The United States has emerged as the largest investor in commercial spyware—a global industry that has enabled the covert surveillance of journalists, human rights defenders, politicians, diplomats, and others, posing grave threats to human rights and national security.
It really isn’t that complicated. All these major EU services adhering to the oh-so-sacred GDPR doesn’t mean or guarantee anything in the grand scheme of things for as long as they run their services with Google Ad Services, AWS, Cloudflare, etc…
No matter how many times GDPR violations have been paid for, these services aren’t exactly punished for doing what they do when they pay their dues in pennies.
Even if they don’t use or embed tracking into their services like “promised” (which we don’t even know or can confirm since most of them are closed-source), they’re still under EU jurisdiction, any request for data from the service’s respective origin EU country HAS to be fulfilled and they can just make up any pretense (e.g. “think of the children!!” and like we see there linked in the article about “Enhanced Border Security Partnership”). They’ll also gladly incorporate literal spyware (Pegasus), with the EU’s full approval.
So yes, blindly switching from US to EU services, believing that EU services are so great because muh GDPR, doesn’t actually achieve “more privacy”, it is simply nationalist delusion, you can read every single article linked to see why.