Well, first of all, it's about declaring an obvious fabrication as such (that an US company can, even they wanted to, comply with EU regulations, which US courts have ruled they are not allowed to, so it's obviously a fairy tale). That completely leaves the situation open concerning government aided spying, which by the way, European governments have been trying under cover. Well, vermin likes it dark.
On a commercial side, currently the situation is completely unsatisfactorily: European companies are forced to deal with privacy issues (privacy is a human right written into the EU treaties), while US companies are allowed basically to ignore the rules. So either enforce privacy rules against all comers, or get rid of the limitations on the EU IT industry.
What this might mean is that US companies will have to disassociate themselves rather strongly from their EU subsidiaries so that US courts cannot enforce US "national security laws" against them. (Hint, US companies had no problems supporting Nazi-Germany, creating the necessary legal separation. Google Dehomag if you don't believe me.)
The funny part here is, that the European High Court has had, in the past more than once kicked ass, by enforcing European law over convenient national law in the past (e.g. it has basically killed data retention no matter what the politicians wanted), and Privacy is a basic human right which means that simple economic considerations are irrelevant.