Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Saturday July 30 2016, @05:49PM   Printer-friendly
from the read-all-the-terms dept.

Original URL: http://arstechnica.com/security/2016/07/dark-patterns-are-designed-to-trick-you-and-theyre-all-over-the-web/

Everyone has been there. So in 2010, London-based UX designer Harry Brignull decided he’d document it. Brignull’s website, darkpatterns.org, offers plenty of examples of deliberately confusing or deceptive user interfaces. These dark patterns trick unsuspecting users into a gamut of actions: setting up recurring payments, purchasing items surreptitiously added to a shopping cart, or spamming all contacts through prechecked forms on Facebook games.

Dark patterns aren’t limited to the Web, either. The Columbia House mail-order music club of the '80s and '90s famously charged users exorbitant rates for music they didn’t choose if they forgot to specify what they wanted. In fact, negative-option billing began as early as 1927, when a book club decided to bill members in advance and ship a book to anyone who didn’t specifically decline. Another common offline example? Some credit card statements boast a 0 percent balance transfer but don’t make it clear that the percentage will shoot up to a ridiculously high number unless a reader navigates a long agreement in tiny print.

“The way that companies implement the deceptive practices has gotten more sophisticated over time,” said UX designer Jeremy Rosenberg, a contributor to the Dark Patterns site. “Today, things are more likely to be presented as a benefit or obscured as a benefit even if they’re not.”

When you combine the interactive nature of the Web, increasingly savvy businesses, and the sheer amount of time users spend online, it’s a recipe for dark pattern disaster. And after gaining an awareness for this kind of deception, you’ll recognize it’s nearly ubiquitous.

With six years of data, Brignull has broken dark patterns down into 14 categories. There are hidden costs users don’t see until the end. There’s misdirection, where sites attract user attention to a specific section to distract them from another. Other categories include sites that prevent price comparison or have tricky or misleading opt-in questions. One type, Privacy Zuckering, refers to confusing interfaces tricking users into sharing more information than they want to. (It’s named after Facebook CEO Mark Zuckerberg, of course.) Though perhaps the worst class of dark pattern is forced continuity, the common practice of collecting credit card details for a free trial and then automatically billing users for a paid service without an adequate reminder.

But while hackers and even SEO firms are often distinguished as “white hat” or “black hat,” intent isn’t always as clear when it comes to dark patterns. Laura Klein, Principal at Users Know and author of UX for Lean Startups, is quick to point out that sometimes it’s just a really, really poor design choice. “To me, dark patterns are very effective in their goal, which is to trick the user into doing something that they would not otherwise do,” she said. Shady patterns, on the other hand, simply push the company’s agenda over the user’s desires without being explicitly deceptive.

-- submitted from IRC


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by GungnirSniper on Saturday July 30 2016, @06:58PM

    by GungnirSniper (1671) on Saturday July 30 2016, @06:58PM (#382019) Journal

    Nice to see Ars catching up to a submission here from a few months ago. [soylentnews.org] There are designs that are deceptive by design, such as most download sites. One recent post here that that "hidden is the new closed" is on target, even "Close" on Lync-Skype just minimizes it.

    This article on how online shoppers continue to double-click things [baymard.com] is also worth a read. Sometimes users do things that we computer-savvy folks wouldn't even thing of trying. The difference between local and online isn't an abstraction end users always understand.

    • (Score: 2) by darkfeline on Saturday July 30 2016, @07:48PM

      by darkfeline (1030) on Saturday July 30 2016, @07:48PM (#382031) Homepage

      Double-click causes more problems than it solves, if any. From an accessibility standpoint, double-clicking is a nightmare (for elderly users, for whom simply clicking once without moving the mouse off their intended target is difficult, imagine trying to click twice within a half-second window). Just add more buttons to mice, for god's sake, and maybe redesign your failed UI (hint: it's called GUI. Moving the keyboard to the mouse does not make the UI more user-friendly).

      --
      Join the SDF Public Access UNIX System today!
      • (Score: 0) by Anonymous Coward on Saturday July 30 2016, @10:33PM

        by Anonymous Coward on Saturday July 30 2016, @10:33PM (#382084)

        One click ought to be enough for anyone.

      • (Score: 2, Informative) by anubi on Sunday July 31 2016, @07:35AM

        by anubi (2828) on Sunday July 31 2016, @07:35AM (#382201) Journal

        Often, old mice double-click all by themselves. This can go on for a long time as many programs will treat it as one click.

