Today I filed a formal complaint against #YouTube with the Irish Data Protection Commissioner for their illegal deployment of #adblock detection technologies.
Under Article 5(3) of 2002/58/EC YouTube are legally obligated to obtain consent before storing or accessing information already stored on an end user's terminal equipment unless it is strictly necessary for the provisions of the requested service.
In 2016 the EU Commission confirmed in writing that adblock detection requires consent.
This whole thread is a whole lot of hullabaloo about complaining about legality about the way YouTube is running ad block detection, and framing it as though it makes the entire concept of ad block detection illegal.
As much as you may hate YouTube and/or their ad block policies, this whole take is a dead end. Even if by the weird stretch he’s making, the current system is illegal, there are plenty of ways for Google to detect and act on this without going anywhere remotely near that law. The best case scenario here is Google rewrites the way they’re doing it and redeploys the same thing.
This might cost them like weeks of development time. But it doesn’t stop Google from refusing to serve you video until you watch ads. This whole argument is receiving way more weight than it deserves because he’s repeatedly flaunting credentials that don’t change the reality of what Google could do here even if this argument held water.
What they’re doing is illegal. It has to stop immediately and they have to be held accountable
What they’re doing is immoral and every barrier we can put up against it is a valid pursuit
Restricting Google to data held remotely is a good barrier. They shouldn’t be able to help themselves to users local data, and it’s something that most people can understand: the data that is physically within your system is yours alone. They would have to get permission from each user to transfer that data, which is right.
This legal route commits to personal permissions and is a step to maintaining user data within the country of origin. Far from being a “dead end”, it’s the foundation and beginnings of a sensible policy on data ownership. This far, no further.
How is it immoral? Is Google morally obligated to provide you with a way to use their service for free? Google wants YouTube to start making money, and I’d guess the alternative is no more YouTube.
Why is everyone so worked up about a huge company wanting to earn even more money, we know this is how it works, and we always knew this was coming. You tried to cheat the system and they’ve had enough.
I think it’s a question of drawing a line between “commercial right” and “public good”.
Mathematical theorems automatically come under public good (because apparently they count as discoveries, which is nonsense - they are constructions), but an artist’s sketch comes under commercial right.
YouTube as a platform is so ubiquitously large, I suspect a lot of people consider it a public good rather than a commercial right. Given there is a large body of educational content, as well as some essential lifesaving content, there is an argument to be made for it. Indeed, even the creative content deserves a platform.
A company that harvests the data of billions, has sold that data without permission for decades, and evades tax like a champion certainly owes a debt of public good.
The actions of Google are not those of a company “seeking their due”, for their due has long since been harvested by their monopolisation of searches, their walked garden appstore, and their use of our data to train their paid AI product.
A public good? Like roads, firefighters, etc? You want the government to pay for your Youtube Premium subscription?
Less snarky, if you’re arguing that Youtube has earned a special legal status, a natural consequence is that Google gets to play by a different rulebook from all other competitors. That’s quite a dangerous direction to take.
Your snark was actually closer to the mark than you think.
Let’s say YouTube vanished overnight, what would the impact be? Sarcasm might suggest “we’d all be more productive” but let’s take a deeper look.
A lot of free courses (or parts thereof) would vanish. (A key resource for poorer learners)
Most modern tech repair guides would be gone (no machine breakdowns, no guides on fixing errors on old hardware)
A lot of people’s voices would be silenced (YouTube is an awful platform, but for some people it’s one of the only ones they have)
Seems to me, it would do a lot of public harm. Probably more harm than removing a freeway or closing a fire station.
As for letting Google “play by a different rulebook”, it does so already. The OP has indicated that they’re undertaking an action in an illegal way, and yet no-one much cares to stop them. Yes, they could do the same thing via legal channels, but that’s rather like suggesting there is no difference between threats of violence vs taking someone to court when trying to collect money.
Would you grant an insurance company similar legal indemnity? How would you feel about your local barber peeking in your window and selling what they see? Google has long played by a different rulebook, and thus different expectations are held.
Your arguments would only work if you’d argue for breaking up or nationalizing YouTube.
As long as they are a for-profit company you can’t deny them the right to legally earn money the way they see fit, doesn’t matter how big they are or what other revenue streams they have. Forcing them to offer a service for free is nonsense, and attacking them on a technicality that is probably easily circumvented is just a waste of everybody’s time and money imo.
If we really want to do something about this then we have to break their monopoly, same as any other huge company that’s f*cking with consumers.
Honestly if I were a politician I would support legislation restricting permanent bans from major websites from being given out willy-nilly because too many of them are ubiquitous enough to qualify as a public good.
Err, going through threads of conversations on both reddit and lemmy regarding YouTube, one would assume ad free access is the norm and Google even daring to offer Youtube Premium is a bad thing.
I get what you are saying, but you could argue that google is pretty much a monopoly at this point, using their power trying to extract money from customers they could never do if their was any real competition with a similar number of channels and customers.
I think most users see google/youtube as a “the internet”, or a utility as important as power, water and heat. And don’t forget that google already requires users to “pay” for their services with data and ads in other services (maps, search, mail) as well.
So because they earn money somewhere else they should do something else for free? Why? What does Google owe us?
They only have the monopoly if we give it to them. I find their model fair, I use their service a lot. if they overprice me I’ll find another form of entertainment.
But you are right, people see YouTube as a necessity at this point. I’m trying to remind you, it’s not.
It is not up to discussion: Youtube want to serve video to EU user ? They need to follow EU rules. If the rule says that adblocker detection technologies (or attempt) are illegal Youtube has no really a say in it.
But to be clear, that is not what the EU law being cited here says. It says something that may be interpreted as it. I hope that is how it gets interpreted. But that is not what it says.
