Disclaimer: Nothing on this page should be considered legal advice. This is just one dumb guy’s best attempt at understanding the complexity of the new GDPR rules and why he is blocking EU visitors to try to comply (or not).

I’ve already wasted FAR too much of my precious time trying to understand this ridiculousness. I’m kind of pissed and I want to know where I can send the bill to reimburse me for this wasted time. Since the European Union (EU) is threatening to fine websites that don’t comply – do you think I should send the bill to them?

I’ve been poring over several different emails and articles that I’ve received (and saved) over the few weeks leading up to the GDPR compliance deadline of May 25th, 2018. For example – here is a really good article that explains everything in plain English (sort of) from the folks over at WP Beginner. I’m trying to wrap my head around every last little detail from all of these articles and figure out the absolute minimum that I have to do to be compliant.

5 weeks later (it is now June 30th, 2018) as I write this… and I’ve figured out the perfect solution. I’m simply blocking all EU visitors from most of my websites!

Sorry if you’re from the EU. If that’s you – you’re blocked from Dumb Passive Income now. But you can still visit my blog if you lie and say you’re not from the EU.

Here’s what EU visitors now see if they try to visit dumbpassiveincome.com…

EZI GDPR

The decision to block instead of comply was fairly easy for me. I looked at analytics for all of my sites and EU traffic only accounted for 10% or less of the traffic on most of my sites. Furthermore – EU traffic doesn’t buy anything from Amazon (on my sites) and it accounts for very little of my Adsense income.

Also – I absolutely despise pop-ups on websites that force me to take an action before I even have a moment to look at the webpage. I refuse to put that crap on any of my sites. And I’m especially not putting ridiculous ‘cookie consent’ messages on my sites for ALL visitors when this law is really only meant to “protect” EU residents.

The EU said FU to the world with their stupid GDPR law - so I'm saying FU to GDPR and I'm blocking all EU visitors from my sites.Click To Tweet

Some companies have gone to great lengths and have been forced to expend insane amounts of their resources to try to comply. For example, the company who provided the image that I used at the top of this post (Credit: Convert GDPR) put together a massive list of everything they did to comply. It’s just completely nuts!

Blocking EU Visitors from Your Website (or not)

This turned out to be quite a simple solution. I found a website that has an accompanying WordPress plugin that allows you to easily block EU visitors. Check out EziGDPR right here. They also have a fairly easy-to-implement solution for if you want to remain GDPR compliant.

The way it works is explained quite well on their website. In a nutshell – it uses some sort of javascript to detect the country that a visitor is coming from. Anybody not from the EU sees nothing and notices no difference whatsoever. Anybody from the EU gets a popup and is either blocked completely or they have to choose permissions – whichever you choose.

The blocking option is FREE (for up to 25,000 visitors per month) and you have to pay a small fee for the compliance option. I DID choose to use what they call their GDPR Compliance Kit for one of my sites – my new Premium WordPress plugin sales site that I’m building and will be launching soon (AmaLinks Pro). Here is the popup that EU visitors see if they try to visit that site…

ezi gdpr permissions

That site needs to be compliant and this EziGDPR Compliance Kit made it quite easy with their step-by-step instructions. They even give you copy & paste text for exactly what you need to include on your Privacy Policy page! But… you get what you pay for and you have to pay monthly to get this easy GDPR Compliance Kit. Hell no – I’m not paying monthly to comply for ALL of my sites! But this one site is really important and I felt it was worth it.

Privacy Policy

Update Privacy Policy

Even though I’m blocking EU visitors on most of my sites – I still needed to update my Privacy Policy page on each site. Again – this was super easy since EziGDPR told me exactly what to add. I just added what they provided for me underneath the ‘Cookies and Web Beacons’ section. Take a look at the Privacy Policy for this site to see an example.

If you choose the GDPR Compliance Kit – the text is quite different and based on some of the inputs you provide in the setup process.

