Sounds like you've got it all worked out :)

You're welcome, Nanet.

I really would like to see the whole world protected.

Thanks, Mel. I might need it :)

I'm just going by what I've read including this extract from Wikipedia:
"The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1]"

It doesn't mention European citizens that are not located within Europe.

Please note that I am not a lawyer and therefore not qualified to give legal advice.

Thanks for bringing up this aspect, Jovo.

I understand, pity we do not have a legal expert to make this clear.

See this link

https://www.eugdpr.org/gdpr-faqs.html

It says " if they offer goods or services to, or monitor the behaviour of, EU data subjects."

So this is not "people in Europe". Wikipedia is not the official voice of the EU.

The question is, what is the true meaning?

As far as I'm concerned it should apply to every citizen of the world. We should all have the right to privacy and the right to be forgotten.

I just read this on the link you've given me:
"Who does the GDPR affect?
The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location."

Legal experts charge at leat 500 euros and 150 euros per hour. I am yet to discover legal experts providing legal advice on GDPR for affordable prices for bloggers. That's the situation.

Yes this is the paragraph from which I gave the previous quote.

So back to my starting question. Is it "people in Europe" as you wrote? Or is it citizens of Europe regardless from where they come to your site. The difference is essential (and potentially costly).

But we do not need them in principle. The legislator's duty is to make this clear in the law. They did a bad job as far as I understand.

See why I am asking; US brands now block me. No doubt they do this by my computer IP address. This would indicate (if they understood the law correctly) that this is by EU territory. But what if this is not so?

I go outside of EU and access this site, so should I sue them? I am an EU citizen anywhere.

They do use the word "residing", so I'm thinking that it protects people living in Europe (whether they are European citizens or not).
"It applies to all companies processing and holding the personal data of data subjects residing in the European Union"

So from that, I guess that European citizens who reside elsewhere in the world are not protected YET.

I took the note about the disclaimer.

I can be travelling the world and still be residing in the EU.

But in any case this contradicts to what Dom wrote yesterday (see Labman's blog). So the bottom line is we have no clear answer.

I believe you are right Jovo, it's EU citizen regardless of their location.

Also, you are right that the law is unclear in many aspects. Deep study is required to minimize the risks. However, I don't think they will apply fines without giving people the chance to change

I think that is very short-sighted on the part of those companies that are blocking people based on their geo-location. I really would like to see the GDPR apply worldwide.

Got it! Yeah, they are using the easy approach of blocking EU ips, but that doesn't make them compliant. Now, if you are successful suing them is another story. I don't think a business outside Europe will ever be sued for this. Very complicated Jovo! I think not even the legislators know what to do. Only time will tell

You are right Marion. One of them is Backcountry-com, the second largest US outdoor retailer. Very surprising what they are doing. Have seen several in my niche. It is becoming annoying.

Hi Marion, I think the price to pay is disproportionate compared to real benefits for individuals. Instead, They are making the process of doing business harder for individuals.

The time you are wasting to research how to block cookies could be used to increase production. It's waste of capital, now I have another price to pay for specific services because I am not a lawyer nor a web developer.

It makes user experience rubbish... It makes Google Analytics tracking useless For EU residents. It creates fear and a false perception that websites are trying to get secret data to spy people's lives.

There are some companies that are doing just that, Stefan. Without naming names some very big companies are tracking people's online movements and serving up ads based on their browsing history.

And there's this:
https://www.news.com.au/technology/online/social/wow-thats-disgustingly-devious-facebook-accused-of-cheap-trick-in-new-privacy-policy/news-story/21213d8ff52fbc3b431c6b6062bf1c26
https://noyb.eu/wp-content/uploads/2018/05/complaint-facebook.pdf

Hmm, people are not forced to use the website if they don't want to share their data. If they are so concerned about it, them simply don't use the website! Go back to the caves

Now, companies are forced to provide not only free service but also accept getting nothing in return? Would this be a business or charity?

Why is it so bad companies will track your movement to display relevant ads? no one is pointing a gun to your head and forcing you to buy anything.

Sorry, but it makes no sense at all

Thank for sharing your thoughts, Stefan.