"What bothers me is how can the EU dictate how ICANN runs the global internet?"
Look at it from the rest of the world's point of view. How can the US dictate how the internet is run within the EU borders or, indeed within the borders of non-US countries in general?
ICANN depends more on global consent than it does on the US's contract. The RotW could, if it so wished, get together, clone ICANN's root registry and then treat the clone as definitive. Given ICANN's governance problems which have been reported here a number of times it's slightly surprising this hasn't happened already.
In reply to your question, what the EU can dictate is what businesses, including registrars, can do with respect to the privacy of individuals within its borders. It can levy fines on any entity with a presence within its borders for breaching its legislation. That affects all EU registrars. It also affects any multinationals with offices within the EU. There's nothing in the EU legislation which would effectively prevent a non-EU registrar from publishing PII information on whois; nothing, that is, except it would then be competing with other registrars who don't and it would limit any subsequent expansion into the EU itself. So, although the EU can't dictate how ICANN manages the internet globally the control it exerts within the EU means it has to be respected. ICANN has finally faced up to that.