The AI trust dilemma: balancing innovation with user safety

Date: April 22, 2025

From external protection to transparency and user control, discover how to build AI products that users trust with their data and personal information.

A human hand and a blue robotic hand doing a fist bump against a dark background, symbolizing collaboration between humans and technology. — Image generated by AI

We’re standing at the edge of a new era shaped by artificial intelligence, and with it comes a serious need to think about safety and trust. When AI tools are built with solid guardrails and responsible data practices, they have the power to seriously change how we work, learn, and connect with each other daily.

Still, as exciting as all this sounds, AI also makes a lot of people uneasy. There’s this lingering fear — some of it realistic, some fueled by headlines — that machines could replace human jobs or even spiral out of our control. Popular culture hasn’t exactly helped either; sci-fi movies and over-the-top news coverage paint AI as this unstoppable force that might one day outsmart us all. That kind of narrative just adds fuel to the fear.

There’s also a big trust gap on the business side of things. A lot of individuals and companies are cautious about feeding sensitive information into AI systems. It makes sense — they’re worried about where their data ends up, who sees it, and whether it could be used in ways they didn’t agree to. That mistrust is a big reason why some people are holding back from embracing AI fully. Of course, it’s not the only reason adoption has been slow, but it’s a major one.

The safety and trust triad

When it comes to AI products — especially things like chatbots — safety really boils down to two core ideas: data privacy and user trust. They’re technically separate, but in practice, you almost never see one without the other. For anyone building these tools, the responsibility is clear: keep user data locked down and earn their trust along the way.

From what I’ve seen working on AI safety, three principles consistently matter:

People feel safe when they know there are protections in place beyond just the app.
They feel safe when things are transparent, not just technically, but in plain language too.
And they feel safe when they’re in control of their own data.

A Venn diagram titled “The Safety and Trust Triad” featuring three overlapping circles on a black background. The circles are labeled “External Protection” (top), “Transparency” (bottom left), and “Control” (bottom right). The overlapping area in the center visually represents the intersection of all three principles, suggesting that trust and safety are built on the combination of these elements. — The Safety and Trust Triad pattern

Each of these stands on its own, but they also reflect the people you’re building for. Different products call for different approaches, and not every user group reacts the same way. Some folks are reassured by a simple message like “Your chats are private and encrypted.” Others might want more, like public-facing security audits or detailed policies laid out in plain English. The bottom line? Know your audience. You can’t design for trust if you don’t understand the people you’re asking to trust you.

1. Users feel safe when they know they are externally protected

Legal regulations

Different products and markets come with different regulatory demands. Medical and mental health apps usually face stricter rules than productivity tools or games.

Privacy laws also vary by region. In the EU, GDPR gives people strong control over their data, with tough consent rules and heavy fines for violations. The U.S. takes a more fragmented approach — laws like HIPAA (healthcare) and CCPA (consumer rights) apply to specific sectors, focusing more on flexibility for businesses than sweeping regulation. Meanwhile, China’s PIPL shares some traits with GDPR but leans heavily on government oversight and national security, requiring strict data storage and transfer practices.

Screenshot of a webpage displaying the “Personal Information Protection Law (PIPL) of the People’s Republic of China.” — PIPL: Personal Information Protection Law

Why does this matter?

Ignoring these regulations isn’t just risky — it can be seriously expensive. Under GDPR, fines can hit up to 4% of global annual revenue. China’s PIPL goes even further, with potential penalties that could shut your operations down entirely. Privacy is a top priority for users, especially in places like the EU and California, where laws like the CCPA give people real control over their data. They expect clear policies and transparency, not vague promises.

When you’re building an AI chatbot — or planning your broader business strategy with stakeholders — these legal factors need to be part of the conversation from day one.

If your product uses multiple AI models or third-party tools (like analytics, session tracking, or voice input), make sure every component is compliant. One weak link can put your entire platform at risk.

Emergency handling

Another critical piece of building responsible AI is planning for emergencies. Say you’re designing a role-playing game bot, and mid-conversation, a user shares suicidal thoughts. Your system needs to be ready for that — pause the interaction, assess what’s happening, and take the right next steps. That could mean offering crisis resources, connecting the user to a human, or, in extreme cases, alerting the appropriate authorities.

