It’s been a long time coming, but the EU General Data Protection Regulations (GDPR) finally came into effect on May 25th. Many companies either haven’t updated or won’t update their privacy rules to comply. To avoid hefty fines for non-compliance, some sites, providing news, games, and other services have simply blocked EU visitors. These include A&E Network sites (including the History Channel), the LA Times, Unroll.me, the Chicago Tribune, Instapaper, and the Baltimore Sun. Attempting to access these sites from within the EU may result in an error message, such as:
“This content is not available in your area” or “We recognise you are attempting to access this website from a country belonging to the European Economic Area (EEA) including the EU which enforces the General Data Protection Regulation (GDPR) and therefore cannot grant you access at this time.”
We’ll cover the top VPNs for circumventing the GDPR restrictions in detail, but if you haven’t got the time to read the whole article, here is a summary of our top picks.
Best GDPR VPN:
- NordVPN Our top choice. Servers situated in over 60 countries. Reliably accesses GDPR restricted content. Top privacy and security. 30-day money back guarantee.
- Surfshark Budget choice provider boasting solid speeds, great security, and no connection limits. Works great with popular streaming services.
- ExpressVPN Great at unblocking geo-restricted content. Vast array of super fast servers in 94 countries. Security and privacy features lead the way.
- CyberGhost Great value choice and ideal for beginners with easy to install apps for most platforms. Reliably for accessing geo-blocked content.
- IPVanish Fast network of servers popular with Kodi users and torrenters. Doesn’t flinch when accessing GDPR restricted content.
- PrivateVPN No issues getting around the GDPR with dozens of servers located outside the EU.
Thankfully, there is a way to continue accessing sites blocked due to the GDPR from the UK, Germany, France, Spain and anywhere else in Europe. All you need to do is connect via a Virtual Private Network (VPN). This will encrypt all of your traffic and tunnel it through an intermediary server in a location of your choice. It will mask your IP address and make it appear that you’re in your chosen location. For example, connecting through a UK server will make it appear that you’re in the UK. Aside from enabling access to geo-restricted content, a VPN will hide all of your activity from your ISP, network administrator, or anyone else who may be monitoring.
The Best VPNs for GDPR Blocked Websites
Of course, not all VPN providers offer a comparable service. They differ in terms of ease of use, security, speed, customer service, and other factors. We’ve put together a list of the best VPNs for websites blocked due to the GDPR based on the following criteria:
- Has plenty of servers located outside of Europe
- Enables access to geo-restricted content
- Offers fast and reliable connections
- Uses strong encryption and provides additional security features
- Keeps no logs of personally identifiable information
- Offers prompt and knowledgeable customer support
Here is our list of the best VPNs for websites blocked due to the GDPR:
Money-back guarantee: 30 DAYS
NordVPN is a stellar pick for almost all use cases, but especially for accessing websites blocked due to the GDPR. Its huge network of more than 5,500 servers means you’re spoilt for choice both inside and outside of the EU. Many of these are optimized for streaming, while others are suitable for double VPN and Tor over VPN. As for streaming, NordVPN is great for unblocking restricted sites like Netflix, Amazon Prime Video, Hulu, and BBC iPlayer.
This VPN provider has your back when it comes to security. With 256-bit AES encryption, perfect forward secrecy, DNS leak protection, and a kill switch, you can be sure no data will leave the encrypted tunnel. A new automatic wifi protection feature is a bonus if you tend to connect while on-the-go. This service maintains no traffic or connection logs whatsoever.
NordVPN allows for up to six simultaneous connections with apps available for Windows, MacOS, Linux, iOS, and Android. It can be manually configured with some routers.
- Operates over 2,000 servers in non-EU jurisdictions
- Fast enough for HD streaming and unblocks popular content
- Strong encryption and no logs make for top security and privacy
- Zero-logs policy
- Use up to six devices simultaneously
- Automatic server selection may not fit all use cases
Best VPN for GDPR Block:NordVPN is our top pick. Reliably unblocks GDPR blocked sites. Connects up to 6 devices simultaneously. Great security and privacy features. Includes a risk-free 30-day money back guarantee.
See our in-depth NordVPN review.
Money-back guarantee: 30 DAYS
Surfshark is an excellent choice for bypassing GDPR blocks as it operates over a thousand servers outside of Europe. In fact, with 3,200 servers in 65 countries, it’s a solid option for unblocking services like Netflix and Hulu too. Speeds are generally very fast, and there’s no connection or bandwidth limits to speak of.
This service keeps you safe using 256-bit encryption, a kill switch, and protection against IPv6, WebRTC, and DNS leaks. It also offers a built-in ad-blocker and malware-scanner, plus a strict no-logs policy. 24/7 support is available via email or live chat, just in case you have any issues.
Surfshark offers iOS, Android, MacOS, Windows, and Linux apps.
