To an extent, but the US often compels foreign companies to either not deal with US customers or put up with US’s bullshit, so they could potentially get compliance from major overseas providers. More onerous domestic policy could also prevent it, like requiring that domestic network providers block unauthorized encrypted connections to foreign entities. And anyways, making something illegal doesn’t actually require making it physically impossible to do.