For the last two years I have had a website designed in Sparkle with lots of YouTube videos. One of the things I decided early on was that I wanted no tracking cookies at all, especially from embedded YouTube videos.
So until recently, my workflow was to publish to a set of local files, run a global edit on all the .html files to change all the youtube URLs to youtube-nocookie.com and upload to the web server. Because Sparkle at that time generated embedded videos with
A recent change in Sparkle altered all that as it now uses the YouTube API via Javascript. Also you now have to publish direct to the web server. As a workaround, Iâm currently editing the javascript after the upload to add host: âhttps://www.youtube-nocookie.comâ to the YT.Player functions.
As I understand it thatâs an undocumented parameter but it does work and Iâd really like an option in Sparkle to generate that non-tracking code for me.
I made the mistake of putting an html tag in the post above. It should read:
Because Sparkle at that time generated embedded videos with iframe it was easy.
I think you will find the only way to stop tracking by YouTube is at browser (user) level. For example, the latest version of Safari has this option built-in and enabled as standard, but you, as the site developer, cannot set this as a default behaviour.
The only way to keep Googleâs cookies out of your jar is to not use embedded YouTube videos.
When you use embedded YouTube videos you give Google control of your site and users. Store all your videos in Sparkle and then link those videos out to your YouTube site. You want to keep your website separate from your YouTube site. This dramatically simplifies GDPR and overall user privacy.
Sparkle not only does a great job handling video, but becomes your CMS (Content Management System). Use this great function to your advantage.
Thanks, Duncan.
However, there seems to be much confusion about the youtube-nocookie URL and what it achieves, both out there on the web and, not least, in my own mind!
Iâm pretty sure that in the past, it did stop Google storing tracking cookies, but it seems from my own testing today, no longer.
If you choose a video on YouTube and then click share/embed to see the suggested iframe code, there an option to âEnable privacy-enhanced modeâ. Selecting the option adds the -nocookie to the URL. The information pop-up says: âWhen you turn on privacy-enhanced mode, YouTube wonât store information about visitors on your website unless they play the video.â Itâs debatable how much of a privacy enhancement this actually is!
So as others have pointed out, itâs actually not possible to prevent YouTube cookies, if indeed it ever was.
So Iâll withdraw the enhancement request, Duncan. Thanks for considering it.
Canât really do much harm (assuming it doesnât stop working!).
The whole debate about cookies is somewhat muddled by the lack of understanding of modern tracking techniques, and not by you or me, mostly by legislators and law enforcement.
Even by storing no cookies, Google would still know itâs a specific user/profile via countless direct or indirect signals. You use gmail on the same computer? Youâre logged in youtube? Your site uses Google Analytics? Google Fonts? A captcha? Itâs so easy for them.