An application with access to bits in your pod can always copy that data to its own storage right? e.g., a Facebook built on Solid can still grab all the data it needs (with the requisite perms) and store it away, build a profile per WebID, continue serving "cached" copies of changed content, etc. What are your thoughts on this?
At that point, it becomes a legal matter. Not everything can be solved with technology. (There's homomorphic encryption, bet let's leave that aside for now.) The GDPR legislation in Europe sets a good precedent for demanding removal of our data.
The crucial point is that Solid will bring more choice: there will be social feed viewers that will be more invasive, and those that will be less invasive. People can choose the one they like, without consequences as to whom they can interact with. Today, we do not have a choice: if we want to interact with people who use Facebook, we have to use Facebook as well.