On May 17th, 2024, a user on Hacker News quoted a paragraph from Slack's Privacy Principles page. It read: "To develop AI/ML models, our systems analyze Customer Data (e.g. messages, content, and files) submitted to Slack as well as other Information." To opt out, the page said, you emailed an address at Slack and asked. The thread filled up before lunchtime. Slack and Salesforce moved within forty-eight hours — a clarifying blog post, updated privacy language, executives on record saying customer data was not training third-party LLMs and never had been. The official position was that the page was outdated copy, not policy.
The fix was the easy part. The trust hit had already happened, and it had happened to a member of the Salesforce family.
(For readers who don't follow Salesforce: "Trust is our #1 value" is not a marketing line the company occasionally reaches for. It is the first item on every all-hands deck, painted on the wall of the San Francisco tower, repeated at the front of every keynote Marc Benioff has given for the better part of two decades. trust.salesforce.com, the public uptime board, predates AWS's. Trust is, structurally, the brand. The pitch to a CRM buyer for twenty-five years has been that the person on the other side of the SaaS contract is the one who will not screw you on this.)
In April 2026, an admin in a real production Salesforce org opens Setup, types "opt out" into the search box, and lands on a page titled Opt Out of Customer Data Access. The URL slug is EinsteinOptOut/home. The toggle at the top of the page is on. Below it, in a paragraph headed "Salesforce has your consent to access and use Customer Data for the following purposes":
- Train global predictive AI models for use by the services and features to which you have access
- Improve services and features to which you have access
- Conduct research into and development of new services and features
If the admin clicks the toggle off, a modal appears asking them to confirm they want to "Stop Allowing Customer Data Access". The fine print, highlighted in yellow, reads: "When turned off, Salesforce employees can't view your Customer Data outside of a support case, a pilot, or as otherwise described in your legal agreements." The button to confirm is red. The button to cancel is "Never Mind".
A few things stack up at once.
The URL slug is the tell. EinsteinOptOut is what the page is called inside the Salesforce codebase. Einstein — the older generation of Salesforce ML — has been opt-out by default for years , and Salesforce explained it as "global models" trained on anonymised, aggregated customer data: opt out, get less useful Einstein for small datasets. That trade was self-contained. Two of the three bullets currently on the page are not about Einstein. They are about improving Salesforce as a product, and conducting R&D for new services. The page absorbed them. The URL did not change.
The default is on. Inaction is consent. Most admins running a Salesforce org will never visit Setup → Opt Out of Customer Data Access once, let alone often enough to notice that the scope of what they were consenting to has widened. The mechanism is old. Adobe, Zoom, and Slack all walked into the same trap inside about a year of each other, and in each case the company's response was a clarifying blog post written after the screenshot had already gone around. The shape of the page above is the shape that broke trust for those companies.
The framing is asymmetric. The yellow-highlighted warning describes the cost of turning the toggle off — slower support, narrower carve-outs, employees who can no longer view your data outside a support case. There is no equivalent yellow-highlighted disclosure on the toggle-on side describing what happens when the toggle stays on. The path of least UX resistance points one way only.
The criticism worth making here is narrow. Salesforce's Trust documentation is clear that the data feeding global predictive models is anonymised and aggregated, and the Einstein Trust Layer is genuinely better-designed than what most enterprise SaaS shipped during the LLM rush. The complaint is not that Salesforce is selling customer data, or that raw CRM rows are being fed into a training pipeline. The complaint is about the page above.
That page used to be a narrow opt-out for Einstein global models. Today it is a consent form covering AI training, product improvement, and R&D into new services — with the toggle default-on, and a yellow-highlighted disclosure that only describes the cost of switching it off. Each of those changes is small. The pattern they form is not.
It is happening now because Salesforce needs it to. As I argued in the last post , Headless 360 is asking customers to do less inside Salesforce — which makes the data inside Salesforce more strategically valuable to Salesforce, not less. When seats are softening and the UI is becoming optional, the data has to do more work to keep the platform priced where it's priced. Default-off AI training is something a vendor ships from strength. That isn't where Salesforce is.
I have been close enough to this platform for long enough to feel the difference. The Salesforce that built a category by tuning every default for the most cautious customer in the room is not the Salesforce that ships this page. The gap between the trust the brand still claims and the trust the default state actually expresses is the part of the story worth naming. The data practices may be defensible. The defaults aren't.
No comments yet