- Offers very fast speeds
- Impressive unblocking abilities
- Great range of security features
- No logs policy
- Connect any number of devices
- Some servers are much slower than others
BEST BUDGET VPN:Surfshark is fast, secure, and affordable. Protect every device you own at once and access just about anything from just about anywhere. Best of all, this VPN comes with a 30-day money-back guarantee,
Read the full Surfshark review.
Money-back guarantee: 30 DAYS
ExpressVPN operates a large network of servers spanning 94 countries, including plenty of non-EU locations. This provider offers excellent customer support and a live chat agent is always just a click away. Aside from accessing sites blocked due to the GDPR, you’ll also be able to stream content from geo-restricted streaming sites like Netflix, Hulu, HBO, and Amazon Prime Video.
Security and privacy are top priorities for ExpressVPN. It uses 256-bit encryption and perfect forward secrecy and comes with DNS leak protection and a kill switch built in. This VPN service never monitors your activity and only stores minimal connection logs (which don’t include your IP address).
Apps are available for Windows, Linux, MacOS, iOS, and Android. A router app can be installed on compatible wifi router models. A basic plan allows for five simultaneous connections.
- Operates hundreds of servers in various locations outside of EU-locations
- Can unblock most geo-restricted content at HD speeds
- Fast, reliable speeds – streaming HD content or downloading/uploading large files
- High-grade encryption, security and privacy throughout
- Limited advanced features for power-users
- Higher monthly price than some others on the market
SPEEDY AND SECURE:ExpressVPN is fast and easy to use. Reliably unblocks GDPR content. Also outperforms rivals with most streaming services with exceptional speeds for buffer-free HD viewing. Total security and privacy. Comes with a 30-day money back guarantee.
Check out our full review of ExpressVPN.
Money-back guarantee: 45 DAYS
CyberGhost has been focussing on expanding its server network and now operates more than 1,200 servers. While many of these are located within the EU, there’s still an ample selection outside. Plus, CyberGhost has a large focus on providing access to streaming services like Netflix and Amazon Prime Video, so you can enjoy these, too.
This service will ensure your data remains secure and away from any prying eyes. It uses 256-bit encryption along with perfect forward secrecy and comes with DNS leak protection and a kill switch. You can get automatic wifi protection when connecting to familiar networks, and no personally identifiable information will ever be recorded.
A CyberGhost plan will enable up to five simultaneous connections. Mobile apps are available for iOS and Android along with desktop clients for MacOS and Windows. The VPN can be configured with Linux and some routers.
- Operates over 1,000 servers outside of the EU
- No issues unblocking US Netflix, BBC iPlayer, and more
- Testing revealed impressive server speeds
- Solid privacy and security features enabled by default
- Easy to use apps make this great for getting started
- Doesn’t unblock all major streaming sites
- Few advanced features
GREAT VALUE:CyberGhost is easy to use. A well priced solid performer. Good at unblocking GDPR content. Can’t match rivals with some popular streaming platforms. 45-day money back guarantee.
See the full CyberGhost review.
Money-back guarantee: 30 DAYS
IPVanish offers some very fast speeds and is popular among torrenters and Kodi users. It has plenty of non-EU servers to choose from, including many in North America and Asia, so you should have no issues accessing sites blocked due to the GDPR. It can also enable you to access to some popular streaming sites.
IPVanish takes users’ privacy very seriously and stores no logs. Security comes in the form of “military-grade” 256-bit encryption and perfect forward secrecy. You also get DNS leak protection and a built-in kill switch. The latter will kill the internet connection if the VPN connection happens to drop.
Desktop clients can be downloaded for Windows and MacOS, and mobile apps are available for iOS and Android. IPVanish can be manually configured on Linux and some routers. Any number of simultaneous connections are permitted.
- Operates over 700 servers outside of the EU GDPR zone
- Good unblocking capabilities and streams in HD speeds
- Connections, communications and traffic remain encrypted and private at all times
- Preferred by Kodi and Firestick TV for its remote-friendly apps
- No live customer support
- Not always reliable with unblocking Hulu
LARGE NETWORK:IPVanish is great for families that need multiple devices connected. Good at unblocking most geo-restricted content. Recommend for their high standard of privacy. Could do with a live support option. 30-day money back guarantee.
Read our review of IPVanish.
Money-back guarantee: 30 DAYS
A newer and smaller player in the VPN industry, PrivateVPN is not to be overlooked. It operates dozens of servers outside the EU and will enable you to access your GDPR -restricted content without issue. What’s more, PrivateVPN seems to fly under the radar of many sites that are cracking down on VPN usage. This means it’s able to bypass the Netflix proxy error, along with those of other sites like Hulu, HBO, BBC iPlayer, and Amazon Prime Video.
This service keeps its promises on the privacy and security front. It stores no logs of browser or session history, so you don’t have to worry about any data ever being handed over to a third party. Encryption is 256-bit on most protocols, but 128-bit is used on some. Either way, both are considered extremely secure. DNS leak protection and a kill switch are built in.
