Contrib.social

Traditional integration violates user's right of privacy

Open on Drupal.org →
Created on 17 May 2022, over 2 years ago
Updated 3 March 2023, over 1 year ago

Problem/Motivation

There is a current court decision which says that traditional integration of Google Fonts is not compliant with data protection. Anyone who uses Google Fonts on a website without the user's consent violates the user's right of privacy. This was decided by the Munich Regional Court → https://openjur.de/u/2384915.html and we have been advised by our data protection expert to take this into account accordingly.

The court pointed out that Google Fonts can be used in general but only by hosting font files locally. Therefore we download all required font styles using https://google-webfonts-helper.herokuapp.com/fonts and embed the font files into our themes without the use of this module. And we disable this module for our customers until further notice.

Proposed resolution

Are there any plans resp. is it possible to save enabled font styles on the server where @font-your-face is installed?

Remaining tasks

I think the court decision could be relevant for other providers too.

Feature request
Status

Active

Version

3.0

Component

Google Fonts (provider)

Created by

🇩🇪Germany rwam

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment over 1 year ago
    🇳🇱Netherlands jurriaanroelofs

    In DXPR Theme we solved this by caching Google fonts in the public file system:

    https://git.drupalcode.org/project/dxpr_theme/-/commit/14205370381c3aed8...

    Advantages

    1. Instant fix for installed based when updating to next release
    2. No change in Google fonts functionality and workflow for theme users
    3. Compliance is now fully in client's control, I'm not a lawyer so I can't judge whether implementing "fonts bunny" can give the same assurance.
    4. Google Fonts only hosts open-source fonts, so no compliance worries there

    Disadvantages

    1. Complexity of implementation
    2. The solution fails if the client's public file system is not set up correctly (e.g. permissions problems)
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024