GDPR compliance

This topic contains 7 replies, has 4 voices, and was last updated by  Dirk 5 years, 9 months ago.

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket

Tagged: , , , , ,

  • Author
    Posts
  • July 17, 2018 at 3:05 pm #438796

    Atilla Boz
    Full Member
    Post count: 280

    Hi friends,

    we got a problem. The videos in the entries are embedded which is not GDPR compliant – in other words: illegal / not useable anymore for the EU or any websites that have website in the EU.

    I found this post where it say “we can`t do anything about it” whis of course is totally wrong because there is actually one quite easy thing to do…
    https://wpgeodirectory.com/support/topic/no-cookie-version-of-youtube-video/

    On the place where the normal embed link is added it just should be the no cookie version of the real embed code from YouTube which would be like this:

    <iframe width=”560″ height=”315″ src=”https://www.youtube-nocookie.com/embed/_J7csNwXm0Y” frameborder=”0″ allow=”autoplay; encrypted-media” allowfullscreen></iframe>

    So if you implement that piece of code, and leave variables for the _J7csNwXm0Y part the width and the height everything would be mich more GDPR compliant then before.

    On the other side the user would have to enter his link variable p.e.: _J7csNwXm0Y and a height and width for the video.

    Could you do that please? Would help all european users to stay out of jail and being spied out from Googles 5 billion eyes. If not or it will take long time please let me know again, which files has to be changed to make such a modification.

    Thanks in advance,
    Atilla

    July 17, 2018 at 4:00 pm #438812

    Guust
    Moderator
    Post count: 29970

    Having a cookie policy clearly on your site would fix it too, would it not?
    I’ll get the developers to have a look too at your question.
    Thanks

    July 17, 2018 at 5:23 pm #438823

    Dirk
    Full Member
    Post count: 390

    You are thinking too complex. This snippet will change all embedded youtube videos with the no cookie version and no need to opt-in (and this would be necessary) needed. You can add a youtube video as before.
    If this solution is 100% GDPR compliant, I’m not sure, because I can see a preview pic and this should come somehow to my browser. But this is what you can explain in your privacy policy to be safe.

    

    add_filter( 'embed_oembed_html', 'change_youtube_nocookie_domain', 10, 4);
function change_youtube_nocookie_domain( $html, $url, $attr, $post_ID ) {
	if ( preg_match('#https?://(www\.)?youtu#i', $url) ) {
		return preg_replace(
				'#src=(["\'])(https?:)?//(www\.)?youtube\.com#i',
				'src=$1$2//$3youtube-nocookie.com',
				$html
				);
	}
	return $html;
}
    

		
	
    


    

			
				

    

	
    

		July 17, 2018 at 7:06 pm

		
		#438830

		
		
		
	
    


    


    

	
    

		
		
    Paolo
    Site Admin
    
		
		
     Post count: 31206
    
	
    

	
    

		
		
    Thanks Dirk for sharing…
    

		
	
    


    

			
				

    

	
    

		July 23, 2018 at 7:44 am

		
		#439373

		
		
		
	
    


    


    

	
    

		
		
    Atilla Boz
    Full Member
    
		
		
     Post count: 280
    
	
    

	
    

		
		
    Hello Dirk,
    

    first of all BIG THANKS for the input. This code will save me alot time to make other pages (more) compliant! I just tried it out and it works very nice!! Especially for GD it is definetely the best solution without changing any core code. Really awesome 🙂  
    

    You are absolutely right that this change is still not 100% GDPR compliant BUT much more then before. The general problem with the older version is, that the cookie is loaded even when people don’t watch the videos. Seeing the preview is not such a big problem as instantly having people download a cookie. 
    

    Anyways your code snippet has potential to be formed into a wordpress plugin because thousands of people around europe are changing their posts manually. If you would add a code snippet to change the standard embed code into the no-cookie embed code too, that would help even more users, cause most of them have added the videos in the normal way. 
    

    Guust and Paolo – good to see you after long time again 🙂 Hope you have been doing good. Feel hugged – feels good to be back in the GD camp. I needed a break after I have been GD overdosed xD 
    

    P.S.: I would suggest that you add that Code from Dirk into the next update from GD, it won`t have any disadvantages for the users but might save some of EU-based users from trouble. My customer still has is website offline because they are afraid to get an e-mail from some lawyers. If you help the EU-users to stay compliant, they will have better sleeps at night and more time to make money and keep paying their GD licenses. 
    

    P.P.S.: Maybe you can inform the other guy from the closed post that I linked up that we found a solution, so he sleeps better, too. 😉  
    

		
	
    


    

			
				

    

	
    

		July 23, 2018 at 8:23 am

		
		#439376

		
		
		
	
    


    


    

	
    

		
		
    Dirk
    Full Member
    
		
		
     Post count: 390
    
	
    

	
    

		
		
    You are welcome. Did a lot of changes in GD and also in WP Core to be more compliant.
    

    If you would add a code snippet to change the standard embed code into the no-cookie embed code too, that would help even more users, cause most of them have added the videos in the normal way.
    

    The code is not related to GD, it is working on WP level. It is changing all links in a content field (embedded). Also GD is using the WP embedded function, no additional code. So if you have a YouTube link in a standard or custom post the snippet will change the link too.
    

    Best,
    
Dirk
    

		
	
    


    

			
				

    

	
    

		July 23, 2018 at 8:45 am

		
		#439377

		
		
		
	
    


    


    

	
    

		
		
    Atilla Boz
    Full Member
    
		
		
     Post count: 280
    
	
    

	
    

		
		
    Hi Dirk again,
    

    what other GDPR changes have you made? Are you german btw?
    
Dirk sounds quite german to me. 
    

    Here`s my GDPR Best Practice To-Do-List (in german):
    
https://workflowy.com/s/IQ7V.Vc6DudApGi
    

    Well if it really works with the standard embed code, too that`s quite awesome. Need to try it out, soon. You should really make a plugin out of that. Or I will do it 😀 
    

    Even though I`m not too sure if it will change the original embed code from YouTube (not talking about a embed Link that you copy&paste from the browser URL area). Will keep you updated. 
    

    Best,
    
Atilla
    

		
	
    


    

			
				

    

	
    

		July 23, 2018 at 9:06 am

		
		#439382

		
		
		
	
    


    


    

	
    

		
		
    Dirk
    Full Member
    
		
		
     Post count: 390
    
	
    

	
    

		
		
    You got me. I’m German and I failed getting rid of my English-German slang.
    

    I changed most of the “GDPR code” of GD. I did some work on IP address anonymizing in WP and opt-in where I need it. All this is not what can be used in general.
    
I started from the records of processing activities and implemented what is needed. Still not finished. It is unbelievable which plugin is collecting personal data for no need.
    
If you go into the discussion about these needed records of processing activities with WP or plugin developers, they have no clue and you are not getting support. E.g. I investigated the GD processes and did the records by my own.
    

    The code snippet is for this function:
    
https://codex.wordpress.org/Embeds
    
You can see how many Embed types WP integrated in the past and most of them are bad, bad, bad for GDPR. Most of them are deactivated on my pages.
    

    Dirk
    

		
	
    


    

			
		
	
    • 

	
  • 

		
    Author
    

		
    

			
				Posts
			
		
    

	
    • 





			



	


		Viewing 8 posts - 1 through 8 (of 8 total)
	


	


		
	





		
				

			

				

					
We have moved to a support ticketing system and our forums are now closed.

					Open Support Ticket