When we empower users to control their identities, do those empowered to release personal information on behalf of a user have a responsibility to ensure the user understands what they're releasing?

I don't know. I do know that most computer interfaces continue to baffle users. Users seem just to want to click to make the dialog box go away. Dialog boxes mean something has happened. How do we train a user to be careful before releasing information?

From a legal standpoint, does a user truly consent to the release of data if the user didn't understand what they were releasing? What would be the standard for determining what a user knew or should have known?