Although you're right, there are alternatives to Google Analytics, you really should work on your messaging. Snark isn't necessary when someone is (seemingly) genuinely asking for help.
In any case, for the OP I would also recommend to use an alternative. I don't know about Plausible Analytics but I have heard good things about Simple Analytics [1]. I'm not sure about Google Fonts.
In terms of GDPR compliance, just keep in mind that you can't hide this stuff behind T&C, you need the user's explicit consent, and it needs to be timely and you can't forbid them from accessing the service if they decline consent. I would also consider using a service that handles GDPR/cookie consent collection for you so you don't need to keep it up to date as time goes on and you can focus on your business instead.
There was no snark. It was just the shortest way that I could find to convey the message that "the best way to comply with laws that govern data collection and data processing is by not collecting data and not use third-party services that collect user data in the first place.
It's the same thing with the cookie-banner law, by the way. I am running a service in Europe and I can proudly say that I have no cookie banner on my site. You know why? Because I don't have any tracking cookies on my site in the first place.
Maybe we have different definitions of snark then. When I read
> How about "Don't use Google Analytics and Google Fonts"?
> Like, at all?
It reads quite snarky to me and you could have conveyed your point differently.
I don't disagree with your points and I agree that the OP should ideally not use Google Analytics, but I do think there are better ways to express this.
> I am running a service in Europe and I can proudly say that I have no cookie banner on my site. You know why? Because I don't have any tracking cookies on my site in the first place.
Exactly! I do the same thing and as strange as it might sound: I'm also proud on the fact that I don't serve cookie banners. As in, literally experiencing the feeling of pride for something others might find banal and innocent.
Agree that GP's tone was off, but it kinda rubbed me the wrong way too that OP said the GDPR got worse and then goes ahead ans mentions embedding Google fonts as the first thing. Like you can't even be arsed to self-host static assets and rather expose your visitors/customers to the almighty spying kraken. So while I'm sick and tired of cookie banners, I have little sympathy in this specific case.
I agree. I did this for my Website Builder SaaS. I had this during development: ah yeah, almost forgot, I need analytics or stats of some sort, but I don't want Google.
Eventually I ended up writing my own statistics code which works pretty good and doesn't track visitors, but I also heard good stuff about Simple Analytics if you need a plug-n-play solution for your website quickly.
No, alternatives like you suggest increase your risk exposure. You don't want to self host this stuff from a risk POV. Your risk-based choices are to not collect it at all, or to use tier 1 services like GA.
Like, at all?
There are self-hosted alternatives. Plausible Analytics is good. Find web fonts that you can host yourself.
Not only you will reduce your risk exposure, you'll see that it is not that difficult to get rid of Google.
Your users, European or not, will thank you later.