Hell yeah they should, I’m not disputing that, but there’s so many here pretending like it’s somehow unethical for Google to fight against ad blockers, and I am arguing that.
How is it immoral? Is Google morally obligated to provide you with a way to use their service for free? Google wants YouTube to start making money, and I’d guess the alternative is no more YouTube.
Nope, but it is legally required to ask for permission to look into my device for data that it does not need to provide the serice.
Of course Google could make money, it just need to make them without violating the laws.
It’s all well and good that Google want to make money from my data - but they should be paying me for it. The value of my data isn’t from the data itself, but what can be done with it.
You can’t build a car without paying for the nuts and bolts.
They are. They provide you with a service for your data. It’s called YouTube. And if they don’t have a place to show you ads, the data is useless because no one will use it. It’s a closed loop.
And even if you don’t agree with it, it’s still a company selling a service and it can do whatever it wants to earn money from it. There’s nothing unethical about that.
No, it is not an exchange of data for access to the website. The website is provided completely free, and the data collection is the small print. A normal contract exchanges one thing for another, then the details are in the fine print. If it were an exchange of data for access, then the amount of data they collect would be proportional.
Why? Who made the rules about exchanging data? And it is an exchange of data for a service, it’s just not as obvious as you might want it to be. But nothing comes for free.
Hey I’m not saying I like the big company ethic scathing that’s been going on around the world, but it is how our society currently works.
There’s a whole area of legislation called contract law. An exchange of value requires consideration, ie payment. They invite you in for free, then take your data without consideration. In particular, you only have use of the website while you visit it and so long as they host it in that current form, but they claim rights to your data in perpetuity. They have no obligation to continue hosting the website, because that is a separate arrangement to the data collection.
It’s how things have been going so far, but the law always takes a long time to catch up with new innovation. The law is not always right or comprehensive, which is why it has a facility to be changed. The GDPR cookie splash screen was the first real attempt at this, it falls well short but if everything works as it should then further laws should come.
Frankly though, I think what should happen is that businesses should be allowed to continue collecting data as they are, but their raw dataset should be publicly available for a small nominal fee. This way Google et al can still keep their proprietary data processing magic to themselves, but everyone can make use of the datasets and drive competition. It also gives people a reasonable opportunity to actually see their data, and act accordingly.
Businesses will complain about giving away “their” data, but the reality is that the data belongs to the users and the business merely has a licence. The cat is already out of the bag and it’s not practicable to put it back in, so the best choice is to embrace it openly.
the data that is physically within your system is yours alone.
Actually, ALL the data Google has on you is yours. Google do not own the data, neither do reddit, Facebook or anyone else. They merely have a licence.
Personally I think even that is illegal. Contracts require consideration, you exchange x for y, then you have details in the terms and conditions. This is like “come in for free!” and then everything is in the terms and conditions. If you look at insurance, they’re required to have a key facts page to bring to the front the main points from the terms in plain English. The cookie splash screen doesn’t really do this, as it obfuscates just how much data they collect, and is for the most part unenforceable as you can’t see what data they hold. Furthermore, the data they collect isn’t proportional to your use of the website.
The whole thing flies in the face of the core principles of contract law under which all trading is done. They tell us our data has no value and it isn’t worth the hassle of us getting paid, yet they use that data to become some of the wealthiest businesses in the world. We might not know how to make use of that data, and you’ll need a lot of other data to build something to sell, but a manufacturer of nuts and bolts doesn’t know how to build a car - yet they still get paid for a portion of the value derived from their product through others’ work, as most of the value comes from what you can do with it. We’re all being robbed, every single one of us, including politicians and lawmakers.
Uh. It’s not immoral to read the data they’ve served to you on the page they’re visiting on their own website. I’m honestly genuinely curious what moral argument you could make, here
They’d argue that you going to their page which you know is sustained by ads is consent enough to check whether you’re using ad block. It’s an implicit thing, like how when you go to a restaurant you’re implying that you’re going to pay the bill afterward. You can’t eat and then leave saying, “well technically I never explicitly agreed to pay for this meal, it’s your fault for not asking before serving me.”
They’re taking information from the page they served you and runs the code they wrote to read the page they served you to ensure what they served you is actually what you’re seeing
You’re accessing the site, you’re continuing to use the site, you are implicitly agreeing to allow the code they run to modify the page you’re on
I fail to see how it specifically being used to check that ads are displaying is any different from code running normally in your browser to change the page without refreshing the page entirely
More importantly and actually on subject: how is this immoral? What moral code are they breaking here? You can argue legal semantics, but legality is not morality. You made a moral argument. How is this immoral?
They send your watch habit aggregate data profiles to the number crunchers at alphabet hq, to sell off.
They make fuckloads of money off the free video content theyre given as well as the nonstop data stream of demographics data. Thats why alphabet bought it in the first place.
The ads are just bonus cash. They dont want to miss an opportunity to score more money by selling ad space in their data profile mines.
They are being fully compensated by me logging in and feeding them either free labor as video content or free money as data profiles. They can easily keep the lights on off that alone. They dont need more free cash.
I am not obligated to sit dutifully with the volume up when ads play on my tv.
Nor am I obligated to allow ads to load within my browser.
They send the data they want me to display, down to every element on the page. It is fully within my rights to choose which elements are allowed to load on my computer.
And I wont be fuckin guilt tripped that the billion dollar company will make a fraction of another billion less dollars this quarter over my decisions to do so.
Correct me if I’m wrong but doesn’t the typical terms of service or privacy policy even mention that you, as a user, have the power to reject tracking cookies, tracking pixels, etc. via your browser configuration and third party tools? As far as I know, the YouTube ToS and Privacy Policy also mention these things. I just tried to read it but they seem to have broken it up into a sprawling multi-site multi-page document where I can’t find the legalese to ctrl+f and pore over.
