If I use a commercial font as part of my website design, I am in fact publishing that font on my site and anyone can obtain a copy of it -- in fact, they automatically do merely by visiting my site! Does this mean all my visitors are "pirating"? Of course not. Github may make the font more accessible/searchable, but that doesn't change anything about the copyright status of the font.
Me publishing something on Github does not grant everyone free rights to it -- in fact, copyright law says no one has rights to it unless I specifically grant those rights. This is most commonly done with a LICENSE file. The copyright rules apply to everything in the repository, including my code, and any fonts, icons or stock images. The fact something is on Github (or the internet, in general) doesn't make it public domain, you still have to abide by the license terms.
While I think the suggestion that "on github" = "piracy" is stupid, I could see a couple things that could apply:
(1) If the license for the font explicitly states it's for "use" or "distribution" on a single domain. Unless the license is clear about it, it'd really be up to lawyers to argue over whether hosting the code in a public repository on Github can be considered "use" or "distribution" -- and ultimately that argument is about one non-authenticating public URL being okay while another non-authenticating public URL is not.
(2) If I've put a commercial font in my repository along with a typical LICENSE file containing MIT/GPL/BSD/whatever without explicitly stating the fonts are not under that license, then I'm basically mis-representing the license for that font (which I should not be allowed to do).
Given that putting a font on Github is technically no different from publishing on my site in terms of someone being able to 'pirate' it, personally I think a Github repository with a proper license (not doing (2)) is fine, because the LICENSE file effectively says it's not okay to just copy that font.
Font licenses are pretty clear about what you are and are not allowed to do with the font files you downloaded. For instance, you're not allowed to zip them up and post them on filesharing sites. It does not matter at all whether you include a LICENSE file saying "this is a nonfree font."
The problem is not that you're misrepresenting the font as copyleft when it isn't. The problem is that you simply don't have a license to redistribute the font at will: merely uploading the font to a public GitHub repo violates the license.
You have the right to serve the font from your webserver, and link it into your site via CSS. You absolutely have not been granted the right to redistribute the font in any other manner.
If you post a page on your site with "Like this webfont? Download here!" and link to the same URL that you are using to host the font for display purposes, you'd be violating the license. It's the same exact URL, but you can't post a clickable download link to it. It's not allowed, and if you do, they can at a minimum yank your license to use it at all.
Editing to add: trying to solve the problem by adjusting your LICENSE file is roughly equivalent to the "I don't own this!!" disclaimers that people put on YouTube uploads. They get DMCA'd just the same.
The intent often matters, but there's clearly a huge difference between your example of a "download here!" link and usage on either a website or within a GH-hosted repo.
When you say 'the right to serve the font from your webserver' -- in this case, 'your webserver' may simply be GitHub's web-server, a service they provide to you as part of your payment to them (either because it's part of the app you host on GH, or as a piece of the website hosted via GH Pages [0])...
Assuming that the font's usage for the repo'd app/site is OK per the license terms, then I'd be surprised if its availability in the repo would solely cause it to fall out of compliance with the license. I suppose that the licensor could, if they chose to do so, specifically include terms to preclude the usage of the font on any sites hosted with "repository or other open file listing indexes", or any other similarly restrictive arbitrary terms.
The license I linked expressly forbids "distribution of the fonts through file sharing services and online version control repositories accessible by the public"
It would be the same if you publicly hosted a zip file containing your site's contents, including the fonts. Or offered an open read-only FTP account to your /web/ directory. Or any number of ways to make the font available publicly that isn't via a web browser making a request triggered by a CSS rule.
If it's a private repository, I expect you'd be in the clear, since it's just acting as a very fancy webhost, and you can obviously upload your fonts to your webhost.
In that case, it seems as though the rights-owner should simply take the standard route (even if suboptimal) to enforce their rights -- given the volume, they could likely work out a much better way to protect their IP (or automate it, in the worst case).
I'd be a little bit surprised if they cared a whole lot, given that finding the fonts is trivial for the reasons stated above. Almost comes across blog-spammy at that point, heh.
> If I use a commercial font as part of my website design, I am in fact publishing that font on my site and anyone can obtain a copy of it -- in fact, they automatically do merely by visiting my site!
