Discovery algorithms are part of client presentation and should be under control of the client, regardless of beign commonly done where the database lives.
From the technical perspective, for things where your view is limited to friends that is straightforward to do on the client. Global discovery using metadata can be done using deterministic searching which condenses the view of the database enough that the client can then rank those results however it'd like. And global discovery from a pure firehose is likely even within the reach of a modern personal computer.
As far as apps taking a copy of data, the first obvious control is that its only apps you choose which have access to your data. And for the general problem, that is the point of privacy legislation - which was taken as a given by the comment I was responding to.
From the technical perspective, for things where your view is limited to friends that is straightforward to do on the client. Global discovery using metadata can be done using deterministic searching which condenses the view of the database enough that the client can then rank those results however it'd like. And global discovery from a pure firehose is likely even within the reach of a modern personal computer.
As far as apps taking a copy of data, the first obvious control is that its only apps you choose which have access to your data. And for the general problem, that is the point of privacy legislation - which was taken as a given by the comment I was responding to.