YouTube

Overview

YouTube embeds and the YouTube IFrame API load Google's video player along with associated tracking scripts that collect viewing behaviour, engagement metrics, and advertising data. When a YouTube video is embedded on a third-party website, it sets cookies and transmits data to Google's advertising and analytics infrastructure, even if the visitor does not interact with the video. YouTube is the most widely embedded third-party video platform on the web, and its tracking behaviour is a frequent finding in tag governance audits. Google offers a privacy-enhanced mode (youtube-nocookie.com) that defers some cookie setting until video playback, but this mode does not eliminate all data collection and is frequently misunderstood as a complete privacy solution.

Detection Capabilities

Performance Impact

Common Mistakes

• 1 Embedding YouTube videos using the standard embed URL (youtube.com) instead of the privacy-enhanced mode (youtube-nocookie.com), which causes cookies to be set on page load before the user interacts with the video
• 2 Assuming that youtube-nocookie.com eliminates all tracking - it defers cookie setting until playback but still makes network requests to Google servers that transmit IP addresses and other data
• 3 Not blocking YouTube embeds behind consent because video content is considered essential, when the tracking functionality bundled with the embed clearly requires advertising consent
• 4 Using a facade or placeholder image approach but loading the full YouTube iframe in the background, which negates the privacy benefit
• 5 Failing to account for YouTube embeds in the cookie audit - the VISITOR_INFO1_LIVE, YSC, and GPS cookies set by YouTube are often missing from cookie declarations

Compliance Considerations

Related Services

6sense

Advertising

High · 6sense

Account-based marketing platform that identifies anonymous B2B website visitors and matches them to company accounts using reverse-IP lookup and intent data. Used for ABM targeting, lead scoring, and sales intelligence.

2 detection signatures

Adjust

Advertising

High · Adjust

Mobile measurement and attribution platform owned by AppLovin. Tracks app installs, in-app events, and marketing campaign performance across mobile advertising networks. Used for mobile attribution, fraud prevention, and campaign optimisation.

3 detection signatures

Amazon Ads

Advertising

High · Amazon Ads

Amazon Ads (formerly Amazon Advertising) provides a JavaScript pixel and conversion tracking tag that measures user actions on advertiser websites and sends data back to Amazon's demand-side platform (DSP) and sponsored ads ecosystem. The Amazon ad tag enables conversion attribution, audience building, and retargeting across Amazon's owned properties and its extensive third-party publisher network. Amazon's advertising business has grown rapidly to become the third-largest digital advertising platform globally behind Google and Meta. The Amazon Ads pixel is increasingly found on e-commerce, retail, and consumer goods websites, and its integration with Amazon's vast consumer data ecosystem raises significant governance considerations for regulated organisations.

1 detection signature

AppNexus

Advertising

High · AppNexus

Programmatic advertising platform now operating as Microsoft's Xandr. Provides real-time bidding, audience targeting, and ad serving across display, video, and native formats. Xandr was acquired by Microsoft in 2022.

1 detection signature