Even in America, if a user can argue that their consent is uninformed you can still end up with a lawsuit. What's more, various states have different rules regarding that liability as well.
You're not wrong in this guy's case, especially since his software is on the App store. However, for most open-source projects, the installation process is sufficiently obtuse that you would be hard pressed to claim you were 'tricked' into installing it
It's not clear that open source projects that are published public domain actually have GDPR obligations. Specific INSTANCES of them running as a service might.