It depends on the file format. Commercial web font providers typically don't offer TTF or OTF formats but only (subsetted) WOFF. You can't use WOFF fonts with most graphics design software (although conversion to TTF is probably trivial). That's basically the reason why WOFF was invented as it doesn't have much technical benefit over compressed TTF files.
The article on the other hand shows that lots of TTF and OTF files can be found on Github which is something the copyright holders certainly have a problem with.
The article is obviously mainly referring to font files under desktop font licenses that certainly don't usually allow publishing the files on Github or serving them as part of your site.
(While irrelevant: As for the technical difference or lack of between the two, from a license drafting perspective, it wouldn't really matter since you could easily write in the distinction to eg. the allowed purpose part of the license grant.)
> You set up your new web project, plunk your webfonts alongside other assets like images and JavaScript libraries, and commit your stuff to a public repo on Github. Not realising that this violates the license of the commercial fonts, you now made them available to anyone who can use Github’s search function. It happens — apparently.
> So, what to do when you want to use commercial fonts and be legit about it?
> Long story short, you can’t commit them to a public repository. There’s really no way around it: if you are not allowed to share the font with folks who don’t fall under its license, you can’t make it a part of your repo.
> Your options are to go for a private repo, or keep a note in your public repo telling the folks who’ll be using your project to license the fonts and add ‘em themselves. Stick your assets/fonts directory in a .gitignore so you’ll never accidentally commit them, and Bob’s your uncle.
It clearly isn't obvious. It seems explicit to me that the author is talking about all commercial fonts and that NONE of them should be in public github repos.
For an article that spends such a long time talking about how they searched for filenames, there is very little time spent exploring the actual copyright implications of using licensed fonts in opensource software or .
What's the difference between putting webfonts on your public website vs putting them on your public github? This seems like a distinction that only lawyers would care about, but I'm not a web developer (and I don't know much about webfonts) so maybe there's something I'm missing.
The people who draft these licenses are pretty smart and explain VERY CLEARLY what is and is not allowed. For instance!
> The following are allowed by this agreement; you may:
> 1b. Use the WOFF, WOFF2, and EOT web font formats provided by Process to style text on your websites via the CSS @font-face rule for an unlimited number of websites whose content is controlled by you. You agree to use reasonable measures to ensure the fonts are available only for the process of styling text on websites. At a minimum, and by way of illustration not limitation, reasonable measures include i) preventing unlicensed third-party access, i.e. hotlinking and, ii) not allowing direct download of the fonts unrelated to the process of styling text for your website.
and
> This agreement expressly prohibits the following; you may not:
> 2e. Store or use the fonts in any way that makes them accessible to the public or non-licensed third parties, except where such use is expressly allowed by this Agreement. This includes, but is not limited to, distribution of the fonts through file sharing services and online version control repositories accessible by the public.
>At a minimum, and by way of illustration not limitation, reasonable measures include i) preventing unlicensed third-party access, i.e. hotlinking and, ii) not allowing direct download of the fonts unrelated to the process of styling text for your website.
It's not clear. How on earth are you supposed to implement ii)?
I'm not interested in answers which mention the Referer header. There are a myriad of factors which can prevent it being sent with the original request required the style elements on the site.
Yes, that one's a bit tricky, isn't it? You might inspect the user-agent to at least try and only serve the font to browsers. You might also make sure that if there is a Referer, isn't not someone else's referer. I don't think it has to be foolproof to satisfy the terms of the license.
It might also just be: you have to check the referer. If your website has technical issues such that sometimes the referer isn't available, you have to change it so it always is. Or host it on one of the approved third-party hosts referenced in the license.
IANAL but I believe you may have a license (paid money) to use the font on your site but you may not have a licence redistribute the font. You paid for the right to air the latest UFC fight at your bar but that doesn't grant you the ability to sale DVDs of it.
However a user of yours could just download the font from your web server or record the fight on their phone.
But it's not like a webpage renders an image for you and then you rend an image: you send the user a font so that they can render the page themselves with that font. It's being distributed either way.
Licenses can totally distinguish between the two scenarios. Providing a clickable link to "Download Font Here!" is probably not allowed, but linking to the font for the purpose of displaying the actual webpage is fine. Even if they're the same url.
