frank (proud EU citizen πŸ˜‰ )

    Yes, but the user actively clicks on it and that changes everything πŸ™‚ πŸ™‚ πŸ™‚

    Now it’s the user’s choice and the user is not getting tracked upon loading the page.

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    OK, I *might* add this soon-ish if I can spare some time one of the coming days (so much to do, so little time πŸ˜‰ ).

    You wouldn’t be into development yourself now would you? B-)

    can’t you already do this using lyte_helper.php?

    See here: https://wordpress.org/support/topic/override-thumbnail-multiple-videos/

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    changing the thumbnail URL is easy, but you need something to ensure the thumbnail is in fact available on the local server automagically πŸ™‚

    Hi Frank,

    I’m not a developer myself, otherwise I’d offer my help. I optimize our company websites (SEO & Speed), and I’m knee-deep in the GDPR laws to make sure we’re compliant in time. Hence why I said that user choice matters, just like posting a comment or sending a mail via a contact form, which also transmit information. If the user actively clicks a video, it’s their choice and that means the website is compliant.

    Your plugin already connects to i.ytimg.com to get a thumbnail. Can’t it do that behind the scenes and save it on the server, maybe in a sub-directory within the plugin directory? Then you just show that image instead of having the user download it from i.ytimg.com?

    Hi,
    Frank just provided this solution:

    https://wordpress.org/support/topic/info-text-possible/

    Might be enough for GDPR compliance πŸ™‚

    • This reply was modified 7 months, 3 weeks ago by  HighKay.

    Sadly, it isn’t, because the embed is still connecting to Youtube to download the thumbnail. So user data is transferred to Youtube.

    • This reply was modified 7 months, 3 weeks ago by  ekatarinal.

    No it isn’t, only if the user clicks on the video.

    Zitat from Frank: “The thumbnails are loaded from YouTube servers, but those are not tracked by YouTube (no cookies are being set). Upon clicking on the play button however, YouTube can and will collect information about you.”

    But it’s connecting to Youtube and that means the user’s IP address (personal data) is transmitted. That is the same reason why we can’t just use Google Fonts externally anymore and have to host them ourselves. This is not about cookies, it’s about connecting to external servers.

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    Your plugin already connects to i.ytimg.com to get a thumbnail. Can’t it do that behind the scenes and save it on the server, maybe in a sub-directory within the plugin directory? Then you just show that image instead of having the user download it from i.ytimg.com?

    that’s exactly what I have in mind as solution @ekatarinal πŸ™‚

    this would have the added benefit of decreasing page load time.

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    almost ready (for a test) πŸ˜‰

    Plugin Author Optimizing Matters

    (@optimizingmatters)

    OK, committed an update on Github, download this zip-file and take it out for spin and let me know what you think πŸ™‚

    frank

    Hi Frank,

    I’ve tested it on our 2 WordPress sites. On one site the image doesn’t show (black), and on the other the image is still loaded externally for some reason. The option to load it locally is switched on for both sites, and I’ve tried deactivating caching plugins etc. to see if one of them messes it up, but the result didn’t change.

Viewing 15 replies - 1 through 15 (of 48 total)
  • The topic ‘GDPR Compliance Issue’ is closed to new replies.