In April 2025, Meta announced that it would use public posts, comments, and user interactions with Meta AI from adults in the EU to train and improve its AI models (Meta, 2025). The company said that it would inform users through in-app notifications and emails, and that it would provide a form for objections. It also said that it would not use private messages or public data from users under the age of 18 for training.
Social media use is now part of everyday life. Image source: Meta
On the surface, this may look like a technical update. In reality, it raises a much bigger question: why do people stay on platforms even when they feel uneasy about what those platforms do with their data?
This question matters because the problem is not simply that users do not care about privacy. According to the Digital Rights in Australia report, 67 percent of respondents said that they actively protect their online privacy, and 61 percent said that they had changed the settings on the social media platform they used most often. Yet only 38 percent felt that they really had control over their online privacy. At the same time, 57 percent were concerned about privacy violations by corporations, and 78 percent wanted to know how social media companies use their personal data (Goggin et al., 2017, pp. 1–2, 15–16).
Users worry about privacy but still remain on platforms. Image source: Unsplash
These figures suggest that privacy concern is real. What is weak is not concern, but control. This difference matters. It shows that the problem is not a lack of awareness, but a gap between what users want and what they can actually do inside platform systems.
At the same time, leaving a platform is much harder than it sounds. Platforms are no longer just places for entertainment. They are part of daily life. People use them to keep in touch with friends, receive course notices, manage work communication, shop, and access services.
Digital Rights in Australia makes a similar point when it argues that large global platforms are reshaping the ways people work, study, do business, and interact with government and with one another (Goggin et al., 2017, p. 1). Flew (2021) also argues that more and more online activity now takes place on a small number of digital platforms (pp. 17–18).
For many users, leaving a platform does not mean using one less app. It can mean losing contact, missing updates, and falling behind in ordinary communication. A student may miss course information. A worker may miss group messages or job opportunities. A young person may lose access to social life and belonging. This is why the advice to “just leave” often sounds easier than it really is.
Researchers often call this gap the “privacy paradox.” Chen and Cheung (2018) use this idea in their discussion of WeChat users. They describe a common contradiction: people clearly worry about online privacy, but they still stay on the platform for social life, study, or work, and they often do not take extra steps to protect their privacy.
This contradiction does not mean that users fully approve of platform data practices. It shows something more uncomfortable: many people remain on platforms not because they trust them, but because the cost of leaving feels too high.
Therefore, staying on the platform is not the same as agreeing with how it uses our data. Continuous use of the platform may reflect dependence, habit, convenience, or lack of alternative options. It doesn’t automatically mean real recognition. When we see this more clearly, the issue of privacy is no longer just a simple question of “whether individuals are cautious enough”. It’s more like a question about how the platform uses information, how much control users have, and why saying “no” is often more difficult than it seems.
This also helps explain why privacy notifications and opt-out buttons, while seemingly giving users a choice, often have a weak practical effect. Theoretically, users appear to be given a choice. However, this choice is often buried beneath lengthy notifications, unclear language, or complex settings. Many users lack the time and technical knowledge to carefully read every update. Some users, even those who understand the risks, still feel that refusing is pointless because the platform remains essential for daily communication. Therefore, formal consent does not necessarily translate into truly meaningful control. A person might simply ignore it or hesitantly accept it, not because they don’t care, but because the system offers them few realistic alternatives. This is why privacy cannot be understood solely as a matter of personal responsibility. It is equally influenced by how the platform designs the choice. In other words, the form of the choice is just as important as the existence of the choice itself.
Nissenbaum (2018) argues that the key issue in privacy is not only whether information is public or whether users have lost control. The key issue is whether the flow of information still fits the norms of the original context (pp. 838, 842).
What really makes people uncomfortable is not simply “the content I posted.” The problem is that information first shared for chatting may later be used by the platform for other purposes that users do not clearly understand.
An everyday example makes this easier to see. A person may post a photo simply to share a moment with friends. A person may leave a comment only to join a conversation. A person may ask a question because they want to use a feature or get help from a platform. In all of these cases, the original purpose is limited and ordinary. The user does not necessarily imagine a much larger data process behind that action.
The discomfort begins when the same content later enters another system. It may be used for profiling, targeting, prediction, or training. At that point, the issue is no longer just visibility. The issue is that the meaning and use of the information have changed. The user may still recognize the content as their own, but they may no longer recognize the purpose for which it is being used.
Even if this information was public at first, users may still not understand what it means when the platform later uses it for AI training. They may also feel that they never really took part in that decision.
For this reason, cases like this remind us that staying on a platform does not mean agreeing with every new use of our content. This is why the word “public” does not settle the issue. Public visibility is not the same as unlimited reuse. A user may know that a post can be seen by other people on the platform. That does not mean the user expected the same post to become part of a commercial AI training system.
