That excuse in EU holds only against an EU court or ICJ or ICC. EU doesn't recognise legal holds of foreign jurisdictions.

Do you have any references to share?

It's a bit more complicated. For the purposes of the GDPR legal obligations within the EU (where we might assume relevant protections are in place) might be considered differently than eg legal obligations towards the Chinese communist party, or the NSA.