It seems to me like Americans might benefit from EU protections in any case, since corporations have to (from my understanding) apply said protections to EU citizens living outside the EU and those using VPNs to connect from outside the EU.
I don't think the GDPR applies to EU citizens outside the EU; only to people in the EU.
Also, the GDPR doesn't necessarily apply to every non-EU site that has EU visitors, only to those who in some way target EU customers (the rules are a bit ambiguous: https://gdpr-info.eu/recitals/no-23/)
So if someone outside the EU wants to benefit from the GDPR, the best way is to use services by EU companies, as those are required to apply it to everyone.
