"A European law shouldn’t affect the huge chunk of people it doesn’t apply to."
That was the part of your post I tried to answer. Like it says in the GDPR FAQ:
Any organization that handles data about people living in the EU, UK, and "European Economic Area" has to comply, regardless of where the organization is located. Penalties for non-compliance are severe. Genealogy sites like WikiTree are especially vulnerable because information regarding race, ethnicity, and genetics are considered "special categories" that require extra protection.
Since we cannot definitively determine who in our shared family tree is living in Europe, we need to assume that every living person could be.