Comment by fauigerzigerk

I mean that under GDPR, website owners as data controllers must get user consent before embedding third party tracking technologies on their websites to pass on data to Facebook.

It doesn't matter whether GDPR mentions any specific word. What matters is what the technologies referred to by the word "tracking" actually do. And what they do clearly requires consent under GDPR.

The paragraph you posted implies (but does not explicitly state) that Facebook's ability to identify individual users would still be noncompliant even if the website has received consent from the user to embed Facebook's technology. Or does the court blame the website's noncompliance on Facebook?