If another company with facilities in the EU then buys the noncompliant company, could they enforce a judgement on the parent company?
If a noncompliant company is going through due diligence prior to being acquired, they be legally obligated to disclose that judgement? Even if they didn't, how hard would it be for an associate at a law firm to check public records about the company?
Yea they could, but this is basic politics and sovereignty. Nations are allowed to make rules for operating inside themselves. You don't just get to ignore all of those rules when working inside them because you said your home is another nation.
The other side of that is that you can tell foreign governments to fuck off if you aren't dealing with them at all. The only time the foreign governments matter is if they are a superpower able to bend your own country to it's will, and that point you are basically a colony anyway so there's not much you can do
The more likely problem will have to do with a US or Chinese company buying an EU company (given the scale imbalances in question). It'd be critical to maintain the existing GDPR compliance and keep the entities separate if the US or Chinese operations are not GDPR compliant per their domestic businesses.
Alibaba for example likely has no plans to concern itself with GDPR compliance in its domestic Chinese operations. They obviously will segment and comply with GDPR as it pertains to the EU operations / EU customers.
If a noncompliant company is going through due diligence prior to being acquired, they be legally obligated to disclose that judgement? Even if they didn't, how hard would it be for an associate at a law firm to check public records about the company?