[y4mi]

But that is the thing. The regulation is still in effect, even after they gave the permission.

The identifiable information still has to be encrypted. They still need to specify exactly where the information will go and why. And if a new company wants to access the data or even wants to use the provided Information for something new, Facebook has to ask permission again. Once again telling the user why that company needs permission and why as well.

It's doubtful that the current blanket prompt is enough. But it remains to be seen wherever the law will be enforced and it's of course possible,that nothing will change and regulator's never act on the law

[pas]

FB will have to do the aggregation themselves, and then the sell the aggregated data. no PII. and they are doing that, allowing targeting and stopped the messaging legacy APIs, now if an app wants to read your messages it has to ask for permission. (I don't even know if there is such a permission anymore.)

That said, I hope the EU courts will look at them the first time they fuck up. (And that might be right now. But so far I'm not aware of any recent FB data/privacy abuse.)