Earlier this month, a German court fined an unidentified website €100 ($110, £84) for violating EU privacy law by importing a Google-hosted web font. The decision, by Landgericht München's third civil chamber in Munich, found that the website, by including Google-Fonts-hosted font on its pages, passed the unidentified plaintiff's IP address to Google without authorization and without a legitimate reason for doing so. And that violates Europe's General Data Protection Regulation (GDPR). That is to say, when the plaintiff visited the website, the page made the user's browser fetch a font from Google Fonts to use for some text, and this disclosed the netizen's IP address to the US internet giant. This kind of hot-linking is normal with Google Fonts; the issue here is that the visitor apparently didn't give permission for their IP address to be shared. The website could have avoided this drama by self-hosting the font, if possible. [...] "The defendant violated the plaintiff's right to informational self-determination by forwarding the dynamic IP address to Google when the plaintiff accessed the defendant's website," the ruling says. The ruling directs the website to stop providing IP addresses to Google and threatens the site operator with a fine of €250,000 for each violation, or up to six months in prison, for continued improper use of Google Fonts. Continua su https://www.theregister.com/2022/01/31/website_fine_google_fonts_gdpr/ Giacomo