Today I filed a formal complaint against #YouTube with the Irish Data Protection Commissioner for their illegal deployment of #adblock detection technologies.
Under Article 5(3) of 2002/58/EC YouTube are legally obligated to obtain consent before storing or accessing information already stored on an end user's terminal equipment unless it is strictly necessary for the provisions of the requested service.
In 2016 the EU Commission confirmed in writing that adblock detection requires consent.
It about device detection and privacy. Websites in the EU aren’t allowed to scan your hardware or software without your permission, to protect the users privacy. Adblockers fall under this.
As I understand it, detecting an adblocker is a form of fingerprinting. Fingerprinting like this is a privacy violation unless there is first a consent process.
The outcome of this will be that consent for the detecting will be added to the TOS or as a modal and failing to consent will give up access to the service. It won’t change Youtube’s behavior, I don’t think. But it could result in users being able to opt out of the anti-adblock… just that it also might be opting out of all of YouTube when they do it.
I’m all for this protection but for the sake of argument isn’t use of the service consent to begin with? Or is that the American argument around these types of regulation?
I’m a pihole, vpn, adblock and invidious user ftr… 😂
That’s how the corporate-written laws in the USA handle it most likely. The EU actually has some amount of consumer protection. Burying it in a 100 page terms of service document doesn’t count as consent either.
It’s “consent” from the POV of the law and the corporation, but I say fuck 'em. Do you really consent to everything? Did you read their ToS and Privacy Policy every time it’s amended? In the plain everyday use of the word “consent” I mean. Not in the legal constructions we’ve created.
Thus, since I do not consent to everything in any ToS or Privacy Policy, I use adversarial tech. My use of adversarial tech is how I enforce my lack of consent to everything these platforms expect from me.
If they don’t want us to use adversarial tech anymore, they can change their platforms so it’s no longer necessary.
So is this basically saying youtube isn’t allowed to detect an adblocker?
I’m not sure I really follow why that specifically is something they’re policing.
It about device detection and privacy. Websites in the EU aren’t allowed to scan your hardware or software without your permission, to protect the users privacy. Adblockers fall under this.
As I understand it, detecting an adblocker is a form of fingerprinting. Fingerprinting like this is a privacy violation unless there is first a consent process.
The outcome of this will be that consent for the detecting will be added to the TOS or as a modal and failing to consent will give up access to the service. It won’t change Youtube’s behavior, I don’t think. But it could result in users being able to opt out of the anti-adblock… just that it also might be opting out of all of YouTube when they do it.
I’m all for this protection but for the sake of argument isn’t use of the service consent to begin with? Or is that the American argument around these types of regulation?
I’m a pihole, vpn, adblock and invidious user ftr… 😂
That’s how the corporate-written laws in the USA handle it most likely. The EU actually has some amount of consumer protection. Burying it in a 100 page terms of service document doesn’t count as consent either.
It depends on the context, but generally you require explicit permission for data-related stuff which means something like a checkbox or a signature.
It’s “consent” from the POV of the law and the corporation, but I say fuck 'em. Do you really consent to everything? Did you read their ToS and Privacy Policy every time it’s amended? In the plain everyday use of the word “consent” I mean. Not in the legal constructions we’ve created.
Thus, since I do not consent to everything in any ToS or Privacy Policy, I use adversarial tech. My use of adversarial tech is how I enforce my lack of consent to everything these platforms expect from me.
If they don’t want us to use adversarial tech anymore, they can change their platforms so it’s no longer necessary.