I think what OP means is that a US company cannot simultaneously comply with the CLOUD act and the GDPR. That case has also been made by some courts in the EU, that US law and practice are incompatible with the requirements of the GDPR. US companies who claim to process data in accordance with the GDPR seem to be deceiving their customers. Maybe I'm wrong but it seems to me that companies in the EU who rely on US services, corporations in the US, and even governments themselves keep quit about this unpleasant truth. It means that Microsoft Windows violates the GDPR, Google violates it, every US social network violates it, etc.

Of course, as someone else mentioned, that is not an argument against EU sovereignty but rather one of its motors.