GasBuddy (and Life360) just sold that same ___location data to brokers, which Allstate bought and used to adjust premiums. Practically every app that is given access to ___location info is selling it, and it's widely available to anyone with the money to buy.

Maybe we should have some sort of General Data Protection Regulation law instead of hand-wringing about social media.

GasBuddy, at least, said that they could (read: would) sell the ___location data that they collected after opt-in. It was part of the agreement.

I can't imagine a world where it would be illegal for two parties to agree to sell the ___location data that one of them generates.

That’s the world we live in today. Under many countries’ privacy laws, it’s not legal to sell PII to a third party that you collected for a specific other purpose (e.g., fulfilling the primary purpose of the app). The problem is that they do it anyways.

What problem?

If I agree to let FantasyCorp sell my ___location data, and then they follow through with our agreement and actually sell it, then there's no problem here that I can see.