Currently, hundreds of warnings are circulating because of the use of Google Fonts. The reason for this is a ruling by the Munich Regional Court dated January 20, 2022 (Ref.: 3 O 17493/20), which essentially confirmed the illegality of the remote integration of Google Fonts and awarded the plaintiff damages.

Google provides about 1400 fonts via a database. Everyone has access to this and can use all fonts free of charge for their website either remotely or locally. But beware: If a Google font is used remotely, the website operator usually passes on personal data of its website visitors to Google, which, according to the decision cited above, may result in a claim for damages by the website visitor.

When embedding a Google Fonts font, it is therefore crucial whether it is stored locally on your own server or downloaded online (remotely) from the Google servers. In the first case, in compliance with the GDPR, the data of the website visitors is not passed on to Google.

Thousands of website owners use Google Fonts fonts, which is clearly visible to everyone, of course. For this reason, more and more resourceful private individuals and warning law firms are appearing on the scene, visiting websites, documenting this and sending out warning letters on a grand scale. Hundreds of letters are sent by a Mr. Martin Ismail alone, represented by attorney Kilian Lenard from Berlin and a Mr. Wang Yu, represented by the law firm RAAG, Nikolaos Kairis Dikigoros. The letters state that the addressee’s website was visited and it was discovered that Google Fonts were installed on the website in such a way that the visitor’s IP address was forwarded to Google in the USA. The unfair disclosure of the IP address constitutes a violation of the general right of personality pursuant to Section 823 I BGB, as IP addresses are personal data within the meaning of the GDPR. Based on this accusation, the gentlemen then demand various three-digit amounts.

Here, you should by no means simply pay, but first check how the font was actually included. However, should the integration have been carried out remotely, the legality of the warning depends on further factors. In the case of the above-mentioned Mr. Ismail and Mr. Wang, the suspicion is growing that the procedure was abusive, i.e. the alleged claim probably does not exist even if the integration of Google Fonts was not DSGVO-compliant. Many of the website operators who receive warnings are tempted to simply pay the amounts because they are relatively small. However, caution is advised here! Mr. Wang, for example, links the payment to an acknowledgment to refrain from sharing personal information about him with Google. I.e. the payment transaction shall automatically constitute a cease-and-desist declaration, from which further claims could be derived in case of doubt. So if you are not sure how to understand the letter you received in your mailbox, you should have it checked by a lawyer.