        I have been using one of these old mice and did not know it was doubleclicking until I used it on Eagle ( PCB layout routing ), and it was confusing Eagle.

        ( The doubleclicking is caused by contact wear and corrosion - which results in an electrically noisy contact make ).

        --
        "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
      • (Score: 3, Interesting) by gidds on Thursday August 04 2016, @01:23PM

        by gidds (589) on Thursday August 04 2016, @01:23PM (#384045)

        EPOC had what I thought was a very good way around this: tap-to-select, tap-again-to-activate.  (EPOC was the OS used by touchscreen-based devices such as the Psion Series 5 and 7, and which developed into Symbian OS.)

        The way it worked was that if an on-screen object wasn't selected, a tap would select it (the same as most UIs); if it was selected, then a tap would action/open/activate it.  The effect was that a double-tap would usually do what you expected — but it didn't matter how long you left between taps, nor whether they were in exactly the same place.

        It seemed a very good and intuitive system, and a neat way around the existing problems of double-clicking, as well as the additional difficulties introduced by a touchscreen.  I'm surprised it wasn't picked up by any other UIs.

        --
        [sig redacted]
    • (Score: 3, Informative) by martyb on Sunday July 31 2016, @12:57AM

      by martyb (76) Subscriber Badge on Sunday July 31 2016, @12:57AM (#382121) Journal

      Thanks for the link to the article about users double-clicking on the web! Be sure to read the comments which point out a problem with the Safari browser's saving the last state of a page -- prevents you from getting back to a point where you could order another one of a given item.

      Also, beware of Windows CUA (common user access) violations in today's software. Those who have been around for a while, know that a dialog box typically has a message, and then below it, two buttons: [OK] [Cancel] It's amazing how many places have had the 'bright' idea of swapping the positions of those controls, and thus betraying one's muscle memory into okaying an action one wanted to avoid.

      Another trick is to color the buttons red (bad/stop) and green (good/go) and encourage the user to answer the way the vendor wants. Put both of these together and you get:

      Do you want to give us your e-mail address so we can send you coupons and notice of upcoming sales?
            <font color="red">[yes]</font>.  <font color="green">[no]</font>

      Not the best example, but I hope it makes the point.

      --
      Wit is intellect, dancing.
  • (Score: 1, Informative) by Anonymous Coward on Saturday July 30 2016, @07:07PM

    by Anonymous Coward on Saturday July 30 2016, @07:07PM (#382021)

    Or installing Mcafee when all you wanted to do was upgrade Flash player. While I don't do it just about everyone does it and I remove Mcafee from such unsuspecting computers until someone else reinstalls it unknowingly. Mcafee is more of a burden to your system than an aid and it's set to install by default unless you uncheck the hard to notice box.

    • (Score: 2) by SomeGuy on Saturday July 30 2016, @07:48PM

      by SomeGuy (5632) on Saturday July 30 2016, @07:48PM (#382030)

      Or installing Mcafee when all you wanted to do was upgrade Flash player.

      Why this kind of crap isn't outright illegal (especially when a product installs adware or malware) is just frikking crazy. On the other hand, it is an Adobe product so you do need a virus scanner or five to mange all the exploits. :P

      • (Score: 4, Funny) by Azuma Hazuki on Sunday July 31 2016, @05:55AM

        by Azuma Hazuki (5086) on Sunday July 31 2016, @05:55AM (#382183) Journal

        Yeah, but I'd rather hunt the fucking viruses manually with an electron microscope and a magnetized needle than use McAfee...

        --
        I am "that girl" your mother warned you about...
  • (Score: 2) by SomeGuy on Saturday July 30 2016, @07:39PM

    by SomeGuy (5632) on Saturday July 30 2016, @07:39PM (#382028)

    Basically what TFA says, but a slightly different take on it... When the web started invading desktop computers around 98 or so, people indiscriminately started using hyperlinks in places where they should have used buttons. Conceptually a button is supposed to perform an action or do something. A hyperlink is supposed to take you to information or open a document as it is a document metaphor. Really one should avoid hyper links in application dialogs, for example a button labeled [Help] is better than a hyper linked "click here to get help".

