Problem/Motivation
There is a current court decision which says that traditional integration of Google Fonts is not compliant with data protection. Anyone who uses Google Fonts on a website without the user's consent violates the user's right of privacy. This was decided by the Munich Regional Court → https://openjur.de/u/2384915.html and we have been advised by our data protection expert to take this into account accordingly.
The court pointed out that Google Fonts can be used in general but only by hosting font files locally. Therefore we download all required font styles using https://google-webfonts-helper.herokuapp.com/fonts and embed the font files into our themes without the use of this module. And we disable this module for our customers until further notice.
Proposed resolution
Are there any plans resp. is it possible to save enabled font styles on the server where @font-your-face is installed?
Remaining tasks
I think the court decision could be relevant for other providers too.
Comments
Comment #2
DavidAndersonENCSD CreditAttribution: DavidAndersonENCSD commentedOne solution to this problem is to use fonts.bunny.net to serve Google fonts with privacy and GDPR compliance. See: https://fonts.bunny.net/about
Comment #3
rwam CreditAttribution: rwam commentedAnother solution which we also suggest to our clients at the moment is to download a font using google-webfonts-helper and upload and set up them as a Custom Font.
Comment #4
JurriaanRoelofs CreditAttribution: JurriaanRoelofs commentedIn DXPR Theme we solved this by caching Google fonts in the public file system:
https://git.drupalcode.org/project/dxpr_theme/-/commit/14205370381c3aed8...
Advantages
Disadvantages
Edit: we wrote a blog post about this issue and why we think it's a critical issue: https://dxpr.com/drupal-blog/google-fonts-privacy-update-dxpr-theme