Since July 2022, warnings have been sent out en masse due to the non-compliant integration of Google Fonts on websites. In the letter, the operators of the website are demanded to pay 100 euros in damages and an additional 90 euros to cover the costs of engaging a lawyer.
Basically, the embedding of some external services such as Google Fonts (or Google Analytics) is not compliant with data protection regulations if the website visitor’s consent has not been obtained in advance, as the user’s IP address is sent to the USA. The USA is one of the countries that does not meet European data protection requirements. In this article, we deal exclusively with Google Fonts. If you have any questions about other services, please use our contact form or simply send us an e-mail to hello@radical-innovators.com
You can find more information on this and the best way to proceed after receiving such a letter on the information page of the WKO on this topic and now also in numerous Internet forums and blogs of lawyers and data protection specialists (of course also from Radical Innovator Ing. Michael Furtlehner):
https://www.wko.at/service/wirtschaftsrecht-gewerberecht/abmahnungen-wegen-google-fonts.html
https://www.netsystem.at/google-fonts-abmahnung/
https://www.dataprotect.at/2022/08/19/google-fonts-abmahnung-die-n%C3%A4chste-welle/
https://www.dataprotect.at/abmahnung-google-web-fonts/
https://marketingrecht.eu/google-fonts-abmahnungen/
UPDATE 8/27/2022
Super exciting approach from our data protection expert Ing. Mag. Furtlehner – namely the question of whether dynamic IP addresses are personal data at all in this case! From this perspective, the current wave of Google Fonts warnings should finally be written off as “nothing but expenses”. It remains to be seen whether the data protection authority and/or courts share this opinion. In the meantime, keep calm. TO THE COMMENT
How to integrate Google Fonts into WordPress websites in compliance with GDPR
We would like to show you in a few steps how you can continue to use Google Fonts on your WordPress website or your Woocommerce store. However, GDPR-compliant and without a content blocker, which often ensures that the layout or typeface of your website is destroyed if the website visitor does not give their consent. In most cases, this works wonderfully with the plugin “OMGF | GDPR Compliant, Faster Google Fonts. Easy.“. This plugin ensures that the Google fonts you use are cached, i.e. stored locally, so that no calls to Google servers in the USA are triggered by the website visitor. In addition to the fact that the Google Fonts integration of your WordPress site becomes GDPR-compliant, this also has a positive effect on loading times.
Step 1: How to find out if Google Fonts are embedded on your website
To find out whether Google Fonts are not embedded on your website in compliance with the GDPR, we recommend the Google Fonts Checker from Sicher3. Simply call up the website and enter your website URL:
https://sicher3.de/google-fonts-checker/
In most cases, especially if you use WordPress templates that you have not developed yourself, you will probably get a positive test result. But don’t despair, we’ll have changed that in a few minutes.
Step 2: Installing and activating the WordPress plugin OMGF
If you have already installed WordPress plugins, this step is self-explanatory. But even if not, it’s very easy to do.
To do this, search for the “Plugins” item on the left-hand side of the WordPress backend and click on “Install”
Then enter OMGF in the search window at the top right. The plugin then appears and you click on “Install now”.
After installation, simply click on “Activate” and the plugin will be active.
Step 3: Configuring the WordPress plugin OMGF
After activating the plugin, you should be automatically redirected to the plugin settings. If this does not happen, search for“Settings” on the left-hand side of the WordPress backend and click on“Optimize Google Fonts“.
All you need to do in the settings is scroll to the bottom and click on “Save & Optimize”.
That takes care of everything so far! If you are using a caching plugin (Supercache, W3 Total Cache, WP Fastes Cache, WP Rocket etc.), please remember to delete the cache to be on the safe side.
Step 4: Check the GDPR-compliant Google Fonts integration
The final step is to check whether everything has actually worked out.
To do this, open the Google Font Checker from Sicher3 again and re-enter your website or webshop URL.
https://sicher3.de/google-fonts-checker/
This time you should receive a success message that no more fonts are being loaded.
If Google Fonts are still being loaded dynamically, in many cases this is due to other plugins or services (e.g. Google Maps, ReCaptcha, etc.). Deactivate these plugins and check the Google Fonts integration again.
If something does not work for you, you would like to check your website for further data protection problems or you have questions on other topics, simply use our contact form or send an e-mail to hello@radical-innovators.com
If this article has helped you, we look forward to receiving shares and likes on the various platforms!