Email Marketing

Since I’m blocking EU users on most of my sites – I don’t technically need to do this. But as a matter of transparency and just all-around good practice – I’m doing this stuff anyway.

Update ALL Opt-In Forms

New standards state that subscribers must know how their personal information is being used BEFORE they give it to you. This means that opt-in forms need to meet these new standards. The form should clearly state what type of personal information is being collected and should also include text that states what the personal information is being used for and what it will be used for in the future and how often.

For example – I have many different ‘content upgrade’ forms throughout this site where I offer some sort of bonus PDF document in exchange for an email address. Formerly – I had a simple line of text at the bottom of each form that read something like this – “Your email address is safe with me. I will never SPAM you or share your email with anyone.”

I’ve now replaced that text with a statement similar to this – “Completing this form automatically subscribes you to my email list and you will receive occasional email updates from me. Your privacy is always my top priority.”

At the time of this writing – I currently use LeadPages to create LeadBoxes for all of the opt-in forms on this site. It wasn’t very difficult at all to login to my LeadPages account and simply replace that text in each of my forms with a simple copy & paste function. I did have to do each one separately though. Luckily, I only have about 10 different opt-in LeadBoxes that I currently use on various pages – so it didn’t take very long.

Subscribers Know How to Access, Edit or Delete their Information

Make sure subscribers know that they have the option to access any personal information you have of theirs and that they know how to edit or delete it.

At the time of this writing – I currently use Aweber for my email service provider for this site. Here is a really helpful and informative article on the Aweber blog about GDPR compliance.

Google Adsense

If you run Google Adsense ads on your website and you want to remain GDPR compliant – it gets even more complicated. We’re talking stupid-complicated. This further validated my decision to block EU visitors from my sites. The loss of a little bit of revenue is worth it to not have to hassle with this stuff.

I use the Advanced Ads WordPress plugin to insert Ads (not just Adsense) on my sites. I received this email from them not too long ago explaining some of the stuff I would have to do to be GDPR compliant…

Advanced Ads Plugin
On May 25, 2018, the General Data Protection Regulations (GDPR) became applicable. The new EU law forces webmasters to better protect the privacy of their visitors. The implementation of the GDPR has cost some peoples a lot of work in the recent weeks and raised even more questions.

Some Advanced Ads users contacted me with questions about the user data stored by the plugin. I prepared a clear list of all relevant information about external integrations and cookie usage for those webmasters.

Google AdSense advised its publishers, that their websites must be compliant with the GDPR and that users must be informed about cookies as well. If you already use Advanced Ads Pro and the Sticky Add-on, please take a look at this tutorial about implementing your own cookie messages. In this tutorial I show you how you can implement such a cookie information with Advanced Ads in just a few steps:

But that’s not all. According to information from AdSense, you also need to get consent for the use of personalized ads for EU visitors. In this manual, I describe the options you have in Advanced Ads to show ads only to visitors who give such a consent first.

If you are not sure whether your AdSense ads are currently personalized or non-personalized, please open a thread in our Support Forum and post a link to your page there. I’ll take a look at your ad codes and requests for you free of charge.

In a nutshell:


Un-freaking-believable! I’m not going through all of that trouble just to show stupid Adsense ads on my sites.

Sorry EU Visitors – Thank Your Government

Again – I sincerely apologize to any EU visitors (not that they’re seeing this anyway since I blocked them). It’s a shame too – because I have some great and relevant content on my site that benefits EU residents. For example – Airbnb is worldwide and one of my recent posts is all about how to create an Airbnb passive income stream. From what I hear – Airbnb is huge in Europe!

I’m sorry that it had to come down to this as a result of the EU lawmakers and the insane law that they passed. Had it been a much easier solution all-around – I (and everybody else) would have had no problem complying. But when it’s just easier to block all traffic from the EU with very little financial downside – the decision was easy for me.

The EU said FU to the world with their stupid GDPR law - so I'm saying FU to GDPR and I'm blocking all EU visitors from my sites.Click To Tweet