My guess is liability factor. If they get it wrong, massive liability on their side especially since someone could be like "I told you X" and Cloudflare didn't think the law applied or not.
This is already a fact of life: Amazon, Cloudflare, etc all manage blocklists for common patterns in firewalls, and many compliance standards (e.g. SOC2) pretty much require you to enable them. Mistakes are sometimes made in these things, but fairly certain that liability is covered by the ToS.
“””
Our analysis reports that the regulations that are currently being discussed and likely to have an impact on the following services of yours: {{SERVICES}}.
These regulations touch on the following points: {{POINTS}}.
Here are how each of your listed services would likely be impacted by the different components of the regulations:
Better to put onus on the customer.