Wouldn't it be equally on the US to negotiate an agreement with the EU to maintain the global dominance their tech sector currently enjoys? I don't see a categoric reason why the EU should blink first.
Let's consider the possibly ways this might play out:
1. The US maintains its position and the CLOUD Act, specifically. The EU maintains its position and GDPR and the Schrems II ruling, but doesn't strictly enforce those.
So, pretty much the status quo as it is today. In that scenario, the EU and local authorities will keep pestering EU-based businesses here and there, but overall prove they're a paper tiger with lofty ideals but no power or will to back those up with action.
From a US perspective, that's an not only an acceptable but even a desirable outcome, because a relevant international party decided to deliberately hamper themselves and their economy with no repercussions for the US. So, no need for the US to blink first, or at all, as a matter of fact.
2. The US maintains its position. The EU maintains its position, too, but contrary to the first scenario does suddenly decide to strictly enforce GDPR and crack down on any business that doesn't comply.
Since, as outlined above, this would mean pretty much every business under EU jurisdiction, the entire economy of the EU would come to a grinding halt within weeks, which in turn would probably lead to major insurrections and the EU ceasing to exist within a matter of weeks as well.
This of course would entail major turmoil and crisis for the world economy as a whole as well, but the EU and EU countries what suffer the most.
So, not exactly a desirable outcome for the US. However, there'd be no need for the US to blink first in this scenario either. If a player decides to commit economic suicide, why should the other player indulge them?
3. The US maintains its position. Again, the EU maintains its position, too, but contrary to scenario #1 and #2 not only decides to strictly enforce GDPR, but first entirely extricates itself from the US economy (i.e. mercantilism 2.0) by not only requiring businesses under EU jurisdiction to cut all ties to the US but by managing to provide viable alternatives to US-based services first.
As pointed out above, so far this hasn't been happening and there's no obvious reason why that would change all of a sudden.
Still, even if such a scenario were realistic, the economic consequences probably would be more severe for the EU than for the US, too.
So, again, no need for the US to blink first.
Hence, in any possible scenario - however likely or unlikely - the US can simply wait it out and it's on the EU to make the first move.
You may have a better insight into this, but could you elaborate a little further? Is entirety of EU running everything on AWS the way US seems to be and thus making it a vulnerable monoculture of sorts? For example, I can see some heavily digitized countries suffer( Germany, Estonia ), but not all of them seem that independent of paper documentation.
Even if your entire business is offline and all your processes are still paper-based (which today would be highly unusual, even in less digitized countries such as Germany, where quite a few businesses actually still rely on paper and - indeed - fax for at least some of their processes), that might still be the case.
More realistically, any run-of-the-mill SMB will use at least some digital tools, e.g., for accounting or for running their website. Relying on EU-based suppliers and EU data centres exclusively or even going all the way and storing everything on-premises doesn't necessarily mean you're compliant with GDPR.
If only one of those EU-based suppliers has any dealings whatsoever with just one US-based company you're technically in violation of GDPR again.
I would like to see this, but given the extremely shitty track record of European software projects (400 million Euro wasted on a search engine, just as an example), I can only agree that this is very unrealistic.
