In recent weeks, I have got a few questions about self-hosting Google Fonts. I made a tutorial about it (below), but now I am wondering if I should completely switch to the Local Fonts for all of my websites and templates?
I have heard from one of my customers that in the recent few days, more and more people in the EU are getting emails from lawyers about breaking the DSGVO laws because of Google Fonts.
I haven’t got any e-mails from lawyers but to prevent this, I changed all my sites to local fonts.
But this could be a major task. Once you got rid of google fonts you have to change every single class or whatsoever to local fonts.
This site helped a lot to download all the necessary fonts. https://google-webfonts-helper.herokuapp.com/fonts
In theory any connection to an external source that identifies the user through their IP or otherwise without their express permission breaks GDPR. This would apply to Google fonts, Adobe fonts and also services like Google analytics, YouTube or Vimeo I guess. Personally I have everything self hosted.
My understanding is that Germany in particular has gone a bit crazy on this and other countries take a more practical approach. I suspect these lawyers are looking for easy money.
I just found this with a Google search:
"According to German DSGVO law, we do not recommend using Google Fonts loading from the Google Servers. The German court (in Jan 2022, LG München, Urteil vom 20.01.2022, Az. 3 O 17493/20) deemed this a violation of Europe’s GDPR (General Data Protection Regulation) because Google Fonts exposes the visitor’s IP address.
The German court’s ruling threatens a fine for each case of infringement or, alternatively, six months imprisonment, if the site owner does not comply and continues to provide Google with IP addresses through their use of Google Fonts."
Realistically we should be using fonts hosted on our own servers for various reasons. These can be added very easily through Blocs, whether they come from Google or elsewhere.
It’s just a question of adopting to a small change in workflow and converting files if necessary, so that Blocs can serve Woff, Woff2 or TTF, depending on the browser in use. Eot and Svg are deprecated and no longer useful. I think any Blocs users reading this should consider the broader picture though. It’s not just about fonts.
It’s all very silly because most of the conditions in GDPR are mainly intended at larger organisations that might be actively collecting data for other purposes without permission. Instead we see people running a small website worried about every step. I had a client who destroyed her laptop and iPad to start from scratch, because she thought it was the only way she could be GDPR compliant!
The UK has introduced draft legislation looking to simplify all of this and I look forward to seeing those changes.
Blocs should encourage this. However, when adding fonts the preselected option is Google fonts. To me, the two options in the selector should be swapped.
Thanks for the feedback! I guess I will switch to local fonts for all of my templates going forward. It would be great to have some popular Google Fonts available as local fonts by default in Blocs.