This would affect all personally-produced data in training sets, including messages, works, actions, and metadata.
An emphatic Yes! Data privacy laws have taken an overwhelming shift in the United States, states such as California, Colorado, Connecticut, Utah, and Virginia have started the implementation of the new data privacy law (CCPA). the new privacy law basically puts the power of data ownership into the hands of the Data subjects, that is, those the data is or are about gets to decide who can collect, and what use it can be put to. Personal data is data, and more precisely it is data but specific to an individual's footprint online, the sharing of location, health and fitness data, financial transaction, data gathered on smart devices, communication data, even biometric data. considering the factors that arguably lead to the enactment of the law which is the 'mistrust from costumers fueled by government backed actions and competition within the tech space, i do not see how this will not happen. with the development of data cooperatives, seem like the idea has already been worked on and firms are finding ingenious ways to stay ahead. this i believe can happen comprehensively even before 2040.
@MrLuke255 I like the idea of being able to issue DMCA takedowns of my personal data, and/or for them to include DRM.
@kenakofer I feel like the scope of the question is just US law. T&C do not appear to be within the scope. I suspect that T&C would be adapted in anticipation of such legislation to have people waive or transfer their personal property rights in such data but I don't think that activity has any bearing on US law is concerning it.