The FontFeed being a WordPress blog, an article mentioned by Erik van Blokland caught my attention. On his private blog web developer xwolf – alias for Wolfgang Wiese – wrote about an intriguing “side-effect” of the use of Google webfonts in the new WP3.8. Its recent introduction unveiled a refreshed back-end for the WordPress – it all looks indeed quite good and usability is satisfactory. However the developers did something that is not entirely fine in these times of constant surveillance and sourcing of metadata by official agencies and criminals alike. Along with the new back-end the use of Open Sans was introduced. When logged in, the fonts are not served locally but from Google webfonts. This creates privacy issues.
The HTML source code looks like this:
The justification for the decision to serve Google webfonts in the WP3.8 back-end can be found in the post Open Sans, bundling vs. linking on the WordPress website. The piece spawned a lengthy comment thread in which Kiwi WordPress developer Ryan Hellyer also pointed out the privacy issues.
I suspect that bundling scripts into WordPress core will create privacy concerns for many people. The ability to perform analytics via them will disturb a small segment of the user-base.
It may even be illegal in some countries. Germany springs to mind in regards to that. They’re already super ticked off about being spied on at the moment, so I think it might be best if WordPress doesn’t join the party too.
And yes, you can install a plugin to force them to be self-hosted, but many people will just unwittingly hit the “update” button without ever realising that they’re opening themselves up to privacy issues.
According to Wolfgang Wiese the solution is a plugin called Disable Google Fonts. As its name implies, its sole function is to prevent loading of Google webfonts by WordPress and bundled themes (Twenty Twelve, Twenty Thirteen, Twenty Fourteen). Wolfgang recommends that every single person who has a personal WordPress installation should immediately install the plugin too. Its developer Milan Dinić sums up a couple of reasons why you don’t want to load fonts from Google’s servers:
- privacy and security (Google knows about each page view)
- local development or production (no or limited Internet access)
- availability of Google’s servers (some countries block access to Google)
- language support (these fonts have limited characters support)
- performance (Google’s servers are hit on each page view)
So what exactly is the problem? The problem is this provides Google Inc. – a company listed on the stock exchange whose core business is trading metadata – yet another “tracking station”. User access can be tracked by gathering at least the header data of the connection request. This also includes cookies from the Google domain. Google learns that someone has an Administrator or Editor account for a certain website, and has a relationship to that site. But not only Google. Other websites also use Google webfonts; some of them in their themes and some regular users. Furthermore certain websites integrate Google Adsense and use Google Analytics.
Similar to mobile positioning it is not possible to see where people go. But thanks to cookie IDs and alternatively from other unique data Google can “see” whether someone logs on on a website or if the other website simply is called on. If the account eventually calls on another website that allows Google to connect personal data to (for example Google+ or YouTube), then the company knows who owns that account.
It’s all about metadata after all. By itself, on one single website, this may seem harmless. But by collecting and merging the metadata of several websites comprehensive tracking becomes possible. And not only that – the fact that the WordPress folks now embedded Open Sans only in the back-end allows Google to gain a valuable attribute – it finds out whether there is a working relationship between the account (the owner) and the website.
In his post Wolfgang sarcastically thanks the design team at WordPress for delivering his personal data to Google for a minimal gain in performance. He cannot really understand why web designers would embed Google webfonts without thinking twice, opening themselves up to possible privacy issues simply because it is so beautifully simple and the download file for the current theme is smaller. Or because others do it this way.
Because he also owns themes, plugins and programmed his own CMS, Wolfgang knows very well how little effort is needed. He doesn’t get why it would be so hard to simply offer the option instead of having Google webfonts download by default. One can use Google webfonts with confidence, but should do it consciously, and include the option to switch them off. He thinks it’s just plain laziness or incompetence from web designers/developers, because all it takes is a few lines of code to make Theme Options.
Google is not the ultimate bad guy. Yet it should stick to its motto “don’t be evil”. If some day in the future the NSA waltzes in with a warrant or if economic interests come to the fore. There have been other companies that once were “good”, but became less savoury due to changes in management.
Read the original article in German here.