That's yet to be seen.
Can you imagine the ire when Europeans are able to download a rich set of information on how they're being tracked and so on, whereas Americans and the rest of the world has no access to that information? I can't. What is more probable is tha FB will try a legal trick claiming they are an American company and they follow the laws of California, not EU, even if they gladly accept European advertisers's money via Ireland.
"What is more probable is tha FB will try a legal trick claiming they are an American company and they follow the laws of California, not EU, even if they gladly accept European advertisers's money via Ireland"
That is specifically not possible under GDPR. It doesn't matter where your company sits, if you store data from europeans (or people living in europe) you have to follow the GDPR with potential for severe punishment. There really is no loophole afaik.
No. For all users within EU it must follow the GDPR. If you are a US citizen and access FB from EU, they must follow the GDPR, as far as I understand it.
And being FB, they really do not have a choice, since the EU do have leverage over them because they're doing business here.
I live in the EU. If I'm your "customer" (as in, you store my personally identifiable data), you have to comply with GDPR, regardless of where your company is.
According to Reuters[1], "Facebook said the latest change does not have tax implications." If they are still paying taxes through Ireland for the profit they make off those 1.5b users, they seem to be choosing to EU jurisdiction (which would include the GDPR) regardless of any contract of adhesion they forced users "agree" to.
Facebook could have made a startegic decision to permanently repatriate profits based on US tax law changes before making the GDPR decision, which would make the GDPR decision tax-consequence free.
It's so the non-EU users won't have any rights under the GDPR. All non-US users were officially being served by Facebook Ireland instead of Facebook US, which would have put them under GDPR too (like India, Australia, etc.).
I don't see it in a quick scan, but I wonder if that means all the revenue from those countries will no longer be shielded from US taxes, which might indicate how seriously FB see the GDPR as a threat.
EDIT: pdkl95 mentions in another comment, they claim it doesn't.
GDPR's right to portability only extends to things you provide directly, or are collected on the basis of explicit consent, or wmthings which are required to fulfill a service or contract, like status and photos. There are explicit exclusions for a lot of things like things collected in service of antifraud & security efforts, and for things collected offline (IIRC), leaving a big set of holes that they can hide quite a bit.
They're also not allowed to infringe on the data rights of other users which is why the friends list export is so anemic, for example.
Not only will it require them to include the info they're using to target you with ads, but also their source for that info (if it wasn't submitted by the user itself), the existence of automated-decision making, and "meaningful information about the logic involved".