The extra-territorial aspect of the GDPR has been designed mimicking the criminal law approach enforced to punish crimes committed abroad by a national citizen. But while this approach works for criminal law, it doesn’t for civil (in the Continental meaning of the word) law that is strongly based on the jurisdiction (meant as “geographical limit to the power of a sovereign State) concept. Under this principle, a law can’t extend its reach outside the boundaries of the State that passed it.
Technically speaking, the GDPR is right when it says that an EU entity must respect the EU law even outside the frontiers. And is right, too, when affirms that a foreigner who comes to the EU must comply with the EU regulation.
What the GDPR doesn’t account for, though, is the hypotheses of the limits set forth by another jurisdiction that prevent a full GDPR compliance (actually, it does, but it looks like the consequences have not been actually assessed.)
You can only use State-approved VPN, meaning that you cannot guarantee a 100% security of your personal information exchange in you are an EU company with a branch or a local legal entity part of your group.
If you refuse to go through a State-approved VPN you are infringing a local law.
If you comply with the local law, you are infringing the GDPR.
Then, as a CEO, you must either decide which law you’re going to break or which country you want to do business with (or in.)
Another example is data-retention (that is not a GDPR issue, but is related to personal information processing nevertheless.)
Japan is another case alike: there, data-retention is not an issue while it is a serious one in the EU. When the JEFTA (Japan Europe Free Trade Agreement) will be signed, Section X will come into force regulating the telco business: what will Japanese ISPs will do in relationship to the EU citizen personal information?
To put it short: using the might of the law, the EU is clearly trying to “educate” other countries in respecting advanced legal principle, but at the cost of disrupting the world business economic order.