That is a jurisdictional grey area. It is technically true, but practically speaking, it's why I specifically said "EU regulators will ask for help from other countries".
GDPR is only strictly enforceable in EU countries. All the other countries, it's up to whether they want to cooperate.
Example - EU cannot force China to make Tiktok/Bytedance to follow GDPR practices in China for EU citizens. They really they can only wave a big finger and claim Bytedance is out of compliance.
Sure, EU can sue Bytedance cross border in China, but it carries no weight/teeth. At which point, EU has to escalate... trade relations? sanctions? war?!
GDPR is only strictly enforceable in EU countries. All the other countries, it's up to whether they want to cooperate.
Example - EU cannot force China to make Tiktok/Bytedance to follow GDPR practices in China for EU citizens. They really they can only wave a big finger and claim Bytedance is out of compliance.
Sure, EU can sue Bytedance cross border in China, but it carries no weight/teeth. At which point, EU has to escalate... trade relations? sanctions? war?!
So practically - they have to ask for help.