I don't know why I'm being criticized personally now. Did I say I want this change to myself because I feel my privacy is being invaded?
Although I support data protection and handle the transfer of my data responsibly, that is not the topic of my post.
Yes, I use an iPhone instead of Android because I could choose the lesser evil from 2 options. Unlike Google, Apple's core business is not the exploitation of my data. But what does that have to do with this topic?
You think "They already have all my data", so you keep feeding them. Ok, that's your decision. But as a website operator, you have to be careful with your users' data, because many of them don't care as much as you do.
B2T:
I made nothing other than a suggestion not intended to be useful to me but to general end users. One can find the GDPR ridiculous. The fact is, however, that we have to observe strict laws in the European Union and especially in Germany. The integration of dynamic Google fonts violates the GDPR and has to be reckoned with legal consequences.
The same applies to Google Recaptcha: it violates the GDPR. There have already been legal warnings, in one example it costs the person concerned more than 2500 euros because of the use of Google Recaptcha, Tag Manager and Fonts. So the topic is anything but ridiculous.
Source:
https://www.ra-schuetzle.de/aktuelles...-recaptcha (German)
Here is another court ruling in which a plaintiff received damages because a website had integrated dynamic Google Fonts:
https://www.dr-datenschutz.de/ damage...die-dsgvo/ (German)
One question is justified in this context: What is the target group of PHPFusion end users? (All, except Germany/EU?)
The "Material" theme is currently part of the core package. The end user must be able to trust that the package is technically and legally secure. Not every end user is also a developer, and not everyone knows that you may not embed Google fonts or how to remove it. How big is the effort to change the core package so that no dynamic fonts are loaded and to consistently maintain this "no external sources" rule? What is the advantage for the end user who wants to use this CMS as a basis for his website and who trusts the system? It's almost done for 99%, why not complete it to 100% with some simple movements?
As a reputable developer with knowledge of the legal problems you can no longer recommend the use of Google Recaptcha. If the user keeps using Recaptcha as a result of your recommendation and is unexpectedly fined a large amount, will you participate? Technically, I'm on your side. I would much rather use it myself because it is more convenient and effective than other captcha solutions. Problem: I'm no longer allowed to do this since the introduction of the GDPR.
The data protection declaration and the terms of use are also already included in the core package. The only disadvantage is that the direct display option is not fully implemented.
I appreciate your skills and achievements in PHP development, I also think your infusion is well coded like all other things you created. But: why have to install a separate infusion for basic functions that should be present in every CMS and are half implemented in PHPFusion only? After all, the imprint obligation, data protection declaration and terms of use have not only existed since today. They are mandatory content for any website that makes content publicly available. I think your infusion should be tightly integrated into the core system.
The usage of SecurImage is in my view not useless, the security is not the same like having no captcha. Some bots can solve it, some not. It's not safe, but safer than no captcha. But: better to have lower security then break the law with Recaptcha, right?
Btw.: Some AI Bots can enter Recaptcha already...
In combination of SecurImage with Fusion Gateway the protection level is high enough. In my case there is an extra site pre-shown with privacy rules, you have to accept the rules first before you can continue and have access the register and contact forms. This is very effective, even if i am not using Fusion Gateway. I have no bot spams on my sites, i am not using Recaptcha's since few years.