That does nothing to prevent the app from retaining the information they obtained using the Facebook API during the time they were authorized (yes it's against the TOS to do so, but it's completely unenforceable).

But the information they would retain would be the same information they'd have if you'd signed up with email and manually entered information.

That's not true at all. If I enter information manually, then the site has exactly the information I've chosen to give it, no more and no less, until I decide to provide more. That is most likely not the same information I've shared through Facebook. But if the site gathers information from my Facebook account, then it gets whatever Facebook chooses to give it; the choice is not under my control.

If Facebook had a history of strong privacy protection and strict opt-in policy to information sharing, this wouldn't be so bad. But since Facebook has the completely opposite history, including Zuck coming right out and saying that he would prefer all Facebook user info to be shared, I'm not going to trust Facebook to keep whatever I want private private.

Not really, basic permissions on facebook includes your friend list.