Font licenses make the difference very, very clear.
> The following are allowed by this agreement; you may:
> 1b. Use the WOFF, WOFF2, and EOT web font formats provided by Process to style text on your websites via the CSS @font-face rule for an unlimited number of websites whose content is controlled by you. You agree to use reasonable measures to ensure the fonts are available only for the process of styling text on websites. At a minimum, and by way of illustration not limitation, reasonable measures include i) preventing unlicensed third-party access, i.e. hotlinking and, ii) not allowing direct download of the fonts unrelated to the process of styling text for your website.
and
> This agreement expressly prohibits the following; you may not:
> 2e. Store or use the fonts in any way that makes them accessible to the public or non-licensed third parties, except where such use is expressly allowed by this Agreement. This includes, but is not limited to, distribution of the fonts through file sharing services and online version control repositories accessible by the public.
Makes perfect sense to be, tbh. Licenses are just contracts and they can exactly describe what you're allowed and not allowed to do, including allowing use cases based on intent and presentation.
Correct. Article OP is making the argument for a font to be treated as a secret when it is not a secret. Intent and context is important; users aren't putting them up on torrent sites in this case, but simply storing them alongside the rest of their assets in source control.
EDIT: TLDR Downloading a publicly available font you don't have a license to use violates copyright.
Accidentally exposing a folder of copyrighted font files over FTP would probably technically violate the license, even if it was by accident. You're serving the files outside of the licensed use (serving and rendering a webpage).
Same as if you accidentally exposed to the internet your home server of legally-created DVD backups. You'd still be violating the license under which you bought the DVDs.
Show me an attorney willing to pursue accidental violators for damages, especially when the asset in question is intended to be publicly served in the course of its use.
I would genuinely be interested in case law's stance on this. Also interested in what happens to the value of non-public domain fonts if you require the digital asset to be handled as a secret (and all of the hassle that goes along with that).
>Show me an attorney willing to pursue accidental violators for damages, especially when the asset in question is intended to be publicly served in the course of its use.
Why would anyone use a non-public domain / CC / open source font in a publicly available project? If the project has an open source license and is in a public repository on Github, why would there even been non-public resources (fonts, icons, images, etc) in the repository at all?
If you have any private resources (code or otherwise) in the repository, it shouldn't be in a public repo to begin with.
Are there any examples of open source projects that are including commercially licensed fonts?
I guess the distinction is oh Github, a project might have an MIT License with a commercial font. Maybe the focus of this article should be, "be sure to include the license for your fonts, images and other assets in the LICENSE file" ?
This is inadequate with a commercial font: You aren't allowed to redistribute it at all. What you are speaking of is just an issue with open source fonts: Usually open source fonts have different licenses than software, and your license info needs to detail both.
I don't host w/ github pages, but when I was looking I don't remember there being any restriction on the repo being private. Why does the repo need to be public?
> What's the difference between putting webfonts on your public website vs putting them on your public github? This seems like a distinction that only lawyers would care about
As you suspect, there is no practical difference. The difference being perceived is that when you put them on your website, you're doing that for the purpose of displaying text using the font, whereas when you put them on github, the purpose of github is file sharing. The first purpose is good, the second purpose is bad, so the first use should be allowed and the second use shouldn't be, even though -- technically -- they are exactly the same thing. That's just a detail; they're spiritually different.
Unfortunately, this point of view is very much not limited to lawyers; it is how most people think about most things.
To use a font on the web, you have to munge it into a special web font format, which only a browser(1) knows how to display text with.
The files this article is talking about are not in that format. They are all TTFs, which you can drop into your system’s font directory and use anywhere on your computer.
Also, these TTFs are linked in a public manner rather than being a file whose link is buried deep in the page source where no human is ever intended to see it.
Github is searchable and has a big green “Download” button. I know, technically, getting a font from a website is more or less just as “easy”… for people without the ability to click “Inspect Element” and follow a link in the CSS, Github is far easier.
The legal issue is with the repo owner putting it in the repo. The problem is that it's a violation of the copyright license, that's the only reason it's an issue. Downloading the font file from the website is included in the license, so it's fine.
If the repo is the source for the website then the license is de facto forbidding people from open sourcing their websites if they pay for a font for it.
