I've never understood why companies bothered to do go to the effort of blocking people.
If you own a company in America, trading in America and somebody happens to visit from the EU and is subject to the GDPR then so what? That's their problem, not yours.
The GDPR can only be enforced against a foreign company if that company actually has a local subsidiary in the EU. In extremis the EU commission might decide to block payments to a particular US company that was accepting and processing orders from EU customers, but honestly I think they'd struggle to do even that.
They certainly wouldn't be able to impose fines for noncompliance; foreign courts would (quite rightly) point out that courts don't have jurisdiction out of their territory and refuse to enforce their decisions.
Biting the hand that feeds IT
