When you share a YouTube video using the share button it adds “si=some_unique_code” to the URL. If you don’t remove that it shows your personal account to anyone who receives it so that they can chat directly with you. For a lot of people this is their real name.

I’ve seen it all over Lemmy so I figured I’d mention it here! You only need the stuff before the question mark in the URL to let others see the video.

This can also be turned off in your YouTube settings under the privacy section. The setting is “channel visibility for shared links”. It will still add the si code for tracking though.

  • partofthevoice@lemmy.zip
    link
    fedilink
    English
    arrow-up
    15
    ·
    17 hours ago

    It should be common practice if you commonly share links. Try removing the query string (everything after and including the question mark). See if you get to the same page. If you do, don’t use the query string.

    Query string parameters are rather often used for tracking. Look for gclid parameters after you click a google ad, for example.

    • Dymonika@lemmy.ml
      link
      fedilink
      English
      arrow-up
      3
      ·
      15 hours ago

      The harder ones to bypass are Facebook and Reddit share URLs, which give zero indicator of their destination; it seems impossible as the recipient of such a URL.

      At least with bit.ly, one can add a + to the end of the URL and see data on it, including the original link (to then safely access without adding to its click counter).

      • partofthevoice@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        ·
        14 hours ago

        Yeah, there are always ways… any service could easily generate unique paths that require a server-supplied redirection to the main target. Then the server just needs to stitch up (1) where was that link generated and (2) who arrived at the redirection page. Users would have no way to determine the target link without exposing themselves to being tracked.

        A platform like Reddit can do this too, by replacing the links you put in your comments/post, so they redirect to the original link. They can even make it continue displaying the original link, while actually linking to the redirect page.

  • Krompus
    link
    fedilink
    English
    arrow-up
    3
    ·
    15 hours ago

    FYI on desktop you can right click on the video and select “Copy video URL”, it doesn’t include the tracker string. Wish they’d let us remove it from the Share button, I’ve simply removed that button with uBlock Origin.

    It’s also missing from my patched YouTube app’s Share on Android, not sure if that’s one of the patches.

    • Dymonika@lemmy.ml
      link
      fedilink
      English
      arrow-up
      2
      ·
      15 hours ago

      Yeah, that’s certainly a patch. NewPipe, PipePipe, etc. all also remove ?si=.

  • Sam_Bass
    link
    fedilink
    English
    arrow-up
    2
    ·
    15 hours ago

    i have never shared a youtube vid while logged in

  • NewNewAugustEast@lemmy.zip
    link
    fedilink
    English
    arrow-up
    2
    ·
    16 hours ago

    If you never sign into YouTube and sharing links from a third party application, what is it that they append? Curious what makes up that shared id.

  • daniskarma@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    21 hours ago

    You should also known that TikTok does this by default and the generated code is impossible to remove afaik, it’s part of the video identifier.

    So when sharing a tiktok video always download it and share the file.

    • irelephant [he/him]@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      17 hours ago

      I recommend downloading it anyway, since that doesn’t require people to use tiktoks site, but if you paste the vm link yourself into a browser, it’ll redirect to the canonical link, without the tracker.

    • Dymonika@lemmy.ml
      link
      fedilink
      English
      arrow-up
      5
      ·
      15 hours ago

      That app seems not as transparent as it could be since it doesnt give any detail on the removed stuff; I recommend URLCheck instead, which is fully transparent about all trackers and even lets you pick which ones to remove at will.

  • ∃∀λ@programming.dev
    link
    fedilink
    English
    arrow-up
    30
    ·
    1 day ago

    The frequency with which I’ve seen the si attribute included in youtube links has made me painfully aware of just how many people are not using the internet the same way I do; they’re experiencing the internet through a handful of mobile apps, not through a web browser on the desktop.

  • chunes
    link
    fedilink
    English
    arrow-up
    22
    ·
    1 day ago

    til people don’t reflexively strip out everything after the ? unless you know exactly what it’s doing

  • asmr@feddit.nl
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 day ago

    Since 4 March 2026 I am seeing “is=” in some YouTube links instead of “si=”, also with the 16 character ID.

  • Rimu@piefed.social
    link
    fedilink
    English
    arrow-up
    111
    arrow-down
    2
    ·
    edit-2
    10 hours ago

    YSK PieFed automatically strips that out.

    Edit: posts only, not in comments.

  • x0x7
    link
    fedilink
    English
    arrow-up
    14
    ·
    2 days ago

    On my forum, youtube links get stripped of any extra url parameters. Every site should have to do that.

    • Null User Object
      link
      fedilink
      English
      arrow-up
      10
      ·
      2 days ago

      That’s a great extra layer of protection, but people shouldn’t rely on it and get/stay in the habit of always removing the tracking code themselves.

      • Buddahriffic
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 day ago

        Yeah, it’s easily possible to set it up to save the original link somewhere hidden. Same reason why you shouldn’t reuse passwords because it’s trivial to set up a site to look like it’s doing it right from the outside but actually saves all passwords in plaintext for owners, admins, or disgruntled staff to look at later and see if it logs in to your email.

  • JordanZ
    link
    fedilink
    English
    arrow-up
    19
    ·
    2 days ago

    Along similar lines be careful of the images you post if you location tag your photos. A lot of the larger websites will strip the location data by default but some do not. I’ve saved a handful of photos from reviews off the internet and now have people’s home addresses where the photo is of the product in their living room or whatever.

    If you go to the ‘map’ section of your photos app it arranges them by location.

    You can turn location tagging off globally when photos are taken or usually when you go to share a photo there is an option buried in a menu to strip location data(on mobile).

    • kent_eh@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 days ago

      You can turn location tagging off globally

      That’s one of the first things I did when configuring my kids phones.