[natestemen]

im going to take this a step further and say connecting accounts means sharing _no more_ data than is required for the integration.

I don't understand why netflix gets to see all your DM's when all you want the connection to do is send a message to a person you choose. The connection doesn't need to give netflix literally any data besides maybe the fact that a message was sent. why do they need to know who it was too, and any other messages surrounding it?

[miracle2k]

Because the recipient could see the message and respond to the message inside the Netflix UI.

I am about to change my mind on the GDPR. If Spotify and Netflix are legally obligated to not store any data they do not need, then Facebook can actually make an additional argument that it is ok to give them wider access; after all, the law will ensure they have to handle it properly.

[AnthonyMouse]

> If Spotify and Netflix are legally obligated to not store any data they do not need, then Facebook can actually make an additional argument that it is ok to give them wider access; after all, the law will ensure they have to handle it properly.

That seems like a huge perverse incentive. Companies will start constructing systems so that more data is "required" so they can legally collect and share more of it. Then convincing them to collect less would require not just convincing them not to collect the data but convincing them to undergo the expense of redesigning all their systems to not "require" it anymore.

[Kalium]

> Companies will start constructing systems so that more data is "required" so they can legally collect and share more of it.

This is exactly what companies do. They decide what data they want, and then set out to find a way that each of those data elements is necessary.