> Of course, then some Americans will get mad that a US company has to follow EU law.

This is always the way of the world though, if you want to do business anywhere, you are of course obligated to follow the local laws and regulations. I don't see anyone disputing this outside of blatant patent infringement by certain countries.

The GDPR applies worldwide to any data held about EU or UK citizens, regardless of where they reside. It does apply in the US, it's just potentially harder for the EU to enforce meaningful penalties for infractions.