3 min read

WordPress AI sparked a consent fight hosts can’t ignore

WordPress 7.0 made AI opt-in, but SiteGround turned on its own tool by default for customers. The backlash was less about AI than who gets to decide.

Image: TechRadar

WordPress 7.0 introduced AI into the CMS core for the first time in May, but the most important design choice may have been what it didn’t do: turn anything on automatically. Site owners have to connect a provider and enable AI themselves, so a routine upgrade leaves a site behaving exactly as it did before.

That opt-in approach set a clear boundary. The platform shipped the infrastructure, but left the decision with the person who owns the site. According to the author, co-founder of Flashcloud, that restraint mattered as much as the feature itself.

Within days, SiteGround took a different path. The managed WordPress host preinstalled and activated its own AI product for customers, set it as the default connector, and bundled free usage to encourage adoption. Its active-install count passed 1 million almost immediately, meaning many customers found new software already running on their sites without having enabled it.

The author is careful not to frame this as bad behavior. SiteGround is described as a reputable operator, and the product itself as solid engineering rather than a thin upsell. The logic is straightforward: native AI setup can be fiddly, and preinstalling it removes friction.

Why the backlash landed

The reaction, the piece argues, was not mainly anti-AI. Many critics already use AI tools regularly. The real issue was consent.

Recommended reading

Enterprise AI needs guarantees, not best effort

A feature can be useful and still feel wrong if it arrives without permission. “You can turn it off” is not the same as agreement, because it shifts the burden of noticing, understanding, and undoing the change onto the customer. A one-click setup option would offer the same convenience without taking the decision away from site owners.

That distinction also separates two kinds of host intervention:

  • Defensive changes, such as patching vulnerabilities or blocking malicious traffic
  • Product changes, such as installing and enabling new features

The first protects the customer and the platform. The second changes what the website is.

Where hosting providers should draw the line

The article’s central argument is simple: hosts should freely maintain the platform, but only change the product with a clear yes from the customer. That does not mean creating extra work. New tools can stay off by default while remaining easy to enable, and hosts can give multisite customers centralized controls rather than forcing them to check each site individually.

Clear advance notice matters too, especially when it includes a straightforward way to opt out. Without that, even an ordinary product decision can become a trust problem.

As AI becomes a default layer across the web, the author argues that hosting companies will keep facing the same tension: the most convenient choice for the operator will not always be the right one for the customer. The companies that keep that boundary intact will be protecting the thing customers are really paying for — confidence that nothing on their site changes unless they chose it, or unless the host is stepping in to protect it.

Marcus Vance

Enterprise Editor

Marcus follows the money. He covers enterprise software, cloud architecture, and the tectonic shifts in Big Tech strategy. He translates dense earnings calls and complex M&A activity into actionable insights about where the industry is actually heading. If a tech giant makes a silent pivot, Marcus is usually the first to notice.

via TechRadar

// Keep reading