Safari AdBlock, disable "content blockers on this site" (right-click the address bar, Settings for This Website…) and instantly the video works again, however this problem exists on both monetized and non-monetized videos I attempt to play, for example, in my region this video from Jericho has no ads with AdBlock disabled, but enabled, refuses to play anyway. The &disable_polymer=true "workaround" does nothing for me except mangle the UI a bit. (Video is no longer full viewport width.)
I mean, sure, it's up to them to determine what they wish to support or not, and given advertisements are the financial model for the site, entirely reasonable and within their power to do what they can to protect that revenue. On the other hand, advertisements are widely regarded as malware and are very explicitly a malware infection vector (ref: MageCart attacks), and on the gripping hand: the privacy concerns of internet-wide tracking. There are multiple reasons to run ad blockers of various kinds as browser extensions, and I go further and block basically any and all web analytics services at the DNS level (HotJar and so forth), this includes Google AdWords, AdSense, and Analytics. (They get directed to a server on my LAN that responds to any request for any domain by responding with a zero-byte/empty file whose mime-type matches the highest priority declared Accept, thus returning application/javascript when requesting .js files, text/css when requesting .css, &c., even though they're all empty and nullified in effect.) This also lets me trap Bad Software. If your game launcher gives an SSL error in relation to loading Google Analytics, first, kudos, you've pinned the SSL certificate and aren't trusting system trust registries. You haven't completely failed security. If you don't complain but I see the hit for it, you have completely and utterly failed, and I uninstall the game—you're permitting silent man-in-the-middle and code injection into your game. Your launcher does not need to inform Google every time I wish to waste a few minutes of my day, nor permit code injection and hijack. (Here's looking at you, EVE Online.)
Until they rolled out this change, I also did not consume video content on YouTube itself. I utilized some shell script automation to pull down my subscriptions and generate Podcast feeds from them, for time- and device-shifted native playback without any third-party application downloads or third-party tracking of view state. Now, that automation is only working across a small number of channels on any given run, and even then, only highly sporadically. GeoIP of request origination does not appear to matter; requesting from a DC in the US results in the same errors as running from my home internet connection. Being logged in or not does not matter; my automation is always "not logged in". This had been operating reasonably smoothly for more than two years—3T in 8979 episodes across 145 channels archived so far—with explicit provisions to rate limit my activity and limit automated exploration. Each "run" averaged 20 minutes, operating in 3-up parallel, taking ~7 minutes of processing per channel, which includes re-muxing, thumbnail embedding, metadata attachment, and subtitle embedding. (Only requesting the first page of results, and stopping the moment the first already-seen video gets hit, thus only ever pulling newly added episodes from each channel.)
And yes, as I'm not viewing the ads, I do support the creators I follow in other ways. Patreon, merch, live stream tips, and so forth. One incredible musician blew a studio amp live, I didn't hesitate to immediately chip in for the replacement, while that stream kept trucking along. Google's blind enforcement of advertisement policy fails to acknowledge other mechanisms of compensation exist across multiple mediums. Edited to add: and that while there are multiple paths for compensation, there is only one YouTube. Proactively seeking specific consumer protection techniques and denying access, even if unnecessary, may actually be dubiously legal, similar to Google getting slapped for violating browser security policies in order to attach AdSense cookies to unauthorized domains. (For a time, <form> submissions would assume cookie setting was OK, since submitting a form is an explicit action, right? Even cross-domain. Google exploited this by having an <iframe> silently submit a form in order to set the tracking cookie. The maleficent behavior of actual malware.)