Re: I have but one question
"For your Europeans out there, that IS already illegal in Europe if the address book on the phone in use contains but one personal contact detail of someone who has not goven explicit permission for this to happen.."
I believe that the likes of Facebook will point out that the "entity" doing the sharing is the phone's owner, not Facebook and that you should take it up with the phone owner (i.e. your family/friends/acquaintances). Indeed I assume there is some Facebook legalise that states that they expect/assume the phone owner has obtained permission from individuals to share their personal data - which then theorectically gets Facebook off the hook. The GDPR has an exemption for "domestic activities" and so no action will ever be taken against the individuals (phone owners) doing the sharing.
It would however be a different matter if it's a company phone as the domestic GDRP exemption obviously does not apply in that situation.
I would have thought that the fact that Facebook intended this sharing to occur as part of their apps design, and that they are relying on the majority of people to not read any legalise that might appear, would put them "in the frame" for causing such sharing to occur but I've seen no sign of any of the European Data Protection regulators considering this.
Biting the hand that feeds IT