Apps are available for MacOS, Windows, Android, and iOS, and PrivateVPN can be manually configured with Linux and some routers.
- More than half of its servers are located outside of the EU
- New and growing network with fast servers
- Can unblock most popular streaming services
- Small number of servers to choose from
- Works with Linux but requires manual configuration
- Apps lack advanced features , such as ad and malware blocking options
GREAT SPEEDS:PrivateVPN is easy to use. Allows up to 6 devices on the same account. Fast connections but could do with having more servers to chose from. 30-day money back guarantee.
Check out our in-depth PrivateVPN review.
Can I use a free VPN for GDPR-blocked websites?
Searching for a VPN service will yield a ton of results for free offerings. Many of these will indeed mask your IP address and enable access to the sites you’re trying to unblock. But this usually comes at a price, even if it’s not in the form of monetary payment.
A free VPN service will typically have a large number of users and a small server network. This means you may have to wait in line to access a server, and once you’re in, chances are you’ll end up with a slow, unreliable connection.
And that’s not the worst part, especially if you’re concerned about privacy. Many free VPNs have a poor reputation in this area. They may track your activity and sell the resulting data to third parties, such as advertisers. Others have been found to inject malware and one VPN service even stole users’ idle bandwidth for use in DDoS attacks.
What the GDPR mean for users
The EU’s General Data Protection Regulations (GDPR) are measures put in place to achieve the following goals:
- Harmonize data privacy laws across Europe
- Protect the data privacy of EU citizens
- Change the approach organizations take to data privacy
Some of the implications of the regulations include:
- Data breaches must be reported with a specified time period (72 hours).
- Consumers must give informed consent for data collection and storage and can withdraw at any time.
- They can request any data a company has collected about them in a machine-readable format.
- Larger companies (with more than 250 employees) need to have a mandatory data protection officer.
The maximum penalty for breaking the regulations is 20 million Euros or four percent of the company’s turnover, whichever is larger.
One of the major things that many companies need to address is the issue of informed consent. The methods that companies have traditionally used to get consumers to agree to data collection are highly in favor of the company and don’t do much to protect consumer privacy rights.
For example, companies often post lengthy, jargon-filled privacy policies that hardly anyone will take the time the read. Embedded in these policies is information about how user data is collected, used, and stored. To agree to these terms, a customer usually has to simply check a box, which they’ll often do without reading the accompanying policies.
Part of the GDPR aims to force companies to be more transparent with consumers about what they are actually agreeing to.
Why sites are blocking EU visitors
The regulations don’t just apply to companies headquartered in the EU. They apply to all companies that deal with EU citizens. In fact, Facebook and Google have already been hit with multi-billion dollar lawsuits related to the GDPR.
The new regulations were announced about two years ago, so many companies have used that time to roll out a compliance strategy. Some companies were very proactive and updated policies and notified users well before the deadline. Some have even created an additional option for those who want to opt out by offering plain text alternatives. National Public Radio (NPR) is one such example.
Here’s their notice:
And here’s the plain text version of the site you view if you decline:
Other companies haven’t made the cut off. The reasons aren’t exactly clear and may be different for each business. Some simply don’t have the resources to put towards these changes. Some plan to become compliant but need more time.
For example, sites under the Tribune Media Group umbrella, including the LA Times, New York Daily News, Orlando Sentinel, Baltimore Sun, and Chicago Tribune offer a brief explanation:
“Unfortunately, our website is currently unavailable in most European countries. We are engaged on the issue and committed to looking at options that support our full range of digital offerings to the EU market. We continue to identify technical compliance solutions that will provide all readers with our award-winning journalism.”
Whereas trying to access A&E or the History Channel simply returns a generic note:
“This content is not available in your area.”
Some sites that lack the necessary resources to meet the regulations have been forced to shut down completely. These include popular gaming sites, Super Monday Night Combat and Tunngle.
How to unblock GDPR-restricted sites
Websites that are blocking EU users due to the new GDPR are doing so to avoid non-compliance. Basically, they haven’t yet updated their policies and systems (or have decided not to) and don’t want to risk being fined.
Using a non-EU VPN server to mask your IP address will make it appear that you’re outside the EU and therefore do not pose a risk to the company. Here are the simple steps to access a website blocked due to GDPR:
- Sign up for one of the VPNs listed above.
- Download, install, and run the VPN app on your device.
- Connect to a non-EU server.
- Access your desired site.
Bear in mind that because you’re intentionally masking your location from the site, the regulations don’t apply and you shouldn’t expect that you’ll benefit from the privacy rights they impart.
Sites blocking EU users due to the GDPR
Here is a list of sites we know are currently blocking EU visitors due to the new GDPR:
- Arizona Daily Star
- Baltimore Sun
- Chicago Tribune
- LA Times
- New York Daily News
- Orlando Sentinel
This list is not exhaustive and could grow or shrink as time goes on.