- π©π°Denmark Steven Snedker
I can't find a good source telling me that embedding external images in my site is a GDPR no-go. Do you have one?
But I can find several fresh sources telling me that embedding external fonts in my site is a no-go.
That's about the same.
So embedding external images in my site is probably a GDPR no-go.I've augmented a local version the External Link Preview module with caching. However, if you're caching, you risk running into a speculative invoicing businesses. All over the world representatives of right holders will send you letters demanding 500 EUR per image you cache!
It happened to me in Denmark and your browser can probably translate most of I linked to a newspaper and received af 500 EUR invoice for you.
So. The External Link Preview module is
no caching: horribly slow, probably violating GDPR, safe from most speculative invoicing businesses
caching the external HTML locally: way faster, still violating GDPR, safe from most speculative invoicing businesses
caching the external HTML and images locally: way faster, GDPR compliant, exposed to speculative invoicing businessesSites like Facebook are caching 100% of the external images used for link previews. As they should. But they have a way bigger budget and way bigger legal department than the average user of the Drupal CMS.
I've thought about merging the caching version of the External Link Preview module into the more modern Link Field Preview β .
But I do not want for anyone to break GDPR or open themselves to extortion from speculative invoicing businesses. So I have done exactly nothing for a couple of years (other than writing a few articles about the nasty, time wasting speculative invoicing businesses).
It's hard to see how we can fix GDRP compliance without exposing the users to huge financial risks.