> You didn’t answer the question . How do you have a global graph without sending data to every country where your friends are?
You do not, but that is not what the ruling is about. This ruling is about Meta using standard contracts (SCC) to achieve mass acceptance for personal data transfers of EU citizens out of the EU. Which you are not allowed to do with the GDPR. If Meta had obtained individual permissions from you on your various personal information, then it would not have been illegal for Meta to share your information globally.
This isn’t really about what you share on FB either, it’s about all the data that Meta applications gather about you (often without your knowledge) that they then send outside the EU with a very generalised permission that you probably auto-accepted when you signed up. It’s exactly because the EU regulators know that people auto-accept those general agreements without ever reading them that the law has been made to make such agreements non-GDPR-compliant. The reasoning is that you cannot sign away your rights without understanding what you are signing away, and if corporations don’t want to make sure you know what you are agreeing to then the corporations are in violations of EU law.
You do not, but that is not what the ruling is about. This ruling is about Meta using standard contracts (SCC) to achieve mass acceptance for personal data transfers of EU citizens out of the EU. Which you are not allowed to do with the GDPR. If Meta had obtained individual permissions from you on your various personal information, then it would not have been illegal for Meta to share your information globally.
This isn’t really about what you share on FB either, it’s about all the data that Meta applications gather about you (often without your knowledge) that they then send outside the EU with a very generalised permission that you probably auto-accepted when you signed up. It’s exactly because the EU regulators know that people auto-accept those general agreements without ever reading them that the law has been made to make such agreements non-GDPR-compliant. The reasoning is that you cannot sign away your rights without understanding what you are signing away, and if corporations don’t want to make sure you know what you are agreeing to then the corporations are in violations of EU law.