← Back to context

Comment by dessant

6 years ago

I think the Widevine CDM request is needed for the service to function, though they could certainly delay it until a website requires DRM. GDPR allows the use of personal data without consent when it is required to provide a service for the user.

The personal data collected with the x-client-data header is not required for Google sites to function. Google uses the data to gain a technical advantage over other sites on the web, this is why the data collection in this case requires consent.

2 comments

dessant

Reply
mokus  6 years ago

Whether consent is legally required or not, as a user I want that service, whatever it is, to not work until I consent to the exposure of my personal data. Given that it apparently has something to do with DRM, I would be disabling the service anyway.

  • baybal2  6 years ago

    > Whether consent is legally required or not

    Lets not guess it, lets file a complaint, and see if we can get Google sued for n billions of euros.