Google Fonts and the fake alert scam

If you run a website that uses Google Fonts, you may have received an email asking for money. Although it may look like a scam, many websites have fallen for it.

Source: Marek Levak on Unsplash

Google Fonts may not be GDPR compliant

Google fonts

is very present on the web. This Google service offers a folder with over 1,400 fonts that can be used on websites or various projects, including creative projects.

The library is freely available, the fonts are not hosted on your own server to make them available, but the web browser loads them directly from Google’s servers when you visit the website.

Google fonts

The visitor’s IP address is thereby transferred to Google. Which prompted, in connection with the application of the General Data Protection Regulation (GDPR), a court in Munich to declare that the transfer of the IP address constituted a violation of the GDPR.

According to German law, the IP address constitutes personal data, so the consent of the website visitor is required to transfer this information to Google (and therefore to load the fonts for Google Fonts).

The massive scam in Germany

Two companies are accused of illegally warning individuals and small businesses that use Google Fonts through a legal letter. The scam appears to have been massive, software was used to track websites using Google Fonts which were then automatically called by other software.

To avoid costly legal proceedings, the publishers were offered to pay a fixed compensation of 170 euros. The threat of litigation served to exert pressure and obtain a settlement. In total, 2,418 cases have been identified, with more than 340,000 euros recovered thanks to this technique.

Because of it ” suspicion of fraud and (attempted) extortion”German police have issued search warrants in Berlin, Hanover, Ratzeburg and Baden-Baden as well as two arrest warrants on behalf of the Berlin prosecutor’s office, according to the press release from the Berlin prosecutor’s office.

Google defends Google Fonts

After all, there is much criticism of this court decision and of the technical interpretation of the GDPR. This German case law allows questionable lawyers to issue a warning, as the companies prosecuted here have done. Google also commented on this case and released a statement in a blog post.

Google points out that “ Google Fonts is an open source font library and web API for embedding font families on websites. People want the websites they visit to be well designed, easy to use and respect their privacy. “.

Google also emphasizes that it respects privacy: The Google Fonts Web API is designed to limit the collection, storage and use of data to what is necessary to load fonts and for aggregate usage statistics. This data is stored securely and separately from other data. “. This data will not be used for profiling end users in connection with advertising campaigns.


To follow us, we invite you to download our Android and iOS application. You can read our articles, files and watch our latest YouTube videos.

Leave a Comment