I think that even within a relatively tech-savvy audience, most people don't realize both the extent of the data facebook may be gathering and the implications of facebook hoarding this information and turning it over (intentionally or accidentally) to untold third parties at some point in the future. Lots of information is harmless... until it isn't.
Consider, for example, giving your genetic material to a company that researches genealogy. Mostly harmless fun. That company is later quietly purchased- along with its databases- by a medical supplier. Meanwhile, cancer research has found that people with a particular gene sequence are at elevated risk for lung cancer. A partnership between the medical supplier and a medical insurance company means you can be screened for that risk without your knowledge, and suddenly you're screwed.
Even for those who don't see facebook as a malicious entity, there's considerable evidence that they do not exercise due diligence in storing and securing this information- see, for example, the recent case of leaking an enormous quantity of plaintext passwords via log files.
Enormous risks to individuals exist because the current regulatory environment poses no penalty to private entities for gathering personal information, sitting on it indefinitely, and transferring it to other entities until some purpose is identified. These risks may seem very small, but I believe that is mostly a fault of our collective imagination.