Can anyone find these documents, so I can read through them please?
There are other ways to control the information Google collects whether or not you’re signed in to a Google Account, including:
Browser settings: For example, you can configure your browser to indicate when Google has set a cookie in your browser. You can also configure your browser to block all cookies from a specific domain or all domains. But remember that our services rely on cookies to function properly, for things like remembering your language preferences.
Device-level settings: Your device may have controls that determine what information we collect. For example, you can modify location settings on your Android device.
This whole thread is a whole lot of hullabaloo about complaining about legality about the way YouTube is running ad block detection, and framing it as though it makes the entire concept of ad block detection illegal.
Nope, the point is that, at the moment, Google seems to look where it should not look to know if a user has an adblocker and they don’t ask for permission.
Let put it in another way: Google need to have my permission to look into my device.
But it doesn’t stop Google from refusing to serve you video until you watch ads.
Which is fine as long as Google can decide that I am using an adblocker without violating any law, which is pretty hard.
Of course Google could decide that it is better to leave EU and it law that protect the users, but is it a smart move from a company point of view ?
That is addressed in the source I linked, which is an industry groups advice to publishers on the implementation of ad block detector. They specifically say that having it listed in your ToS is a defensible strategy but could have some risk. To mitigate the risk, you can introduce either a consent banner, consent wall, or both.
It’s an interesting read, and something I wish I’d had a few years ago in a prior role when I wrote my organizations gdpr strategy, though I’m not an expert on EU specific law.
“Defensible strategy” doesn’t mean much until it goes to court and gets tested - just look at all those Cookie Popups in the early days with “user must uncheck everything to Reject” anti-patterns which ended up being ruled as not valid per the GDPR which is why nowadays all the major websites have “Reject All” buttons in those.
So far on everything that had not yet been explicitly clarified, when it did the ball has consistently fallen on the side of explicit user consent on colleting any “user identifying” data beyond that which is technically required for operation and Ad Blocking is not a tecnical requirement for the operation of a video sharing website.
Indeed, it ultimatelly will need to be tested in court. My point is that relying on an expectation that a court will rule that the collection of user private information for remote processing related to a functionality which is not technically required without explicit user consent is ok if there’s some entry somewhere in the ToS, is quite the wild bet as that would be a massive loophole on the GDPR, and further, even if that that did happen, relying on Commission not rush to close such a massive loophole is also a wild bet.
I suppose that’s my point though. Most of this thread, and the page linked have been asserting clear and unequivocal violation of gdpr, but that doesn’t appear to be true. It hasn’t been tested or ruled on authoritatively, and the technical mechanism makes s difference as well. There is room to equivocate.
My own personal opinion is that I doubt the EU policy makers or courts will treat the mechanism to ensure the delivery of ads with as much skepticism as they treat tracking, fingerprinting, and other things that violate privacy. Courts and policy interpreters often think of the intent of a law, and I don’t think the intent of GDPR was to potentially undermine ad supported business.
My goal in replying throughout the thread has been to address what feels like misinformation via misplaced certainty. I’m all for explicit consent walls, but most people in this thread don’t seem to be taking an objective look at things.
It’s not even clear to me that the mechanism they’re using today is problematic. I don’t know what it is, but the author seems to think they do but aren’t sharing details beyond “trust me bro”. I agree that some kind of inspection-based detection might run afoul of the law, but I don’t see why that’s necessary. All you need to know is that the client is requesting videos without any of the ad requests making it through, which is entirely server-side.
Ha ha no. Google needs you more than you need google.
> but but but the ads moneh
If google made so much money from ads, they wouldn’t care if you watched it at all. They want your consumerist data and they can’t get it with adblock.
> but but but muh creators
Most major creators have complained about google shafting them with schizo rules about monetization. The biggers ones have started to sell merch and use other platforms as insurance. You watching those ads gives google more benefits than the creators.
Youtube is NOT essential. You can live without youtube. Simply follow the creators you like on other platforms. If you’re a creator, time to diversify your platform. The iceberg is sighted and it’s time to jump ship.
I feel like they’re eventually just going to embed the adverts directly into the video streams. No more automated blocking, even downloading will make you see ads. Sure, you can fast forward the video a bit, but it will be annoying enough that you’ll see and hear a few seconds of ads each time, and you won’t be able to just leave it running while you do other things.
the reason they are not doing it is because the ads are personalized. So if they want to bake an ad onto a video they will end up with countless videos each on with their own unique ads which is not viable logistically. So they can only do it on-the-fly. But re-encoding each video on-the-fly for each user is also a nightmare logistically, if not impossible at all.
Don’t they have standardized resolutions and the file broken into hundreds/thousands of parts anyways? Couldn’t they just add in ads to some of those parts in those same resolutions?
Similar to Apple’s HTTP Live Streaming (HLS) solution, MPEG-DASH works by breaking the content into a sequence of small segments, which are served over HTTP.
isn’t this more or less what they’re doing now? The difference is that the ads are coming from different server and have an overlay on top with a timer and a skip. As long as the ads are coming from a different server they will be detectable. Also as long as the ads have overlays they are also detectable. They would need to make the ads be served from the same server that serves the video and eliminate the overlays.
That’s why Google is pushing hard their Web Environment Integrity. It’s DRM for the browser! They want the TPM chip in your computer to attest that the code running processing the video stream is authentic. Then you can’t slice out the ads because you do not have physical access to the inside of TPM. With HDCP encryption on the HDMI video output, you gonna need to point a literal video camera at the physical screen to DVR the video and slice out the ads later.
