Google Fonts - Privacy & DSGVO
For some time now it is forbidden in germany to use the google-fonts-api for your website. The idea behind this is that the user has no chance to prevent google from loading the fonts when visiting the website. The whole thing has actually been known for a while, but I still see a lot of sites from the EU/GER using google-fonts. With this short blog post I try to draw some more attention to the problem and show you some tools that can solve the data-privacy dilemma quickly.
Self-Hosting Fonts - Tools
With the help of the
@font-face (MDN) rule and a dedicated tool, the problem can be fixed in no time. Two of them I can recommend:
I came across the tool "Webfont-Kit-Generator" for linux only recently.
With the helpful tool it is possible to generate woff/woff2 font formats from non-web fonts (otf & ttf). Additionally you get a css snippet which you can use for embedding.
What I like the most is that you can also download google-fonts and convert them automatically. Webfont-Kit-Generator uses fonttools (written in Python), that's pretty cool too.
The tool is also available via Flatpak and can be obtained from Flathub:
flatpak install flathub com.rafaelmardojai.WebfontKitGenerator
As an alternative there is the google-webfonts-helper. It can be used online and regardless of the operating system.
Actually, there is no reason to use google-fonts anymore (CDN). The average internet speed has become so fast that the performance hardly plays a role in self-hosting. The performance can even be improved when self hosting (adjustable charset, S3-CDN etc.). Also for privacy reasons I think it is important not to leave things like fonts to a data giant. Unfortunately, there are still a lot of sites that use google-fonts. Even medium-sized and large corporate sites from germany. I hope the trend goes here more in the direction of data privacy.
Interesting links on the topic: