Senate Bill Bans 'Dark Patterns' Trickery in Social Media Data Collection

Senate Bill Bans ‘Dark Patterns’ Trickery in Social Media Data Collection

Written by Pam Baker
April 12, 2019

Some call it dark patterns; others say Privacy Zuckering. By any name, legislators want it to stop.

This week, a new bipartisan bill was introduced in the U.S. Senate that bans large social networks from using deceptive user interfaces. Also known as “dark patterns,” these user interfaces are designed to trick users into relinquishing their personal data or consenting to data abuses. The new Deceptive Experiences To Online Users Reduction (DETOUR) Act will apply to all internet tech companies with over 100 million users.

Sen. Mark Warner

“For years, social media platforms have been relying on all sorts of tricks and tools to convince users to hand over their personal data without really understanding what they are consenting to. Some of the most nefarious strategies rely on ‘dark patterns’ — deceptive interfaces and default settings, drawing on tricks of behavioral psychology, designed to undermine user autonomy and push consumers into doing things they wouldn’t otherwise do, like hand over all of their personal data to be exploited for commercial purposes,” said U.S. Sen. Mark Warner (D-Va.), a former technology executive who is vice chairman of the Senate Select Committee on Intelligence.

“Our goal is simple: to instill a little transparency in what remains a very opaque market and ensure that consumers are able to make more informed choices about how and when to share their personal information,” added Warner, who is a co-sponsor of the bill.

This specific form of dark patterns is often also referred to as “Privacy Zuckering,” in a public shaming of founder and CEO Mark Zuckerberg after several Facebook data abuse scandals came to light. Examples are easily found in headlines like this one that screams “Facebook engages in ‘privacy zuckering’ to get user consent for facial recognition” in VentureBeat.

But there are actually several types of dark patterns — and none of them are good. They include bait and switch, guilting users into agreeing to something (called confirmshaming), ads disguised as reputable content, forced service continuance after a free trial, tricking you into sharing your contacts so they can spam your friends, hidden costs, misdirection, price comparison lockouts, trick questions, blocked exits (no way to stop a subscription) and sneaky sales cart add-ons.

Sen. Deb Fischer

“Any privacy policy involving consent is weakened by the presence of dark patterns,” said Sen. Deb Fischer (R-Neb.), a member of the Senate Commerce Committee and the other co-sponsor of the bill. “These manipulative user interfaces intentionally limit understanding and undermine consumer choice. Misleading prompts to just click the ‘OK’ button can often transfer your contacts, messages, browsing activity, photos, or location information without you even realizing it. Our bipartisan legislation seeks to curb the use of these dishonest interfaces and increase trust online.”

Supporters point to widespread trickery such as dark patterns, as well as data abuses by social media platforms themselves, by game and test companies disguised as entertainment on social media and by criminals who use social media info in phishing schemes as reason for a series of legislation meant to protect consumers.

Detractors are concerned that legislation may make things worse.

Comparitech’s Paul Bischoff

“It would be great if all websites adhered to the standards put forth in the DETOUR bill, but as we’ve seen in the past, regulations on the web are difficult to enforce,” said Paul Bischoff, privacy advocate with Comparitech.com. “As a result, these sorts of regulations often end up becoming a burden for law-abiding websites, while those that choose to ignore them gain a competitive advantage with little consequence. We saw this play out with the EU’s ePrivacy Directive that required European website get consent for cookies. On top of that, the law won’t affect websites that operate from other countries, either.”

“Before lawmakers push this bill forward, they need to think very carefully about enforcement and penalties, and whether or not it’s actually feasible or if this is just a symbolic gesture that will place undue burden on businesses. It’s also important to be as specific as possible, so that the law is not misinterpreted. Wording like ‘a deliberate obscuring of alternative choices or settings through design,’ for example, is far too vague,” Bischoff added.

While such concerns are likely valid, the problem legislators are trying to resolve is …