They’ve been working hard for decades to lock down the video pipeline with TPM and HDCP and now WEI. They said “don’t worry about it” and we let them. They are really close to snapping the trap shut!
Now please excuse me, my tongue is falling off with all the acronyms…
I don’t think you’d need to re-encode the whole thing on the fly. More frigging the container data around, than the video/audio codec itself.
That way I could request some_pointless_video.mp4 and it sends me 95% the same thing as is already on their server, with adverts jammed into it at defined intervals.
They probably think they can win for now by messing with individual ad-blockers, but with 3rd party players becoming more popular, I can see that being a catch-all solution.
isn’t this more or less what they’re doing now? The difference is that the ads are coming from different server and have an overlay on top with a timer and a skip. As long as the ads are coming from a different server they will be detectable. Also as long as the ads have overlays they are also detectable. They would need to make the ads be served from the same server that serves the video and eliminate the overlays.
That’s the difference. The ads are coming from somewhere else and displayed in a different way.
By injecting it into the stream, there’s no way to detect that. To your player it would all look like it’s coming from the same place. Instead of a ten minute video and a couple of 20 second ads, it’s now just 11 minutes of video.
yes. But then they have different problems. Now it is the ad company who is responsible to serve the ads and the personalization comes from there. This is achieved by the client directly “asking” the ad company for ads. If they want the ads to come from the same stream this means that the customer identity is passed to youtube, then youtube requests the ads in behalf of the client, and then serves them mixed in the video stream. I’m not a lawyer but I think that this causes different legal problems for youtube on the part that they will need to ask the ads on behalf of someone else.
Also apart from that, technically, the part of the video that is an ad, will be associated with a call-to-action URL and an overlay on top of the video, since they need that by clicking on the video it will go to a the ad’s call-to-action instead of just pausing the video. This will still make them detectable
You could have an app running in the background that detects ads based on the audio (like Shazam for music) and skips it for you. You could probably analyse all the video slices YT sends you and detect ads that way. I think as long as we are still in control of the playback devices we can find ways to make them skip ads.
We left that territory years ago. There are big community projects and entire companies built on providing adblocking features. People will build it if the need and potential audience is great enough.
If users are crowdsourcing what the embedded ads are, couldn’t this hypothetical situation be solved by a version of sponserblock that just looks at the agreggurate of the non-flagged video runtime, and learns what the content is and then cuts out any aberrations?
I’m not talking about the EU’s issue, I’m talking about why they could never embed their own ads in videos. Because people pay for premium specifically to not see ads and they would have a mass cancellation on their hands.
This is a non issue, on twitch if you sub to a streamer you don’t see ads and they are embed in the stream for non paying users still, and it’s pretty hard to block for free.
I feel like they’re eventually just going to embed the adverts directly into the video streams. No more automated blocking, even downloading will make you see ads.
That would be embedding the ads directly in the videos, which I do not think they will do.
yes. This is what I replied at. Having a version with ads and a version without ads is not that big of an issue. The issue becomes huge because the ads are personalized which means that they cannot even have a version with ads since the ads are different for each user.
It’s an issue of storage space if nothing else. It means doubling all of their videos. Why would they do that? As others have pointed out, they have other options when it comes to dealing with adblockers which don’t violate any EU regulations and even this is pretty tenuous. So they don’t need to do that. They can just prevent the site from working properly if you have an adblocker.
Won’t cost them anything near weeks of dev time. They can just write it into their terms of service and prompt you to re-accept those next time you access the site.
You can’t bypass laws, but the law in question only requires permission of the enduser. Getting this permission in your ToS isn’t bypassing anything, it’s acting according to the law.
the reason those cookie banners are everywhere, for example, is because the EU requires explicit consent for a lot of things that used to be covered by ToS.
simply putting clauses into your ToS doesn’t shield the company from legal action at all.
regardless of what’s written in the ToS, final say over what is and isn’t legal lies with local authorities, not YouTube.
It says that listing the use in your ToS is a defensible strategy but could have some risk. If the organization wants to further limit risk, they can add a consent banner, consent wall, or both.
My guess is Google is the risk accepting type on this issue and it’s willing to litigate to argue that its ToS is sufficient or the way they implement it differs from cookies. Either way, they could completely make this go away by asking a consent for ad delivery to their cookie notice.
This whole thread is a whole lot of hullabaloo about complaining about legality about the way YouTube is running ad block detection, and framing it as though it makes the entire concept of ad block detection illegal.
As much as you may hate YouTube and/or their ad block policies, this whole take is a dead end. Even if by the weird stretch he’s making, the current system is illegal, there are plenty of ways for Google to detect and act on this without going anywhere remotely near that law. The best case scenario here is Google rewrites the way they’re doing it and redeploys the same thing.
This might cost them like weeks of development time. But it doesn’t stop Google from refusing to serve you video until you watch ads. This whole argument is receiving way more weight than it deserves because he’s repeatedly flaunting credentials that don’t change the reality of what Google could do here even if this argument held water.
Ah yeah the kind of hullabaloo that makes everyone accept cookies on every single website ;)
shoutout to Consent-O-Matic! https://addons.mozilla.org/en-US/firefox/addon/consent-o-matic/
Also exists on chromium for the chrome/opera/… lovers here
Yay for ublocks annoyance pop up blocker. No more cookie pop ups
You’re missing the point/s
How is it immoral? Is Google morally obligated to provide you with a way to use their service for free? Google wants YouTube to start making money, and I’d guess the alternative is no more YouTube.
Why is everyone so worked up about a huge company wanting to earn even more money, we know this is how it works, and we always knew this was coming. You tried to cheat the system and they’ve had enough.
