That's being a little bit hyperbolic. There's nothing new under the sun here as far as ccTLDs go. There's a long history of ccTLD operators taking away domains for reasons similar to this. It's what you're (knowingly or unknowingly) signing up for when you register a ccTLD domain name. And yeah, that applies to .io domains as well.
The punchline is that there's no restriction on what a ccTLD operator can do under their namespace. They aren't governed by ICANN regulations. It's common to restrict domains on ccTLDs to be related to entities doing business in that country, and to require verification of such upon registration (and take it away later if it's found to be in violation).
In a lot of cases making money isn't their primary goal. Most ccTLDs are run by their respective governments, in which case the total revenue from domain sales is insignificant compared to the national budget. Or they're run by universities or other affiliated non-profits.
And even if they're behaving in a seemingly sane way now, they can always change policies down the line. With gTLDs there's real contractual protection; you have ownership rights of those domains that don't exist in the same sense for ccTLDs.
Like someone else has explained, ccTLD is particularly bad because the registrars have a lot of arbitrary power over users and appeal process is usually absent.
I know a lot of people who were burned by the .us registrars but the most malicious example has to whoever in charge of .tk: The domains are offered for free, however once you managed to build a consistent traffic they are often held hostage to sell premium services or worse, taken away from owners and sold to the next highest bidder.
To be fair, no rules have changed on the domain registry side. Just like new EU contries gain access to .eu registry, the ones that leave lose it, that was to be expected.
Sorry facebook but you can no longer have the facebook.com domain because blah blah blah reasons.