Probably almost everyone who runs a website has somehow become aware of the wave of warnings regarding Google Fonts since last year. Although this wave has now slowed down, there is still a risk of getting a strike if Google fonts are integrated into your site via Google. Because it violates the GDPR. This can be avoided by saving Google fonts to your website and using only those locally saved fonts.
The danger of these Google fonts, which Google dynamically integrates directly into Google, lies in plugins and themes – and unfortunately, in some standard WordPress themes, they are themes that are automatically installed with the WordPress installation.
However, only these older WordPress standard themes are affected: Twenty twelve, Twenty Thirteen, Twenty fourteen, Twenty fifteen, Twenty sixteen and Twenty seventeen. Anyone who has installed AND activated one of these themes is operating (without appropriate countermeasures) a non-GDPR compliant website. Still! Because a solution to this from the WordPress side is within reach.
An initiative by members of the German WordPress community is bearing fruit
9 months ago, Jessica Lisik @luminuu wrote a ticket on WordPress.org and suggested that older standard themes that load Google fonts directly from Google servers should continue to deliver those fonts locally. A long discussion ensued and many questions were asked (license, subsets, smiley hacking, localization, etc. – see ticket for details).
In particular, Hendrik Luehrsen @luehrsen has been working tirelessly all along, introducing requests, finding solutions, and keeping the dialogue going, so it’s largely thanks to him that Google Fonts was merged into the above topics at the same time. delivery time with the release of WordPress 6.2.
A theme update afterwards is highly recommended for all affected.