Dark Patterns

Last week, in our April 5th episode of Bsquared Intel’s Weekly Roundup, we talked a little bit about Dark Patterns. We’re going to talk a little more about it in this article.

What are Dark Patterns

Dark Patterns are website designs that trick users into doing something.

This article from the National Law Review is a good resource for a deeper dive into Dark Patterns and legal issues around them.

Dark Patterns we’ve encountered

Firstly, in last week’s Weekly Roundup episode, we said we would share a little more on an alleged Dark Pattern we ran into when helping out a client.

What happened was, we went through the removal process of our client’s information on a people search engine site. At the time, there was a series of around 6-8 windows you had to click through before getting to the information removal function. There was a fake progress bar that only moved when you clicked the “Next” button, and then the “Next” button changed to a different button where it’s reasonable someone would have stopped right there; quitting before they got to the end to request that their information be removed. Did we also mention that each window had a 10 second countdown timer? This process took well over a minute because of the countdown timers where it should have taken only a handful of seconds.

Well, that process changed to something quick and simple. Perhaps it’s reporting from Brian Krebs that highlighted some of the lawsuits that might have forced this people search engine company to redesign their removal process.

Another one we ran into was talked about in our January 19th, 2024 episode of Bsquared Intel’s Weekly Roundup. In the episode we show you some vague cookie policies that also may fall into the Dark Patterns category. In this case, you might think you’re opting out of having data collected through the use of cookies, when in reality the vague language and unclear settings you choose may opt you in to data collection without you knowing. Watch the episode here to see this example.

Lastly, ages ago, we’d find some people search engine sites burying their information removal link deep in a lengthy privacy policy or Terms of Service. To make matters worse, they would hyperlink a small word, like “the,” that would be the information removal link. This is something anyone would easily miss and fall into the Dark Patterns category.

What can be done about Dark Patterns

Some State data privacy laws are attempting to fight back on Dark Patterns which you can read an archived article about it from law.com here.  Here’s the paywalled article too.

If your State has laws pertaining to Dark Patterns, you could file a complaint with your Attorney General.

With the FTC, if you encounter Dark Patterns, you might be able to use their reporting site, https://reportfraud.ftc.gov/#/assistant, to file a complaint. Your best bet for a choice is selecting the option “Something else,” for reporting purposes.

For businesses and devs, ensure that when you’re designing your web app, that you are adhering to best practices for User Interface (UI)/User Experience (UX) design to avoid Dark Patterns.

To learn more about our services and how we help, fill out the contact form below. Also subscribe to our cybersecurity/research newsletter to get news, tips, tricks, tools, and other important info in your inbox. Click to subscribe.