Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Thursday August 13 2020, @09:01PM   Printer-friendly
from the dark-patterns dept.

How Facebook and Other Sites Manipulate Your Privacy Choices:

Electronic Frontier Foundation was fed up with Facebook's pushy interface. The platform had a way of coercing people into giving up more and more of their privacy. The question was, what to call that coercion? Zuckermining? Facebaiting? Was it a Zuckerpunch? The name that eventually stuck: Privacy Zuckering, or when "you are tricked into publicly sharing more information about yourself than you really intended to."

[...] Researchers call these design and wording decisions "dark patterns," a term applied to UX that tries to manipulate your choices. When Instagram repeatedly nags you to "please turn on notifications," and doesn't present an option to decline? That's a dark pattern. When LinkedIn shows you part of an InMail message in your email, but forces you to visit the platform to read more? Also a dark pattern. When Facebook redirects you to "log out" when you try to deactivate or delete your account? That's a dark pattern too.

Dark patterns show up all over the web, nudging people to subscribe to newsletters, add items to their carts, or sign up for services. But, says says Colin Gray, a human-computer interaction researcher at Purdue University, they're particularly insidious "when you're deciding what privacy rights to give away, what data you're willing to part with." Gray has been studying dark patterns since 2015. He and his research team have identified five basic types: nagging, obstruction, sneaking, interface interference, and forced action. All of those show up in privacy controls. He and other researchers in the field have noticed the cognitive dissonance between Silicon Valley's grand overtures toward privacy and the tools to modulate these choices, which remain filled with confusing language, manipulative design, and other features designed to leech more data.

Those privacy shell games aren't limited to social media. They've become endemic to the web at large, especially in the wake of Europe's General Data Protection Regulation. Since GDPR went into effect in 2018, websites have been required to ask people for consent to collect certain types of data. But some consent banners simply ask you to accept the privacy policies—with no option to say no. "Some research has suggested that upwards of 70 percent of consent banners in the EU have some kind of dark pattern embedded in them," says Gray. "That's problematic when you're giving away substantial rights."

[...] Many of these dark patterns are used to juice metrics that indicate success, like user growth or time spent. Gray cites an example from the smartphone app Trivia Crack, which nags its users to play another game every two to three hours. Those kinds of spammy notifications have been used by social media platforms for years to induce the kind of FOMO that keeps you hooked. "We know if we give people things like swiping or status updates, it's more likely that people will come back and see it again and again," says Yocco. "That can lead to compulsive behaviors."

[...] Worse, Gray says, the research shows that most people don't even know they're being manipulated. But according to one study, he says, "when people were primed ahead of time with language to show what manipulation looked like, twice as many users could identify these dark patterns." At least there's some hope that greater awareness can give users back some of their control.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Informative) by Anonymous Coward on Friday August 14 2020, @12:49AM

    by Anonymous Coward on Friday August 14 2020, @12:49AM (#1036384)

    That website does clarify that a cookie banner with just an "accept" button is not allowed under GDPR; you have to give the user an option to reject cookies (and be informed that you're storing a single cookie that just says to not store any other cookies). But I've only ever seen ones with just the "accept" button.

    Starting Score:    0  points
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  

    Total Score:   2