I think it’s a question of drawing a line between “commercial right” and “public good”.
Mathematical theorems automatically come under public good (because apparently they count as discoveries, which is nonsense - they are constructions), but an artist’s sketch comes under commercial right.
YouTube as a platform is so ubiquitously large, I suspect a lot of people consider it a public good rather than a commercial right. Given there is a large body of educational content, as well as some essential lifesaving content, there is an argument to be made for it. Indeed, even the creative content deserves a platform.
A company that harvests the data of billions, has sold that data without permission for decades, and evades tax like a champion certainly owes a debt of public good.
The actions of Google are not those of a company “seeking their due”, for their due has long since been harvested by their monopolisation of searches, their walked garden appstore, and their use of our data to train their paid AI product.
A public good? Like roads, firefighters, etc? You want the government to pay for your Youtube Premium subscription?
Less snarky, if you’re arguing that Youtube has earned a special legal status, a natural consequence is that Google gets to play by a different rulebook from all other competitors. That’s quite a dangerous direction to take.
Your snark was actually closer to the mark than you think.
Let’s say YouTube vanished overnight, what would the impact be? Sarcasm might suggest “we’d all be more productive” but let’s take a deeper look.
A lot of free courses (or parts thereof) would vanish. (A key resource for poorer learners)
Most modern tech repair guides would be gone (no machine breakdowns, no guides on fixing errors on old hardware)
A lot of people’s voices would be silenced (YouTube is an awful platform, but for some people it’s one of the only ones they have)
Seems to me, it would do a lot of public harm. Probably more harm than removing a freeway or closing a fire station.
As for letting Google “play by a different rulebook”, it does so already. The OP has indicated that they’re undertaking an action in an illegal way, and yet no-one much cares to stop them. Yes, they could do the same thing via legal channels, but that’s rather like suggesting there is no difference between threats of violence vs taking someone to court when trying to collect money.
Would you grant an insurance company similar legal indemnity? How would you feel about your local barber peeking in your window and selling what they see? Google has long played by a different rulebook, and thus different expectations are held.
Your arguments would only work if you’d argue for breaking up or nationalizing YouTube.
As long as they are a for-profit company you can’t deny them the right to legally earn money the way they see fit, doesn’t matter how big they are or what other revenue streams they have. Forcing them to offer a service for free is nonsense, and attacking them on a technicality that is probably easily circumvented is just a waste of everybody’s time and money imo.
If we really want to do something about this then we have to break their monopoly, same as any other huge company that’s f*cking with consumers.
Honestly if I were a politician I would support legislation restricting permanent bans from major websites from being given out willy-nilly because too many of them are ubiquitous enough to qualify as a public good.
Err, going through threads of conversations on both reddit and lemmy regarding YouTube, one would assume ad free access is the norm and Google even daring to offer Youtube Premium is a bad thing.
I feel offering Youtube Premium while still tracking the users online movement is indeed a bad thing.
I get what you are saying, but you could argue that google is pretty much a monopoly at this point, using their power trying to extract money from customers they could never do if their was any real competition with a similar number of channels and customers.
I think most users see google/youtube as a “the internet”, or a utility as important as power, water and heat. And don’t forget that google already requires users to “pay” for their services with data and ads in other services (maps, search, mail) as well.
So because they earn money somewhere else they should do something else for free? Why? What does Google owe us?
They only have the monopoly if we give it to them. I find their model fair, I use their service a lot. if they overprice me I’ll find another form of entertainment.
But you are right, people see YouTube as a necessity at this point. I’m trying to remind you, it’s not.
YouTube is a lot more than just entertainment. Not trying to argue your overall point just pointing that out.
That’s fair
Obviously not, but there is nothing to stop Google from making Youtube a paid service and drop that charade about adblockers.
Google’s main source of income is ads across the board, so fighting adblockers is certainly in their best interest
And users blocking all ads as long as Google is illegally tracking their online movement is in their best interest as well.
Fine. But it need to fight by the rules.
It is not up to discussion: Youtube want to serve video to EU user ? They need to follow EU rules. If the rule says that adblocker detection technologies (or attempt) are illegal Youtube has no really a say in it.
But to be clear, that is not what the EU law being cited here says. It says something that may be interpreted as it. I hope that is how it gets interpreted. But that is not what it says.
Hell yeah they should, I’m not disputing that, but there’s so many here pretending like it’s somehow unethical for Google to fight against ad blockers, and I am arguing that.
Nope, but it is legally required to ask for permission to look into my device for data that it does not need to provide the serice.
Of course Google could make money, it just need to make them without violating the laws.
It’s all well and good that Google want to make money from my data - but they should be paying me for it. The value of my data isn’t from the data itself, but what can be done with it.
You can’t build a car without paying for the nuts and bolts.
They are. They provide you with a service for your data. It’s called YouTube. And if they don’t have a place to show you ads, the data is useless because no one will use it. It’s a closed loop.
And even if you don’t agree with it, it’s still a company selling a service and it can do whatever it wants to earn money from it. There’s nothing unethical about that.
No, it is not an exchange of data for access to the website. The website is provided completely free, and the data collection is the small print. A normal contract exchanges one thing for another, then the details are in the fine print. If it were an exchange of data for access, then the amount of data they collect would be proportional.
Why? Who made the rules about exchanging data? And it is an exchange of data for a service, it’s just not as obvious as you might want it to be. But nothing comes for free.
Hey I’m not saying I like the big company ethic scathing that’s been going on around the world, but it is how our society currently works.
There’s a whole area of legislation called contract law. An exchange of value requires consideration, ie payment. They invite you in for free, then take your data without consideration. In particular, you only have use of the website while you visit it and so long as they host it in that current form, but they claim rights to your data in perpetuity. They have no obligation to continue hosting the website, because that is a separate arrangement to the data collection.