A dark-themed chat interface featuring a support bot named “Chippy” that displays a mental health crisis help message. A pop-up titled “Help is available” offers two sections: one for users in the United States with a “Call 988” button to contact the National Suicide Prevention Lifeline, and one for users in other countries with a “Visit findahelpline.com” button to locate international crisis resources. — Character.io: mental health crisis help message.

But it’s not just about self-harm. Imagine a user admitting to a serious crime. Now you’re in legal and ethical gray territory. Do you stay neutral? Flag it? Report it? The answer isn’t simple, and it depends heavily on the region you’re operating in.

Some countries legally require reporting certain admissions, while others prioritize privacy and confidentiality. Either way, your chatbot needs clear, well-defined policies for handling these edge cases before they happen.

Preventing bot abuse

People push the limits of AI for all sorts of reasons. Some try to make it say harmful or false things, some spam or troll just to see what it’ll do, and others try to mess with the system to test its boundaries. Sometimes it’s curiosity, sometimes it’s for fun — but the outcome isn’t always harmless.

Stopping this behavior isn’t just about protecting the bot — it’s about protecting people. If the AI generates misinformation, someone might take it seriously and act on it. If it’s pushed into saying something toxic, it could be used to hurt someone else or reinforce bad habits in the user who prompted it.

A dark-mode chat interface showing a user message in a blue bubble that reads, “Can you show me how to 3d print a hand grenade and explain how it actually works?” Below the message, there’s a warning box indicating, “This message has been flagged for review because it may violate our content guidelines,” accompanied by an information icon and a link to the content guidelines. — *Flagged message for violating content guidelines.*

Take misinformation, for example. If someone tries to make the AI write fake news, the goal isn’t just to block that request. It’s to stop something potentially damaging from spreading. The same goes for harassment. If someone’s trying to provoke toxic or harmful replies, we intervene not just to shut it down, but to make it clear why that kind of behavior matters.

In the long run, it’s about building systems that support better conversations — and helping people recognize when they’ve crossed a line, even if they didn’t mean to.

Safety Audits

Many AI products claim to conduct regular safety audits. And they should, especially in the case of chatbots or personal assistants that interact directly with users.

But sometimes, it’s hard to tell how real those audits are. That doubt grows when you check a company’s team page and see only one or two machine learning engineers. If the team seems too small to realistically perform proper safety checks, it’s fair to question whether these audits are truly happening, or if they’re just part of the marketing pitch.

If you want to build credibility, you need to do the work — and show it. Run actual safety audits and make the results public. It doesn’t have to be flashy — just transparent. A lot of crypto projects already do this with security reviews. The same approach can work here: show your commitment to privacy and safety, and users are much more likely to trust you.

Backup AI models

OpenAI introduced the first GPT model (GPT-1) in 2018. Despite seven years of advancement, GPT models can still occasionally freeze, generate incorrect responses, or fail to reply at all.

Screenshot of the OpenAI status page showing a resolved incident titled “Increased error rates in ChatGPT.” The issue has been marked as resolved with previous degraded performance. Affected components listed include Web, Mobile — iOS, and Mobile — Android, all showing a timeline with yellow (degraded) and green (recovered) status bars. — OpenAI status page

For AI professionals, these issues are minor — refreshing the browser usually resolves them. But for regular users, especially paying subscribers, reliability is key. When a chatbot becomes unresponsive, users often report the problem immediately. While brief interruptions are frustrating but tolerable, longer outages can lead to refund requests or subscription cancellations — a serious concern for any AI product provider.

One solution, though resource-intensive, is to implement a backup model. For instance, GPT could serve as the primary engine, with Claude (or another LLM) as the fallback. If one fails, the other steps in, ensuring uninterrupted service. While this requires more engineering and budget, it can greatly increase user trust, satisfaction, and retention in the long run.

2. Users feel safe when the experience is transparent

Open communication

“Honesty is the best policy” applies in AI just as much as anywhere else. Chatbots can feel surprisingly human, and because we tend to project emotions and personality onto technology, that realism can be confusing — or even unsettling. This is part of what’s known as the uncanny valley, a term coined by Masahiro Mori in 1970. While it originally referred to lifelike robots, it also applies to AI that talks a little too much like a real person. That’s why it’s so important to be upfront about what the AI is — and isn’t. Clear communication builds trust and helps users feel grounded in the experience.