    Unfortunately not only have general UI guidelines gotten royally fucked up, but people have gotten used to them. Some of these deceptive interfaces likely exist just because someone was trying to copy the shit they saw in Windows 8. (Oh, BTW hopefully you got your Windows 10 upgrade? [Install Now] _small complex hidden opt out_. )

  • (Score: 1, Touché) by Anonymous Coward on Saturday July 30 2016, @08:50PM

    by Anonymous Coward on Saturday July 30 2016, @08:50PM (#382048)

    I simply stop using it.

    • (Score: 2) by KritonK on Sunday July 31 2016, @10:22AM

      by KritonK (465) on Sunday July 31 2016, @10:22AM (#382225)

      When a site or program has a hipster UI, I can't use it!

      How many times have you seen web sites, where you must scroll through endless screenfuls containing large images (or, worse, videos), with small amounts of huge text, preferably in some low-contrasting color, that conveys no information, just so that you can get to the list of links at the bottom, which may or may not point to the information that you want?

      Exercise for those not convinced: go to mozilla.org and try finding the page for thunderbird. Do not use a search engine and do not type the URL by hand, if you remember it or if you can guess it. (That's right. There is no link, but the layout is oh, so trendy.)

      • (Score: 3, Informative) by deimtee on Sunday July 31 2016, @01:33PM

        by deimtee (3272) on Sunday July 31 2016, @01:33PM (#382263) Journal

        Go to mozilla.org
        scroll to the bottom of the page.
        Click the "Need Help" spanner icon. A page loads with seven Mozilla products on it, including Thunderbird.
        Click on "Thunderbird". A page with 9 help topics and a big green "Download" button loads.
        Click on Download. A selection screen loads.
        Select your version and click it.

        --
        If you cough while drinking cheap red wine it really cleans out your sinuses.
        • (Score: 2) by KritonK on Monday August 01 2016, @02:01PM

          by KritonK (465) on Monday August 01 2016, @02:01PM (#382615)

          QED.

          So, by (their) definition, if I want actual information, I need help?

          The explanatory text says (hmmm... I have to type it by hand, as it is actually an image for no good reason) "Get answers to your questions about Firefox and all Mozilla products from our support team". I'd never have thought to follow that link, as I don't have a question about any of their products and I don't want to talk to their support team. I just want to visit the $%^$@^@ thunderbird page, so that I can download a fresh copy and/or see the release notes.

          And why, pray, is the destination of that link, which is a list of all their products, with a short description of each and links to the appropriate pages, not the main mozilla page?

          BTW, the "need help" page will send you to https://support.mozilla.org/en-US/products/thunderbird [mozilla.org] , which is on the mozilla support site. Google points to the page on the main site, which is https://www.mozilla.org/en-US/thunderbird/ [mozilla.org] and is different. I still don't know of a way to get there from the main page, other than using a search engine or appending "thunderbird" to the URL of the main page.

          • (Score: 2) by deimtee on Tuesday August 02 2016, @02:42AM

            by deimtee (3272) on Tuesday August 02 2016, @02:42AM (#382962) Journal

            I agree that the list of products should be the main page, and that their website is crap.
            But technically, requiring information is requiring "help". The reason I followed it was because I thought there might be a help topic about getting to the download links. :)

            Regarding your BTW, I'm not sure if it's different for me in Oz, but following the big green Download button I mentioned above takes you to the page you say you can't get to: https://www.mozilla.org/en-US/thunderbird/ [mozilla.org]

            --
            If you cough while drinking cheap red wine it really cleans out your sinuses.
            • (Score: 2) by KritonK on Tuesday August 02 2016, @06:18AM

              by KritonK (465) on Tuesday August 02 2016, @06:18AM (#383007)

              So it does. Heaven forfend that the "download" button would actually point to the download page!

              So, to summarize, to get to the main thunderbird page from the main mozilla page, you need to follow the "need help" link, select thunderbird, then follow the "download" link. Obvious squared!

  • (Score: 4, Insightful) by krishnoid on Saturday July 30 2016, @10:23PM

    by krishnoid (1156) on Saturday July 30 2016, @10:23PM (#382080)

    One discipline to describe them all,
    One search engine to find them,
    One pattern to enroll them all and in the darkness bind them.

    Works for me!

  • (Score: 2) by dyingtolive on Sunday July 31 2016, @03:40AM

    by dyingtolive (952) on Sunday July 31 2016, @03:40AM (#382155)

    I really liked the term "Privacy Zuckering" that was used on the site. I imagine I will find myself using that in the future quite extensively.

