After some research, I discovered that YouTube offers a privacy-enhanced way of embedding videos. Instead of linking to youtube.com, link to youtube-nocookie.com, and no data-collecting HTTP cookie will be sent. This is Google’s way of providing GDPR-compliant YouTube videos.
I was completely unaware that this GDPR-compliant version of YouTube embeds were available. But, seeing as it makes no sense to use the standard embed when this one exists, I’ve made changes to my site so all YouTube embeds will automatically use the -nocookie
version.
Just in case this helps anyone else add this to their blog, RavanH posted a code snippet on the WordPress.org forums to make WordPress shortcodes automatically convert YouTube embeds.