That happens today in the wild even. CSS url() function and basic things like applying background images to semi-invisible blocks for entirely CSS-based data exfiltration. From what I've heard it is most commonly used today for fingerprinting systems of trackers that use a ton of @media queries to try to fingerprint you based on the subtleties of your browser.

Relates to some Safari and Firefox engineers warning on pretty much every new CSS proposal to consider how it can be (ab)used for tracking.

Yes, CSS binary data transfer is possible in bith directions.