[closewith]

> That would make any EU company running a server in a country without an EU data processing treaty illegal, because the IP address would be in the TCP handshake.

Yes, and this is the current situation with the US following Schrems II. Obviously, lots of companies are non-compliant as everyone is waiting for a diplomatic solution following the ruling against Privacy Shield.

> 1P already has consent from users for its apps to use the network to connect to their services.

They probably rely on the strictly necessary legal basis for network connections that are required to run the service. However, each purpose much have its own legal basis and you cannot bundle purposes. For example, you cannot gain consent to process given personal data for one purpose and then process it for another purpose.

Consent must be bound to one or several specified purposes which must then be sufficiently explained.