In the case of the US vs Microsoft, it wasn't a matter of whether or not the US could get that data, it was data held for a US citizen and the US justice department, FBI, etc. definitely had a right to get a court order to get it.
The problem was that they tried to enforce a US court order against a US company for data held by a subsidiary in Ireland, with which the US has agreements on how to handle this kind of thing.
On a related point, all of those websites now shuttered to EU people? If any EU people EVER visited them and they hold data on them from that visit, they are subject to GDPR anyways. Shuttering the website because you're not compliant just makes you look like a target because you're admitting non-compliance.