It’s how things have been going so far, but the law always takes a long time to catch up with new innovation. The law is not always right or comprehensive, which is why it has a facility to be changed. The GDPR cookie splash screen was the first real attempt at this, it falls well short but if everything works as it should then further laws should come.
Frankly though, I think what should happen is that businesses should be allowed to continue collecting data as they are, but their raw dataset should be publicly available for a small nominal fee. This way Google et al can still keep their proprietary data processing magic to themselves, but everyone can make use of the datasets and drive competition. It also gives people a reasonable opportunity to actually see their data, and act accordingly.
Businesses will complain about giving away “their” data, but the reality is that the data belongs to the users and the business merely has a licence. The cat is already out of the bag and it’s not practicable to put it back in, so the best choice is to embrace it openly.
Unrecognized entitlement on their part, lol.
Actually, ALL the data Google has on you is yours. Google do not own the data, neither do reddit, Facebook or anyone else. They merely have a licence.
Personally I think even that is illegal. Contracts require consideration, you exchange x for y, then you have details in the terms and conditions. This is like “come in for free!” and then everything is in the terms and conditions. If you look at insurance, they’re required to have a key facts page to bring to the front the main points from the terms in plain English. The cookie splash screen doesn’t really do this, as it obfuscates just how much data they collect, and is for the most part unenforceable as you can’t see what data they hold. Furthermore, the data they collect isn’t proportional to your use of the website.
The whole thing flies in the face of the core principles of contract law under which all trading is done. They tell us our data has no value and it isn’t worth the hassle of us getting paid, yet they use that data to become some of the wealthiest businesses in the world. We might not know how to make use of that data, and you’ll need a lot of other data to build something to sell, but a manufacturer of nuts and bolts doesn’t know how to build a car - yet they still get paid for a portion of the value derived from their product through others’ work, as most of the value comes from what you can do with it. We’re all being robbed, every single one of us, including politicians and lawmakers.
Very good point.
Immoral? For making you watch ads? How are ads immoral? You’re using the service, you watch ads, it’s not rocket surgery
Its immoral for the way its being done, not what was done.
Fuck that noise. Advertising as a whole is mostly immoral, we just got used to it.
Marketing in general is a reason we live in a consumer society.
The only reason marketing exist is to trick our brains into buying stuff we do not need.
I’d say ban all of it. The world would be better off.
Uh. It’s not immoral to read the data they’ve served to you on the page they’re visiting on their own website. I’m honestly genuinely curious what moral argument you could make, here
they are taking information from your browser without getting your permission first, to use that information against you.
They’d argue that you going to their page which you know is sustained by ads is consent enough to check whether you’re using ad block. It’s an implicit thing, like how when you go to a restaurant you’re implying that you’re going to pay the bill afterward. You can’t eat and then leave saying, “well technically I never explicitly agreed to pay for this meal, it’s your fault for not asking before serving me.”
They’re taking information from the page they served you and runs the code they wrote to read the page they served you to ensure what they served you is actually what you’re seeing
You’re accessing the site, you’re continuing to use the site, you are implicitly agreeing to allow the code they run to modify the page you’re on
I fail to see how it specifically being used to check that ads are displaying is any different from code running normally in your browser to change the page without refreshing the page entirely
More importantly and actually on subject: how is this immoral? What moral code are they breaking here? You can argue legal semantics, but legality is not morality. You made a moral argument. How is this immoral?
Google is tracking you on every website that has a “share to Google” icon.
Which means Google has your entire browser history, even if you use Firefox.
If it was just on their own websites, nobody would be complaining.
This is specifically about YouTube and YouTube specifically detecting adblock on YouTube.
deleted by creator
Youtube makes money off of adblocked users.
They send your watch habit aggregate data profiles to the number crunchers at alphabet hq, to sell off.
They make fuckloads of money off the free video content theyre given as well as the nonstop data stream of demographics data. Thats why alphabet bought it in the first place.
The ads are just bonus cash. They dont want to miss an opportunity to score more money by selling ad space in their data profile mines.
They are being fully compensated by me logging in and feeding them either free labor as video content or free money as data profiles. They can easily keep the lights on off that alone. They dont need more free cash.
deleted by creator
I am not obligated to sit dutifully with the volume up when ads play on my tv.
Nor am I obligated to allow ads to load within my browser.
They send the data they want me to display, down to every element on the page. It is fully within my rights to choose which elements are allowed to load on my computer.
And I wont be fuckin guilt tripped that the billion dollar company will make a fraction of another billion less dollars this quarter over my decisions to do so.
Correct me if I’m wrong but doesn’t the typical terms of service or privacy policy even mention that you, as a user, have the power to reject tracking cookies, tracking pixels, etc. via your browser configuration and third party tools? As far as I know, the YouTube ToS and Privacy Policy also mention these things. I just tried to read it but they seem to have broken it up into a sprawling multi-site multi-page document where I can’t find the legalese to ctrl+f and pore over.
Can anyone find these documents, so I can read through them please?
Edit:
I found it: https://policies.google.com/privacy?hl=en#intro
deleted by creator
TOS are neither the law, nor are they vetted for legality by anyone working in law enforcement.
TOS very often contain straight up illegal clauses; they are largely meaningless.
HAHAHAHAHAHAHAHAHA
Nope, the point is that, at the moment, Google seems to look where it should not look to know if a user has an adblocker and they don’t ask for permission.
Let put it in another way: Google need to have my permission to look into my device.
Which is fine as long as Google can decide that I am using an adblocker without violating any law, which is pretty hard.