However the license does not explicitly limit the tools you can use to build the website, and the website is allowed by the license to have the font. The argument could be made by licensing the font for a website they have implicitly licensed it to be on github because it is a widely used tool for managing the source code of websites and if they (the font owners) wanted to restrict its usage they should have specified.
Either: You can open source the website without the font and say you open sourced your website, or if you consider the font part of your website, it means your website isn't open source... even if you put it on GitHub. Because it's a copyright violation for someone to use that font.
Your best bet is to just use open source fonts, of which there are numerous.
I think in the end as to whether or not you can put the font in your website and have it public on github (which is not necessarily the same as not encumbered by licensing issues) will need to be determined by the courts when and if someone wants to test the issue.
if the license explicitly forbids it you better not do it as I noted above. but if the license does not explicitly forbid then I think you have an argument that putting your website code on github is pretty common practice.
By default you don't have any distribution rights at all. None. You just have a bare font file that you can't share with anyone else.
That's not very useful, so the license says "you may distribute this font file as part of a website; you must be using this font to style a webpage. Any other kind of distribution at all is still prohibited." There's no "common practice" exception- just because they open up a little window that allows you to distribute the font in a particular manner doesn't mean they've accidentally given you the right to distribute it according to "common practice."
Sharing MP3s on P2P sites is also a common practice, but obviously you don't have a license to do that when you buy a CD.
well I'm not a lawyer, and my American business law classes I took are now more than 20 years ago, but as I recall there are common practice defenses if those practices are in relation to something the contract allows you to do.
So the argument would go as follows:
the contract says "you may distribute this font file as part of a website; you must be using this font to style a webpage. Any other kind of distribution at all is still prohibited."
We have used this font to style a webpage, as is industry practice we have placed the font in our site code, which is stored on github, which is also the most widely used tool for distributing website code. The website code must be distributed in order for the purpose of the license to be fulfilled - obviously the font cannot be distributed as part of a website if the website itself is not distributed.
At that point the court will have to determine what distribution of a website means, if the font to be distributed as part of the website means that the website will need to be distributed, and if github is so commonly used that the license giver neglecting to mention it have given tacit approval to its usage.
Aside from all this if one wanted to contest the issue the court would have to determine if the font being in your github repository is you distributing it just because someone else can fork it. For another silly analogy, just because you put your beer on the table, walked outside, and a kid came in and drank the beer, doesn't mean you sold liquor to a minor.
Perhaps I'm wrong but it doesn't seem as open and shut as everyone wants to argue, unless there is specific prohibition of github in the license in which case there is no longer a case to be made.
Realistically, I don't know if the font makers would bother suing someone for this reason. But I think it's more likely that they might ask GitHub to start removing unlicensed copies of their files.
Funny story, I was working with an enterprise-sized company, a major telcom, and we found out that we had used the "wrong" version of the font everywhere. The original font was like "My Font" and the font we had used was the "Pro My Font" that had a bunch of extra symbols and such in it and was higher-priced. But we used it everywhere, for years. And it would have been a huge hassle to change it all. So we emailed the designer and were like, "Look, we didn't intend to screw you, but we also didn't really budget the $450k in estimated licenses we'd need here... how about we pay you like $30k extra and call it good?"
Anyway, long story short, the small-time designer guy was thrilled to get $30k, and turns out he wasn't at all even monitoring for pirated versions of his font anywhere... he didn't have any idea who had bought his font, so to him it was just some random big company offering to give him free money. The places that sell fonts should do a better job of passing on payment (obviously) to designers, but also a list of who bought their fonts so they can take some pride in knowing where their designs are being used.
Interestingly, typefaces are not copyrightable in the US, though fonts, being computer code, can be. Not sure how this influences the situation, though.
Yes. That’s why Windows bundled Arial instead of Helvetica. Although the design of Arial is slightly modified, it’s fundamentally a straightforward Helvetica clone with metrics compatibility (you can plug it in a layout in place of Helvetica and not break anything).
You have it wrong. Arial was created to not have to bother with international typeface laws as a legally distinct Helvetica. Apple just paid the licensing fees in those countries where they were required to.
