Hacker News new | past | comments | ask | show | jobs | submit login
Munich State Court Finds Use of Google Fonts in Violation of GDPR (twitter.com/fascinatingtech)
12 points by donohoe on Jan 30, 2022 | hide | past | favorite | 3 comments



Its pretty obvious - you are giving third party direct access to your visitors, a spying beacon. Same case as FB Like button and other social media garbage https://easylist.to/easylist/fanboy-social.txt

Its all used for tracking.


The TLDR is that loading a resource from another service means providing your user’s IP to that service. The solution is to host things yourself.

The obvious problem here is that it means things like using cloudflare or any of the big script caches would also be a violation.

I can’t recall the structure of the requests but if there was no referrer information I think this is an excessive interpretation.


Of course there is Referer header send with every request, thats the whole point of Google providing this "for free out of the goodness of our heart". Same reason they offer "free" DNS servers and why Chrome will call their DNS server even if you explicitly did NOT want them used.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: