Okay, so: German court decided on Jan. 20th 2022 that sites will need to host Google fonts locally.
Visitors are otherwise entitled to receive 100€ in recompensation for Google fonts transferring IP numbers to Google servers.
Google uses fonts to track users, especially if they are logged into only one other server, where stored personal data might identify them.
Court decision text in German (Landgericht München)
Don't get me wrong, I hate Google with a passion and always self-host my fonts. I've tried reporting sites for using Google Fonts and it rarely worked, I just want to know what exact angle can be used for it to trigger a fine
@kuba @fabiscafe @meena The angle is, that Google real time cross-references collected ip numbers, browser types and access times from access logs, data that is generated by numerous websites accessing Google fonts. Why collecting meta data leads to personalized tracking is shown by David Kriesel in this #33c3 speech https://media.ccc.de/v/33c3-7912-spiegelmining_reverse_engineering_von_spiegel-online#l=deu&t=23
@kuba and an IP address. Thats something you push to a server just by connecting directly. So by this + your browsers identity string you can pretty much create a profile that is trackable across sites. If you then have also access to something like cookies or abuse cache data, geolocations and whatsoever, you can also track users across IP changes.
@kuba oh I see your point now. but google already knows that site Y used their "free" fonts. They want information that some particular person has visited this site, and if you open site in one tab and google search/email/other in another tab, that gives them 99,9% assurance that that person was you, now they can add more info about you into huge database, to sort you into categories and then sell data to literally anyone interested. @fabiscafe @meena @jayrope
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!