Some remarks

[polarapfel]

Hi there,

this could be very useful. Just a few remarks:

1. It would help to reveal from where these IP address ranges were pulled.

2. Typically, IP address ranges change, countries gain or lose ranges from time to time. Hence, any list of IP address ranges per country must be updated in a regular fashion.

3. Based on the first two remarks, this repository is only really useful if it's transparent where these addresses came from and if the repository pulls regular updates from that source.

I'll be using https://www.ip2location.com/free/visitor-blocker manually for now.

[woganmay]

Those are good remarks! I'll update the documentation to include the source. They do offer the text files via a set of public endpoints, so an update script is definitely doable.

[polarapfel]

BTW, just blocking the entire EU will not fix the legal issues. GDPR applies not geographically, but based on whether your user/client is covered by the GDPR. A German citizen located in the US is a GDPR data subject. A French citizen located in France, using a VPN service via an exit node in the US is a GDPR data subject. An American citizen located in the US, creating a data trail in your service while in the US becomes a GDPR data subject when he relocates to Europe, allowing him to enjoy GDPR rights even for that data trail from the past.

In other words, just blocking EU IP ranges is NOT going to solve anything.

I've chosen to go a slightly different route hence. Check here, if you're interested.

[woganmay]

Yeah, I'm aware of the scope of GDPR, which is why I added this to the readme upfront:

It's not bullet-proof, of course: EU residents can travel and use VPNs, and there's no guarantee that simply blocking the IP ranges of the EU is a perfect shield. It affords no protections against GDPR enforcement, and is not a substitute for legal advice.

This repo is really just a convenience for anyone that needs a quick download of all the EU IP ranges, in the event they receive a short-sighted mandate from above to rapidly block the entire set. It's absolutely not the approach I would take for any of my own projects, and it's not something I'd recommend to anyone I work with - but that doesn't mean that everyone in the world is going to see things the same way :)