Arial is a bizarre case: it's actually Monotype Grotesque stretched and pinched to match the proportions of Helvetica.
So you can replace Helvetica with Arial in any document and it'll still print right, but at its core the letterforms are just distorted Grotesque MT.
And it's not the only font Microsoft and Monotype collaborated on like this. For example, Century Gothic is Monotype's Twentieth Century distorted to match ITC Avant Garde's metrics.
This happens _all the time_. Bitstream, one of the very first digital foundries, got their start by digitizing famous print typefaces without permission (not that they needed it).
Funny thing is, legendary type designer Hermann Zapf actually worked with URW to create knockoffs of fonts he'd originally designed for Linotype years before. Some of them even got open-sourced, which is why there's a free version of Palatino in the Ghostscript fonts (URW Palladio L).
I fully support your point—many times there are free or system fonts that are at least as of high quality.
That said I only missed MATTEL on that one. Helv has a few giveaways and refinements but most people don't care—though the differences Arial and other modified Helveticas do have arguably render the type less neutral.
I got MATTEL right by looking at the sizes of the spacings between the letters. Not sure if it is real or just an artifact, but I picked the one where the spacings where the most regular and that turned out to be the Helvetica one.
For TOYOTA, I have the impression that in one option all letters have the same weight, while in the other one the A is a bit bolder than the other letters. I figured the one with all the same weight should be Helvetica, but I was wrong.
Looking at the fatness of the lines feels quite fragile: aren't there versions of Helvetica in all kinds of weights?
I can't remember if I was able to get them all right or if I missed one when I first did it. I had graphic designer friends do it & they scored roughly the same as you & me.
The difference of course is we all know what to look for & were purposely looking for those differences.
Hahaha yeah exactly. Had I not learned some of the characteristics some time ago it would be a lot more difficult. But once you see it you can't unsee it!
Most people that pirate stuff never would have bought it to begin with. If pirated stuff wasn’t available, they’d have just gone without or gone with a free alternative. I don’t expect it has much impact over all.
The profit margins we are eating into is exactly ZERO. Why? because if most of the time i need to actually pay for it, i'll just use the cheaper alternative: Google Fonts.
There will be times when I need to use this font and make something that will go live. That's the time to buy a font.
If font making is not profitable, then don't make fonts.
Someone is making a product and telling you what you can and cannot do with it, and then you decide that none of that applies to you, because...I don't know, you're entitled to use it if you happen to see it?
"There will be times when I need to use this font and make something that will go live. That's the time to buy a font." - that depends on the license that the font foundry grants you.
"If font making is not profitable [due to lost sales via piracy], then don't make fonts"...some kind of mental gymnastics there. "I will take freely from you and if you can't afford to let me do that, it's your fault for making it in the first place" is a tough ground to stand on.
Most of the people who are taking your fonts are also making a product. We understand the need to make a living and the difficulty of making a product. I hope you get paid for what you do but you don't get to decide the market size for your product when it is a digital good. The market does.
There is a market for paid specialty fonts used on a website. People should pay for that. However, there is not much of a market for paid fonts used in Sketch when developers and designers are testing out different concepts they MIGHT use in production. You complaining that you are failing to monetizing off that non-existent market is completely bonkers for me.
The ground I stand on is reality. You're living in a fantasy land where musicians still get paid big dollars for records and where journalism is a lucrative career.
> You don't get to decide the market size for your product when it is a digital good. The market does.
"It's easy for me to acquire content against the content creator's wishes, therefore I should dictate the market."
> There is not much of a market for paid fonts used in Sketch when developers and designers are testing out different concepts they MIGHT use in production.
Never said there was. There's an easy solution: don't take a font that doesn't belong to you.
This all boils down to "I want something and don't want to pay what the creator thinks it's worth." It's disrespectful, and it's straight-up entitlement. Just don't use the font. Nobody owes you a particular typeface.
> The ground I stand on is reality.
The reality is that it's easy to do the wrong thing here, so you do it, then try to pretzel your way into thinking that it's not morally wrong. Think someone's overcharging? Then don't buy the product.
The reality is that most people like myself are continue to do this regardless of your morality rant. The problem is that your morality argument is based on licensing terms and the legal system. The internet has its own morality that is somewhat untethered to legality: use what you can get, pay for what you feel you should. You can claim that this violates copyright or morality but people vote with their clicks and git clones - there is nothing you can do to change that.
