Facebook would legitimately be able to argue that the ad targeting is part of their core product, the ads are critical to the function of the website, and that you agree to have your data processed by signing up.
From my understanding of the GDPR, no I really don't think that they would be able to argue that, actually. Particularly when I'm not logged into their site.
IANAL, but I think it depends on what data they collect.
Part of running any advertising business is accurately billing the advertisers. To do that, they need to measure enough information to track viewed impressions, click-through rate, etc.
If they collect only enough information to perform business functions like these, I believe that would constitute a legal basis for processing under the GDPR.
They may have a harder time using that justification for information that is only needed for ad targeting. In that case, consent may be an easier legal basis for them to establish, for which an account would be useful.
“Ad targeting is critical for the functioning of our core product”, _and_ ”if you don’t want us to use your Facebook interests to show you ads on other websites and apps, there’s a control for that too”?
Possibly, but that would mean a narrow interpretation of ”Facebook interests”. Data obtained through tracking pixels on other sites technically could fall outside ”Facebook interests”, for example. I don’t see how that would fall within the GDPR requirement that they must tell users what they do with their data in a language that the users understand, though.
“You can remove any of these advertisers to stop seeing their ads.”
“Finally, if you don’t want us to use your Facebook interests to show you ads on other websites and apps, there’s a control for that too”
Reading that critically, there doesn’t seem to be any way for Facebook users to control what data Facebook collects.
I wonder whether that page will change due to the GDPR.