Tech companies are facing more aggressive antitrust concerns than ever before, many of them centring on data access. The biggest tech companies have few competitors. And as they face new questions about federal regulation and monopoly power, sharing data could be one of the least painful ways to rein themselves in.

The ominously named company has for years used official APIs to siphon public posts from Facebook, Instagram, Twitter and other sources online, collating and analyzing for various purposes, such as to gauge public opinion on a political candidate or issue. It has clients around the world, serving Russia and Turkey as well as the U.S. and United Kingdom.Facebook, it seems, was not fully aware of the extent of Crimson Hexagon’s use of user data, however, including in several government contracts which it didn’t have the opportunity to evaluate before they took effect. The possibility that the company is not complying with its data use rules, specifically that they may have been helping build surveillance tools, was apparently real enough for Facebook to take action.

When marketers can harmonize those insights with other consumer data before running it through ad buying platforms, the location data can be extremely powerful. But processing multiple data sets together paints a detailed picture of a consumer, and users may not be interested in that. It makes sense for anyone using location data to operate as if GDPR compliance applies in every nation, meaning consumers must give consent and be guaranteed a path to resolution when they’re dissatisfied with how their data is used.