And you can scream and write these type of blog posts all you want but really it just ads to the Streisand effect. You think this blog post net increased or decreased the awareness and use of github as a source of fonts?
> The internet has its own morality that is somewhat untethered to legality: use what you can get, pay for what you feel you should.
I see you chose more of a passive tone here, as though you're just a cog in the machine, totally helpless and unable to take action on your own.
The Internet is what people make of it, in part based on the sum of individual choices.
> And you can scream
Not screaming.
> it just ads to the Streisand effect
Possibly. Maybe it alerts GitHub devs to the problem and they try to come up with a solve. If font creators read it, they can work with repo owners to get things in order. For my part, it pointed out a problem that I can take steps to mitigate in the future with my own repos.
Anyways, obviously I can't stop you or anyone else from taking digital goods at will. But in part, I wish that people would be more transparent about their motives instead of talking themselves into thinking that they're not actually doing something wrong.
Just say "I take things that don't belong to me because I deserve to have them, it's easy to do so, and I won't get in trouble". At least it'd be an honest assessment.
There are enough fonts. It wouldn't be a great loss for humanity if we didn't get as many new fonts because of decreased profit margins in the font design industry.
Because it is very extremely unlikely that the font license the font purchaser paid for allows them to distribute it to the public.
I could see this happening in a repo by Google/MS/FB/etc., but it probably would be extremely expensive for them. Any other instance of this sort of sharing is unlikely enough that it can be assumed to be illegitimate.
There are enough <programs/apps/blogs/websites/paintings/songs>. It wouldn't be a great loss for humanity if we didn't get as many new fonts because of decreased profit margins in the font design industry.
What a depressing thread. The general consensus (at the time of submitting this comment) is that posters don't care if commercial fonts are hosted on GitHub in violation of their licence.
Many professional fonts are the work of a single type designer who may have spent thousands of hours creating the typeface. Modern typefaces can have a dozen or more weights and hundreds of glyphs.
It's hard work and time-consuming to create a professional type family. It's depressing to come here and see how little people care for the work of other professions.
It really is. Most of the developers here probably make twice as much as the average independent type designer, yet they insist on distributing their work without consent.
I've been doing this for years -- Its a PIA dealing with each font foundry's DRM system and getting it to work on my local dev environment. When I go live, I deal with it but its also such a hassle to get clients to pay for a font, give me the required info to use the foundry's DRM, etc. I bet if a foundry used an honor system (give fonts away for free, charge a per-site license for commercial use) they'd still make a profit and not have to deal with complex DRM systems (and make it more likely for designers and developers to use their fonts).
I use the term DRM loosely (possibly incorrectly!). What I mean is that most font foundries make you include a CSS or JS file that only loads the requested fonts for a domain or domains you specify in their backend.
I'm guilty of having searched GitHub's repositories for fonts I like. Using them for personal projects and wouldn't mind paying for a license if I end up loving it.
Though, it begs the question: who and how will find out that you simply borrowed the font?
I used to work for a company that got hit up by Monotype for a six figure fine to pay for using one of their fonts. The previous head of design hadn’t bothered to sort tricky things like paying for fonts, mainly, I think, because he knew senior management wouldn’t spring for it.
We switched them out for free alternatives and negotiated down the fee, but they still had to part with a good amount of cash.
Maybe in the future, a type foundry creates a font-specific webcrawler that compares GitHub usernames or public email addresses to a list of known buyers of the font in question, and then sends them a C&D if they're violating the license.
Let's all just take a moment to remember that the design of fonts (in the US) is NOT copyrightable. The only reason vector fonts are copyrightable at all is a raging dumpster-fire called Adobe v Southern. [1] [2]
The case itself says this: "defendants contend that the numerical reference points that define an outline of a glyph are unprotectable as a matter of law" but then "the court finds that the Adobe font software programs are protectable original works of authorship."
Note: when they say "font software programs" here, they simply mean a vector (say, ttf) font file rather than a bitmap (say, bdf or pcf) font file.
