I think the point you're missing about the GDPR is that it doesn't matter where your citizenship is from, your location is what matters. US persons in the EU is as well protected as EU persons in the EU. No matter where you're from, if you're in the EU, GDPR applies.
Edit: in order to make this discussion a bit more fact based, as some misinformation is starting to leak into it: I'm referring to Article 3 from GDPR, "Territorial scope". It states:
> This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union
You managed to miss the one case the grand parent poster actually mentioned: An EU person located in the US. This person is also covered by the GDPR thereby rendering any geo-absed rules and routings useless.
> An EU person located in the US. This person is also covered by the GDPR
They are not, where are you getting this from?
Again, Article 3 from GDPR, "Territorial scope";
> This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union
Edit: in order to make this discussion a bit more fact based, as some misinformation is starting to leak into it: I'm referring to Article 3 from GDPR, "Territorial scope". It states:
> This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union