[alwayseasy]

You're right, if a EU resident decides to visit your website and you're tracking them (Google Analytics etc) you have to comply with GDPR when handling his/her data. The IP block has a logic to it because the law applies to people in the EU rather than EU citizens.

[filoleg]

Really? I was under the impression that it applies to EU residents, regardless of where they are accessing the website from.

[nickserv]

It's the other way around. The law protects according to point of access (EU soil), not according to nationality. So an American tourist in France would be protected, but not a French tourist in the US.

This is just like most laws, when you're a tourist in a foreign country you have to follow the local laws, not the ones from your passport country.

[downandout]

This is technically true, however if the site is not targeting EU residents, the traffic is supposed to be considered incidental and the GDPR is not supposed to apply.