Somehow, we’ve made it all the way to 2018 without really understanding that tech companies may or may not have our best interests at heart, specifically when it comes to privacy.

This is the year that all heck broke loose for Facebook, for example, who has suffered privacy blunders both accidental and intentional. From accidentally setting millions of users’ posts to Public to siphoning off profile data for Cambridge Analytica (then reportedly refusing to acknowledge if they have any intention of paying the hefty UK fine lobbed at them), it’s not a good time to work with Zuckerberg and company.

But that’s only one company, right?

Not exactly. Google’s popular Gmail platform has been hit hard by privacy accusations as well due to its allowable third-party browser plug-ins. These extensions included ones that sifted through users’ email inboxes, not just in a “it’s automated and makes the experience better” kind of way, but in a more focused, one-by-one with human eyes invasion of privacy.

One thing that companies are discovering is that the legalese of the terms and conditions might not be enough to save them. Even if it holds up in court, the court of public opinion might have a very different verdict. For a company that was already struggling to remain relevant with younger users, you’d think Facebook would have done more to cater to their concern over security. Instead, the Cambridge Analytica scandal and others cost the company financially in terms of stock value and advertising revenue, a grave situation at a time when more than half of Americans say they do not trust the social media platform to obey current privacy laws.

So what can be done to regain trust?

In order to recover from the privacy nightmare of its own doing, tech companies may have to rein in the very thing that makes them so useful: third-party compatibility. These popular add-ons, extensions, social media games, and more may be up to the users to install, but it’s up to the companies who promoted them to make sure the public is aware of the ramifications. As Russell Brandom pointed out for The Verge, “Whether permissions were granted or not, Gmail users gave up incredibly sensitive information, sometimes without realizing what they were doing.”

Regardless of who’s at fault for installing and using tech that violates expectations of privacy, the end result is a customer base who is growing tired of the tech industry’s backroom collaborations, legal or not, that they didn’t know about. Full transparency about how data can and will be used might be the only thing that saves their brands.

Moving away from Facebook? Here are some alternative messaging platforms for a post-Cambridge Analytica world.