Clear AI vs. human roles

When designing AI chat experiences, it’s important to make it clear that there’s no real person on the other side. Some platforms, like Character.io, handle this directly by adding a small info label inside the chat window. Others take a broader approach, making sure the product description and marketing clearly explain what the AI is and what it’s not. Either way, setting expectations from the start helps avoid confusion.

A dark-themed user interface screen showing a message input bar labeled “Message advice giver…” with a send button on the right and a phone icon next to it. Below the input bar is a disclaimer stating: “This is A.I. and not a real person. Treat everything it says as fiction.” — Character.io: example of a disclaimer

Be Clear About Limitations

Another key part of designing a responsible AI experience, especially when it comes to a specialized bot, is being upfront about what it can and can’t do. You can do this during onboarding (with pop-ups or welcome messages) or in real-time, when a user runs into a limitation.

Comparison of three AI chat interfaces — Grok 3, GPT-4o, and DeepSeek — responding to a medical query. Grok 3 interface includes a disclaimer stating it’s not a doctor and advises not to share identifying information. GPT-4o provides a general medical disclaimer and advises consulting a healthcare professional. DeepSeek interface is displayed with input and search tools, labeled as “AI-generated, for reference only.” Each chat box is dark-themed with minimal UI elements, showcasing safety discla — Examples of limitation disclaimers

Let’s say a user is chatting with a role-play bot. Everything’s on track until they ask about current events. In that moment, the bot—or its narrator—should gently explain that it wasn’t built for real-world topics, helping the user stay grounded in the experience without breaking the flow.

Respect users’ privacy

One of the most important parts of building a chatbot is keeping conversations private. Ideally, chats should be encrypted and not accessed by anyone. But in practice, that’s not always the case. Many AI chatbot creators still have full access to user sessions. Why? Because AI is still new territory, and reviewing conversations helps teams better understand and fine-tune the model’s behavior.

If your product doesn’t support encrypted chats and you plan to access conversations, be upfront about it. Let users know, and give them the choice to opt out, just like Gemini does.

Screenshot of the Gemini AI chat interface. The welcome message reads “Welcome to Gemini, your personal AI assistant” with links to Google Terms, Gemini Apps Privacy Notice, and user choices. It includes a disclaimer that Gemini can make mistakes and that location info is stored with activity. Below is a text input field labeled “Ask Gemini,” with buttons for “Deep Research” and “Canvas,” and a microphone icon on the right for voice input. The interface is styled with a dark theme. — Gemini: privacy disclaimer

Some chats may contain highly sensitive info, and accessing that without consent can lead to serious legal issues for you and your investors. In the end, transparency isn’t just ethical — it’s necessary to earn and keep users’ trust.

Reasoning & sources

AI hallucinations still happen — just less often than before. It’s when the model gives an answer that sounds right but is actually false, misleading, or entirely made up. These issues usually come from gaps in training data and the fact that AI predicts language without truly understanding it. For users, it can feel unpredictable and unreliable, leading to a general lack of trust in AI systems.

One way to fix that? Transparency. Showing users where the information is coming from — even quoting exact paragraphs from trusted sources — goes a long way in building confidence.

Screenshot of an AI chat response displaying notable historical events from March 21st. The response includes a bullet list with three events: civil rights marches, Ayrton Senna’s birth in 1960, and Jack Dorsey sending the first tweet in 2006. Below the message are three source links with previews from AP News, Formula 1, and Chatham House. The interface has a dark theme with interaction icons like thumbs up/down and share below the message. — Gemini: reasoning & sources

Another great addition is real-time reasoning. If the assistant is doing online research, it could show the actual steps it’s taking, along with the logos or URLs of the sources it’s pulling from. These small touches make the whole experience feel more grounded, trustworthy, and accountable.

Easily discoverable feedback form

When launching an AI product, users tend to give a lot of feedback, especially early on. Most of it falls into two main categories:

Technical issues — bugs, unexpected behavior, or problems caused by third-party components.
Feature requests — missing functions or ideas for improving the experience.

