Either encrypt it such that only the authorized user can read it, or require the authorized user to retrieve it directly. Or don't lead users to expect that you're offering any privacy.
From the user's point of view, authorizing some other user to read something doesn't mean authorizing whoever runs that user's instance to read it. If your protocol has an architectural problem with that, it means you designed your protocol wrong.
> Either encrypt it such that only the authorized user can read it, or require the authorized user to retrieve it directly.
> From the user's point of view, authorizing some other user to read something
You keep using the singular "user", but the posts in question are not messages between one user and one other user but rather "followers only", such that anyone who follows the account is authorized to read the post.
> doesn't mean authorizing whoever runs that user's instance to read it.
That wasn't even the issue.