Why Facebook does not encrypt your password
First of all the security of passwords is safety critical for all internet providers, which have a closed system secured by login and password solution, means standard practice is to encrypt the password before putting it into the data base where it will be stored. Next time same user comes again and his real password will be encrypted and then compared to the saved encrypted password inside the data base. If both are the same access is granted to the user. So that's the common practice in short, but wait Facebook could read your password in clear text - something is wrong here, not? Yes, if you do not implement the encryption of the password you are actually a fraudster, because you have always access to the cleat text password of the user, but why should you do that on purpose? On purpose you would do it in order to save the users email and password and because most people like to always use the same password on the internet, you could possible gain access to other internet pages, where the user has a login with the same email and password and the do whatever you wish or better steal the data.
The concept of the open internet
Why is that critical for a company like Facebook to have access to all possible data? The concept is called the open internet, but not as you would think. The concept is to make closed system to your platform and then to gain access to data of the users. In this case, it's intended to gain access to more data than through the own platform, means accessing emails, other platforms etc. where data is stored, created and used. That is the understand of open internet from their point-of-view. The data of users are used for multiple research and development issues, but they can be purchased and if it's indirectly through targeted ads. The business of big technology companies is mostly ads based, if they do not produce hardware like Apple. That's why Apple does more in direction of Data Protection, because they are less dependent on data and their processing for generating revenue.
Identity theft
Sharing data and media is not a bad thing primarily and in most cases it's used for correct identification, because in the moment there is no anonymous identification system provided by governments for their people. Therefore mostly for each transaction you need some kind of identification: your email, your name, your passport id etc. The problem occurs, when your identity is stolen with the intend to replicate your identity in order to do malicious stuff with it. Therefor best would be government anonymous identification.