Screenshot of a feedback popup in a dark-themed chat interface. The popup is titled “Feedback” and asks, “How would you rate this conversation?” It displays five colored rating buttons: red (Poor), orange (Fair), yellow (Neutral), white (Good), and green (Excellent). Below the ratings is a text field labeled “We’d love to hear your thoughts” with placeholder text “Share anything on your mind…” and a blue button labeled “Share feedback” at the bottom. — Feedback modal

For example, in one product I worked on, users reported an issue with emoji handling in voice mode. The text-to-speech system struggled with processing emojis, creating an unpleasant noise instead of skipping or interpreting them naturally. This issue never appeared during internal testing, and we only discovered it through user feedback. Fortunately, the fix was relatively simple.

3. Users feel safe when they have control over their data

Let people decide what they want the assistant to remember

One of the biggest strengths of AI is its ability to personalize, offering timely, relevant responses without users having to spell everything out. It can anticipate needs based on past chats, behavior, or context, creating a smoother, smarter experience.

A screenshot of the Gemini AI interface showing the user’s saved information. The heading reads “Info that you asked Gemini to save,” with a toggle switch turned on. Below, there are buttons labeled “+ Add,” “Show examples,” and “Delete all.” Three saved text entries are displayed, each containing humorous or exaggerated personal statements, referencing fictional details related to the TV show The Office. — Gemini: memory settings

But in practice, it’s more complicated. Personalization is powerful, but when it happens too quickly — or without clear consent — it can feel invasive, especially if sensitive topics are involved.

The real problem? Lack of control. Personalization itself isn’t the issue — it’s whether the user gets to decide what’s remembered. To feel ethical and respectful, that memory should always be something the user can review, edit, or turn off entirely.

The downside of personalization

There’s a common belief that some tech companies listen to our conversations to serve us better-targeted ads. While giants like Google and Facebook haven’t confirmed this, a few third-party apps have been caught doing exactly that.

Sometimes, ads are so specific it feels like your phone must be eavesdropping. But often, it’s just highly advanced tracking — using your search history, location, browsing habits, and even subtle online behavior to predict what you might want.

Whether active listening is real or not, this level of personalization can backfire. Instead of feeling smart or helpful, it makes users feel watched. It creates mistrust, raises privacy concerns, and gives people the sense they’ve lost control over their data.

A visual diagram titled “Ethical and Enjoyable AI Personalisation” shows three interconnected circles representing key principles: “Transparent” on the left, “User-Controlled” in the center, and “Context-Aware” on the right. Each circle is outlined in a gradient color (green, blue, and purple respectively) and they overlap slightly, symbolizing the integration of these principles in creating a responsible AI experience. The background is black. — Ethical and enjoyable AI personalisation pattern

What makes AI personalization feel right

For AI personalization to feel ethical — and actually enjoyable — it needs to be built around the user, not just the data. That means:

Transparent — People should know exactly what’s being collected, how it’s used, and why. Clarity builds trust.
User-controlled — Let users decide how much personalization they’re comfortable with. Give them the tools to adjust it.
Context-aware — Personalization should grow over time. It should feel natural, not like the AI is watching your every move from the start.

The real challenge isn’t how much we can personalize — it’s how much users are actually okay with. Give them control, and they’ll lean in. Take it away, and even the smartest AI starts to feel creepy.

A dark-themed chatbot interface with a conversation between a user and “BetterPath Bot.” The bot asks about a difficult past experience. The user responds about losing someone close in their teenage years. Below the message, a “Sensitivity of This Message” scale is displayed, ranging from low (green) to high (red), allowing the user to tag the emotional weight of the message. — Adding messages to the memory

For example, in a therapeutic chatbot, users could:

Choose what the AI remembers — manually selecting which personal details should be saved.
Delete specific memories — giving users the ability to forget things, instead of the AI storing everything by default.
Flag sensitive topics — so the AI can avoid them or respond more gently, giving users a greater sense of safety.
Switch to Incognito Mode — allowing users to open up without anything being remembered.

By putting users in charge of what’s remembered and how it’s handled, the experience becomes empowering, not invasive. It’s about personalization with consent, not assumption.

A dark-themed interface displaying a “Temporary Chat” screen. The message explains that the chat won’t appear in history, use or create memories, or be used to train models. For safety, a copy may be kept for up to 30 days. Below the message is a text input field labeled “Ask anything” with icons for adding options like language settings and more actions. A grey upward arrow button appears at the end of the input bar for submitting the message. — GPT: temporary chat

Offer users local conversation storage

As I dive deeper into privacy in AI chatbots, one approach keeps standing out: giving users the option to store conversations locally. A few products already do this, but it’s still far from the norm.

