The news agency Reuters reported that only about 30% of users would be covered by the terms of the GDPR, which takes effect on 25 May, and the remaining members would not be afforded the same protections.
As of December 2017, Facebook had 239 million users in the US and Canada, 370 million in Europe and 1.52 billion in other countries where its service is available.
Facebook plans to get around affording GDPR protection to all its users by changing the terms of service which apply to users; until now, all those outside the US and Canada have been covered by terms agreed with its Ireland international headquarters.
This means the vast majority of users will fall outside the GDPR regulations which allow European regulators to fine companies up to 4% of their global revenue for any violation of the statute.
Last month, Facebook had to battle claims that data breaches led to information about 50 million of its users being siphoned off by Cambridge Analytica.
Later it emerged that practically all two billion-plus users could have had their data scraped due to "features" on the social media website.
In a blog post, chief technology officer Mike Schroepfer wrote: "Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way."
Following the Cambridge Analytica revelations, Facebook chief executive Mark Zuckerberg had to appear before the US Congress where he adopted a suitably crestfallen attitude.
In a statement provided to Reuters, Facebook attempted to play down the changes to terms of service, saying: "We apply the same privacy protections everywhere, regardless of whether your agreement is with Facebook Inc or Facebook Ireland."
Microsoft-owned LinkedIn is doing something similar to Facebook by moving non-European users to a contract with its US-based LinkedIn Corporation. At present, users outside the US agree to a contract with its Ireland subsidiary when they sign up.