[pas]

no it doesn't. facebook was always pretty good at asking for permission. it showed you that so and so app will have access to this and that. and people blindly clicked it, because they wanted the maffia wars, the mob wars, the farmville, the latest zinga shitclick time waster to one up their friends in imaginary internet point games. (I tried them too, then luckily the fad wore off.)

FB has to show who they sell data to, that's the new part basically. They will probably show a long list of random companies. It'll look a bit scary, people will get accustomed to it. (FB will find a dark pattern that minimizes the attrition due to any permission/consent step in their money machine.)

[y4mi]

But that is the thing. The regulation is still in effect, even after they gave the permission.

The identifiable information still has to be encrypted. They still need to specify exactly where the information will go and why. And if a new company wants to access the data or even wants to use the provided Information for something new, Facebook has to ask permission again. Once again telling the user why that company needs permission and why as well.

It's doubtful that the current blanket prompt is enough. But it remains to be seen wherever the law will be enforced and it's of course possible,that nothing will change and regulator's never act on the law

[pas]

FB will have to do the aggregation themselves, and then the sell the aggregated data. no PII. and they are doing that, allowing targeting and stopped the messaging legacy APIs, now if an app wants to read your messages it has to ask for permission. (I don't even know if there is such a permission anymore.)

That said, I hope the EU courts will look at them the first time they fuck up. (And that might be right now. But so far I'm not aware of any recent FB data/privacy abuse.)