    --
    Don't blame me, I voted for moose wang!
  • (Score: 3, Insightful) by Azuma Hazuki on Sunday July 31 2016, @03:52AM

    by Azuma Hazuki (5086) on Sunday July 31 2016, @03:52AM (#382158) Journal

    So, so many of my elderly customers are getting hit with worse and worse because of this. The web's becoming a bloated, shit-filled cesspool of advertising and trickery; it's like Vegas but not actually any fun. What a tragedy.

    --
    I am "that girl" your mother warned you about...
    • (Score: 2, Insightful) by anubi on Sunday July 31 2016, @04:57AM

      by anubi (2828) on Sunday July 31 2016, @04:57AM (#382169) Journal

      One thing I see is that if any of your customers treated a business the way the business treated the customers, lawsuits would emerge.

      My distrust of business, because of things as described in this forum, is the primary reason that I usually terminate any interest when the business flourishes a pen and paper and says something like "We just need your John Hancock right here and we'll get started right away!".

      If the paper is a simple document saying "we will do this for this much money", that is one thing, but if that paper has lots of fine print on it, its a hook, and the sales pitch was bait. And I am fixing to get reeled in if I swallow it.

      I have also become finely tuned to pick out the words "up to", "helps pay for", "with qualifying purchase", "when bundled with", and other business-talk where the pitchman tells me right off that I am a fool if I actually follow up on his pitch. The "undefined variable" is the elephant in the room. The little headhock "plus shipping and handling" often doubles the advertised price of the item. Also, the phrase "just pay additional shipping and handling" is a sure tipoff you are really gonna run up a lot of charges.

      I have also become very sensitive to patches of text flashed on the TV screen - its a sure-fire admission I am gonna get an expensive surprise if I respond to the ad. Also the motormouth in the background is a giveaway to a risky business. I do not know what they said or flashed, but I am sure its something they were legally obligated to put up there and they definitely did not want me to see it.

      How would a business like it if I got my own motormouth in the background running... "all payments submitted subject to a transaction fee" and similar businesstalk when calling up their order number? I do not think business could survive in an environment where customers started doing this same kind of stuff that businesses do.

      Giving anyone my credit-card number is a big no-no until I have really considered very carefully who I am doing business with. Now, granted, most industrial stuff I have ordered has been on the up-and-up, but anything marketed by lots of ads is highly suspect.

      The use of JavaScript to create new and confusing browser behaviour is one of my reasons for running NoScript. The main reason is malware. However I find stuff like being able to overwrite the URL bar [stackoverflow.com] extremely disconcerting. Businesses have "hold harmless" clauses in their favor. I am the one who has to eat the risks of complying with their JavaScript.

      Every time I see some business website telling me to enable scripting, I feel almost like I am in the company of strangers, and they are telling me to close my eyes and open my mouth, and they will give me something... when I know full good and well things like roaches, cigarette butts, and occasionally rat poison have been placed in open mouths under similar circumstances. All hiding behind "hold harmless" because I was the fool that followed their instructions to close my eyes and open my mouth.

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
      • (Score: 2) by Azuma Hazuki on Sunday July 31 2016, @05:53AM

        by Azuma Hazuki (5086) on Sunday July 31 2016, @05:53AM (#382181) Journal

        You said it better than me. What happens to a society when legal and moral are looking more and more orthogonal like this? I'm about ready to go join an organic farming co-op somewhere and give it all up...

        --
        I am "that girl" your mother warned you about...
      • (Score: 0) by Anonymous Coward on Sunday July 31 2016, @07:20AM

        by Anonymous Coward on Sunday July 31 2016, @07:20AM (#382200)

        they are telling me to close my eyes and open my mouth, and they will give me something... when I know full good and well things like roaches, cigarette butts, and occasionally rat poison have been placed in open mouths under similar circumstances.

        Businessmen: Does your webmaster force your customers to close their eyes and open their mouths like this before you will do business with them?
         

  • (Score: 0) by Anonymous Coward on Sunday July 31 2016, @03:59AM

    by Anonymous Coward on Sunday July 31 2016, @03:59AM (#382161)

    So when was it counted as Microsoft using a dark pattern? Windows 10? Windows 1.0?

    • (Score: 0) by Anonymous Coward on Sunday July 31 2016, @01:40PM

      by Anonymous Coward on Sunday July 31 2016, @01:40PM (#382265)

      The most obvious recent example would be the close button on the windows 10 installer that installed it, instead of cancelling it.