I spend a lot of time talking to people about privacy and security, and I’ve come to recognize a pervasive learned helplessness: “All my information is out there already,” or “That ship has sailed.” I believe this helplessness comes from a mistaken sense that the problem is too big to be solved.

Many of us are painfully aware that our data is tracked and collected across our devices and apps. More and more Americans report that they care about privacy each year, and studies find that around 40% to 50% of people are actually taking steps (like adjusting their phone privacy settings, using a private browser or VPN, rejecting cookies, etc.) to protect their privacy.

With so many policies to read, settings to adjust, apps to download, and tools to pay for, while massive breaches continue to dominate headlines, it’s easy to feel that our efforts are futile, and nothing we do will be enough to protect our personal information.

This sense of helplessness is exacerbated by today’s privacy solutions which are largely app-based, and don’t address systemic vulnerabilities in the underlying network. Even with all the best privacy apps and data-sharing settings turned off, once your device attempts to connect to a cell tower, it reveals personal information about you—such as location, browsing behavior, and other metadata—that is then shared on an interconnected global network available for exploitation by hackers around the world.

This becomes particularly evident in the most recent cyberattack on AT&T, one of the largest mobile carriers in the U.S. Last week, the telco company confirmed that data of nearly all its customers was breached in a cybersecurity incident. The hack revealed call and text records, detailing with whom you communicated, from what location, and other highly sensitive information.

Even if customers took each of the aforementioned precautions, the basic act of using their phones to call or text their loved ones would have been registered in the breached call logs. Hackers can use those logs to see who you’ve communicated with, for how long, from what location, and other highly sensitive information. This allows fraudsters and other bad actors to create an incredibly complete picture of your closest relationships and enables them to impersonate your spouse, children, or friends for phishing attacks. If you’re in a sensitive profession, like journalism or mental health, hackers would now have a complete profile of every confidential client or contact who has called or texted you.

Though announced last week, this breach actually occurred in April of this year, the same month that the FCC fined AT&T, Verizon, and T-Mobile nearly $200 million for illegally selling customer location data to over 300 third-party aggregators, including bounty hunters and other potential bad actors.

Despite news of breach after breach, AT&T told regulators that “this incident is not reasonably likely to materially impact AT&T’s financial condition or results of operations.” In other words, AT&T doesn’t believe consumers will hold them accountable.

Indeed, part of the learned helplessness consumers experience stems from the lack of meaningful choices for cell service and the pervasive belief that privacy must be compromised for connectivity. Switching to another major carrier won’t solve the problem either. Major players—AT&T, Verizon, and T-Mobile—each suffer from weak and antiquated security measures, and engage in invasive data collection, pooling, and selling practices. These three companies collectively account for 95% of the mobile market, and the high cost and complexity of building network infrastructure make it incredibly difficult for new entrants to challenge the status quo.

It’s no wonder these telco giants feel immune to accountability. Yet, change is on the horizon, and three emerging trends are poised to disrupt this landscape.

Heightened consumer demand: More and more people prioritize privacy, resulting in heightened demand for security tools and practices.

Increased investment: Higher demand sparks more investment, both from the government and venture capital, stimulating greater innovation in capital-intensive, network-level privacy solutions.

Technological advancements: The advent of secure cloud-based technology and advanced software has reduced the reliance on physical hardware and infrastructure, lowering the barriers to entry for new competitors.

These dynamics are finally driving privacy solutions that operate at a fundamental, infrastructure level, giving people the option to truly opt out of privacy sacrifices that had, until recently, been inherent in modern life.

Telco giants like AT&T believe that the constant drumbeat of major breaches won’t impact their financial or operational performance and that people will continue to compromise privacy and security for convenience. With alternatives arising, we finally have the opportunity to prove them wrong.