Of course Google could decide that it is better to leave EU and it law that protect the users, but is it a smart move from a company point of view ?
All they need to implement ad block detection is user consent, which they likely cover on their terms of service and privacy policy.
Source
Because of GDPR, in the EU user consent has to be explicitly asked for and given, not implicitly via some catch all in a 20 pages Terms Of Service.
Hence all the cookie pop-ups.
That is addressed in the source I linked, which is an industry groups advice to publishers on the implementation of ad block detector. They specifically say that having it listed in your ToS is a defensible strategy but could have some risk. To mitigate the risk, you can introduce either a consent banner, consent wall, or both.
It’s an interesting read, and something I wish I’d had a few years ago in a prior role when I wrote my organizations gdpr strategy, though I’m not an expert on EU specific law.
“Defensible strategy” doesn’t mean much until it goes to court and gets tested - just look at all those Cookie Popups in the early days with “user must uncheck everything to Reject” anti-patterns which ended up being ruled as not valid per the GDPR which is why nowadays all the major websites have “Reject All” buttons in those.
So far on everything that had not yet been explicitly clarified, when it did the ball has consistently fallen on the side of explicit user consent on colleting any “user identifying” data beyond that which is technically required for operation and Ad Blocking is not a tecnical requirement for the operation of a video sharing website.
Indeed, it ultimatelly will need to be tested in court. My point is that relying on an expectation that a court will rule that the collection of user private information for remote processing related to a functionality which is not technically required without explicit user consent is ok if there’s some entry somewhere in the ToS, is quite the wild bet as that would be a massive loophole on the GDPR, and further, even if that that did happen, relying on Commission not rush to close such a massive loophole is also a wild bet.
I suppose that’s my point though. Most of this thread, and the page linked have been asserting clear and unequivocal violation of gdpr, but that doesn’t appear to be true. It hasn’t been tested or ruled on authoritatively, and the technical mechanism makes s difference as well. There is room to equivocate.
My own personal opinion is that I doubt the EU policy makers or courts will treat the mechanism to ensure the delivery of ads with as much skepticism as they treat tracking, fingerprinting, and other things that violate privacy. Courts and policy interpreters often think of the intent of a law, and I don’t think the intent of GDPR was to potentially undermine ad supported business.
My goal in replying throughout the thread has been to address what feels like misinformation via misplaced certainty. I’m all for explicit consent walls, but most people in this thread don’t seem to be taking an objective look at things.
For some reason your link doesn’t load. Is it this? https://iabeurope.eu/wp-content/uploads/2019/08/20160516-IABEU_Guidance_AdBlockerDetection.pdf
Yep that’s it. I’ll double check the link in my post.
Edit: yep borked the link, fixed now. Thanks for letting me know!
The guy really exudes “don’t you know who I am?” energy. Which is a shame since it detracts from the discussion.
It’s not even clear to me that the mechanism they’re using today is problematic. I don’t know what it is, but the author seems to think they do but aren’t sharing details beyond “trust me bro”. I agree that some kind of inspection-based detection might run afoul of the law, but I don’t see why that’s necessary. All you need to know is that the client is requesting videos without any of the ad requests making it through, which is entirely server-side.
Exactly.
But people are hell bent on “Google doing this, bad”.
Ha ha no. Google needs you more than you need google.
> but but but the ads moneh
If google made so much money from ads, they wouldn’t care if you watched it at all. They want your consumerist data and they can’t get it with adblock.
> but but but muh creators
Most major creators have complained about google shafting them with schizo rules about monetization. The biggers ones have started to sell merch and use other platforms as insurance. You watching those ads gives google more benefits than the creators.
Youtube is NOT essential. You can live without youtube. Simply follow the creators you like on other platforms. If you’re a creator, time to diversify your platform. The iceberg is sighted and it’s time to jump ship.
Google DOES make money from ads. A metric tuckton of it. Why the fuck else would they need your data other than to serve better ads???
I feel like they’re eventually just going to embed the adverts directly into the video streams. No more automated blocking, even downloading will make you see ads. Sure, you can fast forward the video a bit, but it will be annoying enough that you’ll see and hear a few seconds of ads each time, and you won’t be able to just leave it running while you do other things.
the reason they are not doing it is because the ads are personalized. So if they want to bake an ad onto a video they will end up with countless videos each on with their own unique ads which is not viable logistically. So they can only do it on-the-fly. But re-encoding each video on-the-fly for each user is also a nightmare logistically, if not impossible at all.
Don’t they have standardized resolutions and the file broken into hundreds/thousands of parts anyways? Couldn’t they just add in ads to some of those parts in those same resolutions?
e.g: https://en.wikipedia.org/wiki/Dynamic_Adaptive_Streaming_over_HTTP
isn’t this more or less what they’re doing now? The difference is that the ads are coming from different server and have an overlay on top with a timer and a skip. As long as the ads are coming from a different server they will be detectable. Also as long as the ads have overlays they are also detectable. They would need to make the ads be served from the same server that serves the video and eliminate the overlays.
We could build a public database (like SponsorBlock) of known ad video slices and detect them that way.
There will always be a way to detect and block ads.
I’m not worried.
That’s why Google is pushing hard their Web Environment Integrity. It’s DRM for the browser! They want the TPM chip in your computer to attest that the code running processing the video stream is authentic. Then you can’t slice out the ads because you do not have physical access to the inside of TPM. With HDCP encryption on the HDMI video output, you gonna need to point a literal video camera at the physical screen to DVR the video and slice out the ads later.
They’ve been working hard for decades to lock down the video pipeline with TPM and HDCP and now WEI. They said “don’t worry about it” and we let them. They are really close to snapping the trap shut!