The scale also changes. A post shared in one social setting can later be absorbed into a much larger technical and commercial process. That shift matters. It changes both the purpose and the meaning of the content. It also changes the power relationship between users and platforms. The platform has the ability to move content into new systems, while users often only learn about those new uses after the decision has already been made. This is why many people feel that they were present in the process, but never truly part of the decision.
But disagreement does not mean that users can really leave. Marwick and boyd (2018) remind us that privacy and surveillance are not experienced in the same way by everyone. For people who are more vulnerable because of age or social position, platforms are often not simple “use or do not use” tools. They are important channels for getting information, keeping in touch, and taking part in daily life.
As a result, leaving a platform is no longer a simple personal choice. It may mean losing contact, missing information, or even being excluded. In this sense, the privacy issue is not only about whether users have protected themselves well. It is also about the fact that some users never had the same conditions to protect themselves in the first place.
This inequality is especially clear in cases involving children and teenagers. In February 2026, the UK Information Commissioner’s Office fined Reddit £14.47 million. The regulator said that Reddit had failed to put in place effective age-checking measures. The regulator also said that Reddit had not handled the personal data of children under 13 in line with the law and had not carried out proper risk assessments in time (Information Commissioner’s Office [ICO], 2026).
Minors are often more vulnerable in digital privacy disputes. Image source: Information Commissioner’s Office
This makes the privacy issue more complex. The issue is not only whether users protected themselves well. The issue is also who never had the same conditions to protect themselves. Once we frame the question in this way, privacy becomes closely connected to inequality. Some users have more knowledge, time, and flexibility. Others face stronger dependence and weaker bargaining power. That means the burden of privacy protection is not shared evenly.
Overall, this article does not mainly ask why users seem contradictory. It asks why people find it so hard to leave platforms that they do not fully trust. The answer may not be complicated. Today’s platforms are no longer just tools. They have become part of daily life. We use them to contact friends, receive notices, get information, and manage study and work. In many situations, people now turn to these platforms by default.
For this reason, privacy cannot become only a private worry for users. It also cannot be reduced to the simple advice to “just be careful.” Personal caution and judgment still matter, but they are far from enough. When platforms control the rules, the data, and the points of access, ordinary users often have to adapt to a system that users cannot clearly see. They do not make choices under truly clear and equal conditions.
This does not mean that users have no responsibility at all. People still make choices, and personal caution still matters. However, responsibility cannot stay only with users. That approach places too much weight on individuals and too little weight on the systems around them.
If platforms shape the conditions of everyday participation, then platforms should also carry clearer duties. They should explain data use in ways that ordinary people can understand. They should limit new uses of data that move too far from the original context. They should also make refusal more meaningful, rather than hiding it inside long notices or complex settings.
Without these changes, privacy will remain something that users are told to manage alone, even when they do not control the system in which that management is supposed to happen. A better response should begin with a simple idea: users should not carry the whole burden by themselves. Platforms make the rules, shape the choices, and benefit from the data. They should therefore take more responsibility for making those systems fairer and easier to understand.
In the end, the deeper concern is not whether we changed a few settings. The deeper concern is whether we still have a real right to refuse when platforms start to look like infrastructure, and whether platforms are truly required to take responsibility for their data practices. This is also why privacy is more than a personal problem. It is a public issue about power, fairness, and responsibility. When a system becomes ordinary and difficult to avoid, the question of privacy also becomes a question of digital rights. It becomes a question about what users should reasonably expect from services that now shape everyday communication, participation, and opportunity. If platforms benefit from becoming essential, then they should also accept stronger responsibility for the conditions they create.
References
Chen, Z. T., & Cheung, M. (2018). Privacy perception and protection on Chinese social media: A case study of WeChat. Ethics and Information Technology, 20(4), 279–289. https://doi.org/10.1007/s10676-018-9480-6
Flew, T. (2021). Regulating platforms. Polity.
Goggin, G., Vromen, A., Weatherall, K., Martin, F., Webb, A., Sunman, L., & Bailo, F. (2017). Digital rights in Australia. University of Sydney. http://hdl.handle.net/2123/17587
Information Commissioner’s Office. (2026, February 24). Reddit issued with £14.47m fine for children’s privacy failures. https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2026/02/reddit-issued-with-1447m-fine-for-children-s-privacy-failures/
Marwick, A. E., & boyd, d. (2018). Understanding privacy at the margins. International Journal of Communication, 12, 1157–1165. http://ijoc.org/index.php/ijoc/article/view/7050
Meta. (2025, April 14). Making AI work harder for Europeans. https://about.fb.com/news/2025/04/making-ai-work-harder-for-europeans/
Nissenbaum, H. (2018). Respecting context to protect privacy: Why meaning matters. Science and Engineering Ethics, 24(3), 831–852. https://doi.org/10.1007/s11948-015-9674-9
Be the first to comment