
Meta rolled out an AI image-generation feature on Instagram in early July with opt-out as the default, sparking swift creator backlash that forced the company to reverse course within three days. The incident highlights a broader Silicon Valley pattern of enrolling users in AI tools and data-collection features by default, shifting the burden to individuals to dig through settings to protect their privacy—a practice privacy experts argue demands federal regulation, particularly in the absence of U.S. standards comparable to Europe's GDPR.
Summaries like this, in your inbox every morning.
Sign up free →What happened
In early July, Meta launched a feature allowing users to tag Instagram accounts and generate AI images using their likenesses—enabled by default, requiring users to actively opt out. After three days of viral criticism from creators, Meta reversed the decision, stating the feature "missed the mark."
Why it matters
Tech companies increasingly enable AI features and data-collection settings by default, banking on the fact that most users stay enrolled rather than hunting through settings to disable them. Privacy experts say this practice puts the burden on users to protect themselves, and argue that the U.S. lacks the centralized privacy standards (like Europe's GDPR) that would make privacy-protective options the default instead.
What to watch
Public backlash against Meta's Instagram AI feature was notably swift—three days from launch to reversal—suggesting growing user resistance to opt-out-by-default AI rollouts. Regulatory experts believe this sentiment may finally push federal privacy legislation closer to reality, though past attempts at the national scale have failed.
In early July, Meta launched a feature enabling users of its AI app to tag public Instagram accounts and generate images of those accounts' likenesses. The feature was enabled by default, meaning Instagram users had to take active steps to opt out if they wished to prevent their images from being used in this way. The decision provoked swift and vocal backlash. Multiple Instagram creators posted viral videos explaining how to disable the feature and expressing frustration with the default-on approach. Creator Sam Sooin Yang posted an Instagram video that accumulated over 3 million views, saying: "They should have given you the option to opt in rather than opt out. But I am really getting tired of these companies pushing this AI stuff on us when we don't want to use it." Within three days, Meta issued a statement acknowledging that "this feature missed the mark" and rolled back the Instagram tagging capability for its AI chatbot.
The rapid reversal was notable enough to draw comment from privacy advocates. Thorin Klosowski, a senior security and privacy activist at the Electronic Frontier Foundation, told the article's author that the response was "a clear and immediate pushback" and called it encouraging: "Honestly, it was great to see how quickly that happened." For context, the author noted that "three days from lights on to lights off for a generative AI feature has to be some kind of record."
However, Meta's broader approach to privacy settings remains problematic, according to experts interviewed. The company defaults users into multiple data-collection and feature-sharing settings: beyond the Instagram AI tool, Meta also operates "Enhanced Browsing," which tracks websites visited in-app on mobile devices, and users must actively opt out to disable it. Meta spokesperson Daniel Roberts responded to criticism by stating in an email to WIRED: "We've built a wide array of settings and controls to help people make the privacy choices that are right for them and shape their experiences across our platforms. We also conduct and fund extensive research to develop controls and data practices that are easy for people to use and understand, including through cross-industry organizations like TTC Labs."
Privacy experts dispute that individual effort can solve a systemic problem. Woodrow Hartzog, a professor at Boston University's law school, explained the mechanism: "People tend to stick with whatever the default option is. So, if the default option is that you're enrolled, you're probably going to stay enrolled." He pointed to Article 25 of the European Union's General Data Protection Regulation (GDPR) as a better model. "The idea is that you have to build your systems to collect only what you need and nothing more," Hartzog said. "And, if one of the options is more privacy protective than the other one, then by default, the more privacy protective option needs to be pre-selected." Ben Winters, director of AI and privacy at the Consumer Federation of America, noted that Meta's behavior is not unique: "This type of behavior is not unique for Meta. They are stewards of the opt-out status quo that we find ourselves in, without adequate privacy regulation in the States."
Regulatory experts argue that the U.S. needs federal intervention. Winters characterized the current patchwork as "the perfect recipe for something that needs federal government intervention," adding: "That's what legislatures and governments are there for: to protect people where they are unable to protect themselves and constrain companies from doing things that are particularly abusive and deceptive at scale." While national privacy legislation has failed repeatedly, Winters expressed optimism that public sentiment—exemplified by the rapid backlash to Meta's Instagram move—has brought federal regulation closer to reality than it was a decade ago. The stakes, according to Hartzog, extend beyond individual discomfort with privacy menus: "When you design tools in particular ways, there are foreseeable uses of those tools. If a company automatically opts millions of users into a deepfake tool, then a world filled with even more deepfakes becomes more possible."
Meta's swift reversal of its Instagram AI tagging feature reflects a turning point in how the public perceives company control over data and AI use. The three-day turnaround—faster than most generative AI policy reversals—suggests that vocal creator pushback and viral education about opt-out mechanisms can still move the needle, even for major platforms. However, the underlying problem persists across Silicon Valley: companies systematically default new users into AI tools and data-sharing features, exploiting what behavioral science calls the "default effect," where people tend to stick with whatever setting a company pre-selects. Meta is not alone in this practice; the article notes similar patterns at Google (with its "Ask Gemini" feature in Docs), Dropbox, and LinkedIn.
Privacy experts in the article argue that the solution lies not in expecting individual users to navigate labyrinthine settings, but in shifting the legal and regulatory framework. The GDPR's requirement that privacy-protective options be pre-selected by default offers a model, though the U.S. lacks comparable federal standards. Currently, Americans rely on scattered state laws (California, Maryland) that fall far short of comprehensive protection. Regulatory experts quoted in the article characterize this fragmented landscape as "the perfect recipe" for federal intervention, and suggest that growing public sentiment—evidenced by the speed and volume of backlash to Meta's Instagram move—may finally create political momentum for federal privacy legislation after decades of failed attempts.
AI-summarized, only the topics you pick — one digest a day via Email, Slack, or Discord.
Free · takes 30 seconds · unsubscribe anytime
No discussion yet for this article
Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.
Get Started FreeFree · takes 30 seconds · unsubscribe anytime
1 minute a day. The AI essentials.
200+ sources · Email / LINE / Slack