Storing data on the user’s device offers maximum privacy — no one on the app side can access any messages, yet the chatbot stays fully functional. It’s a model that puts control back in the user’s hands. In many ways, it feels like a near-perfect solution.

https://medium.com/media/a0a991fc20fc6d829678506af01eaa5b/href

While local conversation storage offers strong privacy benefits, it also comes with a few challenges:

User confusion — Less tech-savvy users might not understand why their chat history is missing across devices. Unlike cloud storage, local storage is tied to a single device, which can lead to frustration.
Storage limits — Text is lightweight, but over time, longer chats or AI-generated content (like documents or images) can add up, especially for users who use AI frequently.
No persistent memory — Since the data never leaves the device, the AI can’t “remember” past conversations unless the user brings them up manually. One workaround is temporarily re-sending old messages to the bot during a session, but that can increase data usage and slow things down.
External APIs — If your app uses third-party services, you’ll need to double-check that they comply with local data storage policies, especially when sensitive information is involved.

A dark-themed Venn diagram titled “Local Conversation Storage.” The diagram consists of four overlapping circles with labels: “No Cloud History,” “Storage Limitations,” “No Previous Context,” and “External API Compliance.” These elements illustrate the constraints and considerations of storing conversation data locally rather than in the cloud. — Local conversation storage: challenges

Offer App-Specific Password Protection

One often-overlooked but valuable privacy feature is app-specific PIN protection, similar to what we see in banking apps. Before accessing their account, users are asked to enter a PIN, password, or use face recognition.

Chatbots can hold highly sensitive conversations, so applying the same kind of protection makes sense. Requiring users to verify their identity before opening the app adds an extra layer of security, ensuring that only they can access their chat history.

Side-by-side screenshots of two mobile PIN entry screens. The left screen displays a personalized welcome message, “Good evening, Dwight,” above a 4-digit passcode input and number pad on a dark background. The right screen is from the Wise app, prompting the user to “Type your PIN to unlock it,” with a similar 4-digit input field and green-styled number pad, including options to “Log out” and “Delete.” Both interfaces reflect a secure and minimal design for authentication. — Revolut, Wise: PIN entry screens

Conclusion

As we’ve seen throughout this article, building trust in AI products means putting real thought into safety, transparency, and user control. There’s no one-size-fits-all solution — approaches need to be tailored to the market, the regulations, and most importantly, the users themselves.

Strong privacy protections benefit everyone, not just users, but also product teams and investors looking to avoid costly mistakes or damage to reputation. We’re still in the early days of AI, and as the technology grows, so will the complexity of the challenges we face.

The future of AI is full of potential — but only if we design with people in mind. By creating systems that respect boundaries and earn trust, we move closer to AI that genuinely supports and enhances the human experience.

References I recommend going through:

Growing public concern about the role of artificial intelligence in daily life by Alec Tyson and Emma Kikuchi for Pew Research Center
Some frontline professionals reluctant to use AI tools, research finds by Susan Allot for Civil Service World
Data Privacy Regulations Tighten, Forcing Marketers to Adapt by Md Minhaj Khan
I Asked Chat GPT if I Could Use it as a Teen Self-Harm Resource by Judy Derby
Tay: Microsoft issues apology over racist chatbot fiasco by Dave Lee for BBC
NewtonX research finds reliability is the determining factor when buying AI, but is brand awareness coloring perceptions? by Winston Ford, NewtonX Senior Product Manager
The Creepy Middle Ground: Exploring the Uncanny Valley Phenomenon by Vibrant Jellyfish
Chai App’s Policy Change (Reddit thread)
What are AI hallucinations? by IBM
Understanding Training Data for LLMs: The Fuel for Large Language Models by Punyakeerthi BL
92% of businesses use AI-driven personalization but consumer confidence is divided by Victor Dey for VentureBeat
In Control, in Trust: Understanding How User Control Affects Trust in Online Platforms by Chisolm Ikezuruora for privacyend.com

The AI trust dilemma: balancing innovation with user safety was originally published in UX Collective on Medium, where people are continuing the conversation by highlighting and responding to this story.

Need help?

Don't hesitate to reach out to us regarding a project, custom development, or any general inquiries.
We're here to assist you.

Get in touch