David 'Novalis' Turner probably put it best when he wrote this: "A font face -- that is, the look of a font, is not copyrightable... But font 'programs' (truetype fonts, for example) are. Another ruling has extended the definition of 'programs' to include certain outline data. Why this outline data is not equivalent to a font face, nobody knows." [3]
Github is home to a ton of pirated content. Including closed source binaries repackaged in violation of the publishers' licenses. But Github won't do anything unless the copyright-holder submits a DMCA takedown notice.
As it should be! That's the most beautiful part of the DMCA, allowing sites to operate without having to police every bit of user-uploaded content, only requiring that violations are removed after having been alerted to them.
Could you imagine an upload filter or moderation queue before you were allowed to push code to GitHub?
Yeah I'm a big fan of people's dotfile directories for trying out fonts. I remember some HN discussion about a proprietary font that was pretty good for programming. I was on the fence on whether or not I wanted it, just by looking at screenshots. So I used Github search to find someone that dumped it in their home directory, downloaded it, and tried it out. I hated it! So I saved money thanks to this piracy. (I use Iosevka now. Wow it's good.)
My point is, if you have a desktop license (which is fine to use in print) you'll be "redistributing" it in much the same way as a website which uses @font-face and serves you the font files.
Well the difference is that the license will actually say that you can embed the font in documents you produce. As far as the license is concerned, emailing a document with the font embedded is a different thing from zipping the bare font and sharing it on BitTorrent is a different thing from embedding it on a webpage. You can burn a CD with your documents on it and share it, you can't burn a CD with a bunch of bare font files and share that. Even if the same exact bits end up written to the CD in both cases.
The technicalities, as far as the license is concerned, are not really the point. It's not about whether you're physically sending the bits of the font over the wire, but the whole context in which you're doing it.
I've always found it interesting how the term "piracy" has been mostly unquestioningly accepted by the media as the appropriate term to use for copying, which arguably doesn't steal anything (unlike what has traditionally been known as piracy before the digital age).
Sharing is an even better term than copying; spreading information like this actively creates value by exposing more people to these ideas and designs.
Not that I don't think the foundries should get paid for their work - I don't have a fully formed opinion on this. But there is a definite upside to sharing information freely, and this is better than mere copying.
I get why they're worried but really the problem started with web fonts.
The font file is published on the web page itself, just like the images, CSS, etc. So everybody could already grab it from the web page itself, and in fact this is what the browser does automatically, in order to render the font. It's the whole point.
It doesn't really matter if it's committed to public github.
This is kind of an adjacent question, and likely a very basic one, but if I wanted to avoid linking out to a web font repository by properly licensing one and self-hosting it, what even is the correct procedure?
From a legal standpoint, based on the article most of these developers are keeping the fonts in their assets (debatable if this is good or not).For public repositories, not to be malicious and be offer free fonts... How much trouble would they be in?
I Assume this is probably possible for FontAwesome premium icons as well ?
Having the server host the assets is probably the best solution (same rep) but if it's not in Git then it needs to be managed in the build for other open source developers. What's the Correct way of handling this situation?
Me publishing something on Github does not grant everyone free rights to it -- in fact, copyright law says no one has rights to it unless I specifically grant those rights. This is most commonly done with a LICENSE file. The copyright rules apply to everything in the repository, including my code, and any fonts, icons or stock images. The fact something is on Github (or the internet, in general) doesn't make it public domain, you still have to abide by the license terms.
While I think the suggestion that "on github" = "piracy" is stupid, I could see a couple things that could apply:
(1) If the license for the font explicitly states it's for "use" or "distribution" on a single domain. Unless the license is clear about it, it'd really be up to lawyers to argue over whether hosting the code in a public repository on Github can be considered "use" or "distribution" -- and ultimately that argument is about one non-authenticating public URL being okay while another non-authenticating public URL is not.
(2) If I've put a commercial font in my repository along with a typical LICENSE file containing MIT/GPL/BSD/whatever without explicitly stating the fonts are not under that license, then I'm basically mis-representing the license for that font (which I should not be allowed to do).
Given that putting a font on Github is technically no different from publishing on my site in terms of someone being able to 'pirate' it, personally I think a Github repository with a proper license (not doing (2)) is fine, because the LICENSE file effectively says it's not okay to just copy that font.