Earlier this month, a German court fined an unidentified website €100 ($110, £84) for violating EU privacy law by importing a Google-hosted web font.

The decision, by Landgericht München’s third civil chamber in Munich, found that the website, by including Google-Fonts-hosted font on its pages, passed the unidentified plaintiff’s IP address to Google without authorization and without a legitimate reason for doing so. And that violates Europe’s General Data Protection Regulation (GDPR).

That is to say, when the plaintiff visited the website, the page made the user’s browser fetch a font from Google Fonts to use for some text, and this disclosed the netizen’s IP address to the US internet giant. This kind of hot-linking is normal with Google Fonts; the issue here is that the visitor apparently didn’t give permission for their IP address to be shared. The website could have avoided this drama by self-hosting the font, if possible.