How tech companies use dark patterns to discourage us from
exercising our rights to privacy
“In this report, we analyze a sample of settings in Facebook, Google and
Windows 10, and show how default settings and dark patterns, techniques and
features of interface design meant to manipulate users, are used to nudge users
towards privacy intrusive options. The findings include privacy intrusive default
settings, misleading wording, giving users an illusion of control, hiding away
privacy-friendly choices, take-it-or-leave-it choices, and choice architectures
where choosing the privacy friendly option requires more effort for the users.
Facebook and Google have privacy intrusive defaults, where users who want
the privacy friendly option have to go through a significantly longer process.
They even obscure some of these settings so that the user cannot know that
the more privacy intrusive option was preselected.
The popups from Facebook, Google and Windows 10 have design, symbols and
wording that nudge users away from the privacy friendly choices. Choices are
worded to compel users to make certain choices, while key information is
omitted or downplayed. None of them lets the user freely postpone decisions.
Also, Facebook and Google threaten users with loss of functionality or deletion
of the user account if the user does not choose the privacy intrusive option.
The GDPR settings from Facebook, Google and Windows 10 provide users with
granular choices regarding the collection and use of personal data. At the same
time, we find that the service providers employ numerous tactics in order to
nudge or push consumers toward sharing as much data as possible”.