They aren’t attempting to enforce legislation globally. If a company operates in the EU, it has to comply. For companies that don’t operate in the EU and have no EU customers or traffic, they don’t. Simple
Even if said foreign companies have EU customers, what can the EU do about it? If I were a foreign company, I would completely ignore GDPR requests. Like > /dev/null, not even bother reading them.
This law will only make things (even) more expensive and cumbersome for EU companies wrt. the rest of the world. This is going to be the asinine Cookie Warning all over again, times a hundred.
> Even if said foreign companies have EU customers, what can the EU do about it? If I were a foreign company, I would completely ignore GDPR requests. Like > /dev/null, not even bother reading them.
EU regulators could domesticate their judgments in the jurisdictions where these companies are based. It's entirely possible to do this in most states in the US, for example.
Failing that, they could target assets held in the EU or take action whenever corporate officers travel to the EU.
This law will only make things (even) more expensive and cumbersome for EU companies wrt. the rest of the world. This is going to be the asinine Cookie Warning all over again, times a hundred.