Today I filed a formal complaint against #YouTube with the Irish Data Protection Commissioner for their illegal deployment of #adblock detection technologies.
Under Article 5(3) of 2002/58/EC YouTube are legally obligated to obtain consent before storing or accessing information already stored on an end user's terminal equipment unless it is strictly necessary for the provisions of the requested service.
In 2016 the EU Commission confirmed in writing that adblock detection requires consent.
You can’t bypass laws, but the law in question only requires permission of the enduser. Getting this permission in your ToS isn’t bypassing anything, it’s acting according to the law.
the reason those cookie banners are everywhere, for example, is because the EU requires explicit consent for a lot of things that used to be covered by ToS.
simply putting clauses into your ToS doesn’t shield the company from legal action at all.
regardless of what’s written in the ToS, final say over what is and isn’t legal lies with local authorities, not YouTube.
It says that listing the use in your ToS is a defensible strategy but could have some risk. If the organization wants to further limit risk, they can add a consent banner, consent wall, or both.
My guess is Google is the risk accepting type on this issue and it’s willing to litigate to argue that its ToS is sufficient or the way they implement it differs from cookies. Either way, they could completely make this go away by asking a consent for ad delivery to their cookie notice.
You can’t bypass laws, but the law in question only requires permission of the enduser. Getting this permission in your ToS isn’t bypassing anything, it’s acting according to the law.
that’s not true in the EU.
the reason those cookie banners are everywhere, for example, is because the EU requires explicit consent for a lot of things that used to be covered by ToS.
simply putting clauses into your ToS doesn’t shield the company from legal action at all.
regardless of what’s written in the ToS, final say over what is and isn’t legal lies with local authorities, not YouTube.
Here is a guide from a publisher trade group on the implementation of ad block detectors under gdpr.
It says that listing the use in your ToS is a defensible strategy but could have some risk. If the organization wants to further limit risk, they can add a consent banner, consent wall, or both.
My guess is Google is the risk accepting type on this issue and it’s willing to litigate to argue that its ToS is sufficient or the way they implement it differs from cookies. Either way, they could completely make this go away by asking a consent for ad delivery to their cookie notice.
The TOS holds no weight in EU courts.
No matter what some companies want you to believe. That is why they call it a risk.