German Court Rules Websites Embedding Google Fonts Violates GDPR
A regional court in the German city of Munich has ordered a website operator to pay €100 in damages for transferring a user’s personal data — i.e., IP address — to Google via the search giant’s Fonts library without the individual’s consent.
The unauthorized disclosure of the plaintiff’s IP address by the unnamed website to Google constitutes a contravention of the user’s privacy rights, the court said, adding the website operator could theoretically combine the gathered information with other third-party data to identify the “persons behind the IP address.”
The violation amounts to the “plaintiff’s loss of control over a personal data to Google,” the ruling issued by Landgericht München’s third civil chamber in Munich read.
Source: German Court Rules Websites Embedding Google Fonts Violates GDPR