|weather||:||mixed rain & snow|
A) The porn company already has the information and could have already sold it to any number of other parties by now.
Some of those Facebook apps require credit card information.
B) Facebook is suing this one company for hacking, but ALLOWS a frazillion other companies wide open access to your information through those apps. You are required to select the box that says "Allow this application to... Know who I am and access my information" for every single one you add. You can't add one without selecting this. They already have access to everything.
Whatever "binding agreement" these app developers have with Facebook to not do horrible things means almost nothing. I used to work as IT staff for a marketing firm, there are always ways to get around those.
They can give the information to their parent company or an affiliated company, for example. The other company is not bound by the same agreement.
From what I remember of the meetings and conversations with the business stakeholders, they can meet certain requirements and it would be completely legal for them to do things to you that still felt like it ought to be illegal.