In this interpretation, FB should not have been fined for CA. While it’s a cogent theory, regulators disagree with you and they have guns backing them up.

Thankfully many of us here live in countries where the pen is mightier than the sword. If regulators' opinions don't match up with those of the people, then maybe we need some new regulators.

Not trying to imply there's any sort of consensus here, of course. Just that "regulators disagree" certainly isn't the end of the discussion in any country with a functioning democracy.

What if you make me sign some sort of NDA/ToS?

To be clear, I'm not saying that there should be no consequences if you distribute a message that I didn't want you to. I'm just saying that I shouldn't be able to stop you from doing so. If you signed a contract saying you wouldn't, and then you do, I should still be able to sue for that, but the existence of such a contract shouldn't let me control your technology to prevent you from breaking it in the first place.

I'm confused, what's the point of the contract that says "you can't do this" if not to legally enforce that you can't do that?

I'm distinguishing between two different meanings of "can't": not allowed vs. not capable. You should be capable of violating NDA/ToS's, but possibly suffer legal consequences if you choose to do so.