[wp-trac] [WordPress Trac] #46169: Use system fonts for the block editor
WordPress Trac
noreply at wordpress.org
Sat Feb 23 03:54:34 UTC 2019
#46169: Use system fonts for the block editor
--------------------------------------+-----------------------------------
Reporter: garrett-eclipse | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Editor | Version: 5.0
Severity: normal | Resolution:
Keywords: needs-patch needs-design | Focuses: performance, privacy
--------------------------------------+-----------------------------------
Comment (by garrett-eclipse):
Thanks @pento @joyously & @aristath for the input.
Google Fonts seems to be a recurring discussion in the #core-privacy
channel as well as the privacy community at large as Google is so
ambiguous with the disclosure of data usage that they become a concern. At
minimum Google collects your IP address and the website/page source from
which the call was made this assist them in understanding your browsing
habits and potentially enables them to serve more targetted ads towards
you. Google may not be doing this right now but their privacy policies
enable them if they would like. Google Fonts along with all Google APIs
are bound by the generic API terms of service which includes this clause;
"For the sole purpose of enabling Google to provide, secure, and improve
the APIs (and the related service(s)) and only in accordance with the
applicable Google privacy policies, you give Google a perpetual,
irrevocable, worldwide, sublicensable, royalty-free, and non-exclusive
license to Use content submitted, posted, or displayed to or from the APIs
through your API Client. "Use" means use, host, store, modify,
communicate, and publish."
Reference - https://developers.google.com/terms/
Google Privacy Policy (https://policies.google.com/privacy) enables it to
collect large amounts of user data through its services including log data
(browser version) and location data (IP Address). Sites that use Google
Fonts are feeding data back to Google. It's possible that Google doesn't
actively collect or use the data from Google Fonts but there's no
assurance or disclosure which prompts those who are privacy-conscious to
seek alternatives.
That being said there's no definitive source on how much data Google Fonts
feeds to Google or how they utilize that data. But with the Core Privacy
team trying to move WordPress to a Privacy by Design methodology removing
the possibility of undisclosed data collection is a huge benefit to the
community.
To my understanding though WordPress has been moving away from the use of
CDN's and external resources and another approach could very well be
bundling the Noto Serif font directly into WP which would allay any
privacy and performance concerns while still providing the same
experience.
Another point on avoiding external resources is local development while
offline is hindered by the use of external resources. I myself have 1-2
hour bus commute both ways to/from work and I often spin up WP instances
on my machine with no internet connection. Avoiding external resources
assists those with minimal or no internet connection.
In my opinion I'd be happy with either switching out the gFont for a
system font or bundling it with WordPress to remove the external call and
potential data leakage.
All the best
--
Ticket URL: <https://core.trac.wordpress.org/ticket/46169#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list