Now please excuse me, my tongue is falling off with all the acronyms…
I don’t think you’d need to re-encode the whole thing on the fly. More frigging the container data around, than the video/audio codec itself.
That way I could request some_pointless_video.mp4 and it sends me 95% the same thing as is already on their server, with adverts jammed into it at defined intervals.
They probably think they can win for now by messing with individual ad-blockers, but with 3rd party players becoming more popular, I can see that being a catch-all solution.
isn’t this more or less what they’re doing now? The difference is that the ads are coming from different server and have an overlay on top with a timer and a skip. As long as the ads are coming from a different server they will be detectable. Also as long as the ads have overlays they are also detectable. They would need to make the ads be served from the same server that serves the video and eliminate the overlays.
That’s the difference. The ads are coming from somewhere else and displayed in a different way.
By injecting it into the stream, there’s no way to detect that. To your player it would all look like it’s coming from the same place. Instead of a ten minute video and a couple of 20 second ads, it’s now just 11 minutes of video.
yes. But then they have different problems. Now it is the ad company who is responsible to serve the ads and the personalization comes from there. This is achieved by the client directly “asking” the ad company for ads. If they want the ads to come from the same stream this means that the customer identity is passed to youtube, then youtube requests the ads in behalf of the client, and then serves them mixed in the video stream. I’m not a lawyer but I think that this causes different legal problems for youtube on the part that they will need to ask the ads on behalf of someone else.
Also apart from that, technically, the part of the video that is an ad, will be associated with a call-to-action URL and an overlay on top of the video, since they need that by clicking on the video it will go to a the ad’s call-to-action instead of just pausing the video. This will still make them detectable
The ad company is Google, no? So they already have that logic ready to go.
Does anybody actually click the ads in YT videos? The only clickable thing I ever see is “Skip Ad”.
Clicks are a metric that Google/YouTube tracks to determine whether a business has to pay for that ad, so it’s necessary for ads to be clickable.
Have you met my friend SponsorBlock?
That only works by users crowdsourcing and flagging the advert sections.
By doing it on the fly, each user could get different ads in different places.
You could have an app running in the background that detects ads based on the audio (like Shazam for music) and skips it for you. You could probably analyse all the video slices YT sends you and detect ads that way. I think as long as we are still in control of the playback devices we can find ways to make them skip ads.
There even is a project that uses machine learning to detect sponsor segments. https://github.com/xenova/sponsorblock-ml
MythTV has a broadcast television ad detection module and it works pretty damn well.
This goes into a bit of detail on it’s methods:
https://www.mythtv.org/wiki/Commercial_detection
A lot of what it does could be applied to a video stream, although adapting it to useful real-time could be tricky.
Sure, you could do that.
You could also download the stream multiple times under different profiles, compare them and then strip away differences.
But we’re quickly exiting “one guy with a bit of Javascript” territory.
We left that territory years ago. There are big community projects and entire companies built on providing adblocking features. People will build it if the need and potential audience is great enough.
If users are crowdsourcing what the embedded ads are, couldn’t this hypothetical situation be solved by a version of sponserblock that just looks at the agreggurate of the non-flagged video runtime, and learns what the content is and then cuts out any aberrations?
They can’t do that because of YouTube premium. They know they’re making a lot of money from people who don’t want to see ads.
the problem is not the premium. The problem is the personalized ads.
I’m not talking about the EU’s issue, I’m talking about why they could never embed their own ads in videos. Because people pay for premium specifically to not see ads and they would have a mass cancellation on their hands.
This is a non issue, on twitch if you sub to a streamer you don’t see ads and they are embed in the stream for non paying users still, and it’s pretty hard to block for free.
This is what I was responding to:
That would be embedding the ads directly in the videos, which I do not think they will do.
yes. This is what I replied at. Having a version with ads and a version without ads is not that big of an issue. The issue becomes huge because the ads are personalized which means that they cannot even have a version with ads since the ads are different for each user.
It’s an issue of storage space if nothing else. It means doubling all of their videos. Why would they do that? As others have pointed out, they have other options when it comes to dealing with adblockers which don’t violate any EU regulations and even this is pretty tenuous. So they don’t need to do that. They can just prevent the site from working properly if you have an adblocker.
Then those users would get the ad free stream.
Which users? The ones who pay for Premium? That’s the whole point of Premium.
Yes, those users.
Won’t cost them anything near weeks of dev time. They can just write it into their terms of service and prompt you to re-accept those next time you access the site.
Afaik you can’t bypass laws and regulations with ToS
Definetly not if you are not registered. And likely if you are not logged in. This is EU, not US.
You can’t bypass laws, but the law in question only requires permission of the enduser. Getting this permission in your ToS isn’t bypassing anything, it’s acting according to the law.
that’s not true in the EU.
the reason those cookie banners are everywhere, for example, is because the EU requires explicit consent for a lot of things that used to be covered by ToS.
simply putting clauses into your ToS doesn’t shield the company from legal action at all.
regardless of what’s written in the ToS, final say over what is and isn’t legal lies with local authorities, not YouTube.
Here is a guide from a publisher trade group on the implementation of ad block detectors under gdpr.
It says that listing the use in your ToS is a defensible strategy but could have some risk. If the organization wants to further limit risk, they can add a consent banner, consent wall, or both.
My guess is Google is the risk accepting type on this issue and it’s willing to litigate to argue that its ToS is sufficient or the way they implement it differs from cookies. Either way, they could completely make this go away by asking a consent for ad delivery to their cookie notice.
The TOS holds no weight in EU courts.
No matter what some companies want you to believe. That is why they call it a risk.
They could easily put a “consent” requirement to access
And in the war you probably also sided with the Nazis because ‘well they invaded already, might as well give up’