If I recall correctly, the corporations that explicitly do not aim to serve EU citizens (and make reasonable attempts to block them) do not need to follow GDPR. Then there's a matter of enforcement - I don't think EU can do anything to a company that does not have any presence in the EU. IANAL, but I am an EU citizen living in the US so it would be great if I'm mistaken here. :-)