> Is this even possible now that the US has passed legislation that allows a simple internal US-issued warrant served on a company in the US to force that company to turn over data stored in foreign jurisdictions?
Yes, sort of.
You'd need to make sure that the US arm/parent/whatever did not have the ability (in any way) to access that data for itself. Access to the data would need to be totally reliant on the EU entities co-operation.
The EU entity would refuse (as it'd break EU law) and the US entity would be unable to comply.
But, it'd mean you'd need to be willing to accept whatever penalty the US entity then gets hit with for non-compliance. From what I've seen though, that's still significantly less than the fine you could get under GDPR, so from a pure financial sense it makes more sense to tell the US to fuck off.
> According to the US government, they no longer need to issue an international warrant under their various treaties and get the co-operation of the government of the nation where the data is located.
Yeah that's what they say. It's unlikely to work well for them in most countries though. It's not that different to the Kremlin passing legislation stating that they are now cleared for unescorted access around the Pentagon and that interfering with their passage within the building is a capital offence.
You can pass whatever law you want in your own country, you can even say you're not going to use diplomatic channels. The other side, though, doesn't have to accept it. Where the other side has the ability to punish your middle-man for compliance, it'd be foolhardy to push it too far.